SUSE-SU-2023:4370-1 -- SLES tiff, libtiff-devel, libtiff5| ID: oval:org.secpod.oval:def:89051068 | Date: (C)2023-11-23 (M)2024-05-23 |
| Class: PATCH | Family: unix |
This update for tiff fixes the following issues: * CVE-2023-38289: Fixed a NULL pointer dereference in raw2tiff . * CVE-2023-38288: Fixed an integer overflow in raw2tiff . * CVE-2023-3576: Fixed a memory leak in tiffcrop . * CVE-2020-18768: Fixed an out of bounds read in tiffcp . * CVE-2023-26966: Fixed an out of bounds read when transforming a little- endian file to a big-endian output * CVE-2023-3618: Fixed a NULL pointer dereference while encoding FAX3 files . * CVE-2023-2908: Fixed an undefined behavior issue when doing pointer arithmetic on a NULL pointer . * CVE-2023-3316: Fixed a NULL pointer dereference while opening a file in an inaccessible path . * CVE-2023-25433: Fixed a buffer overflow in tiffcrop .
| Platform: |
| SUSE Linux Enterprise Desktop 15 SP4 |
| SUSE Linux Enterprise Desktop 15 SP5 |
| SUSE Linux Enterprise Server 15 SP4 |
| SUSE Linux Enterprise Server 15 SP5 |
| Product: |
| tiff |
| libtiff-devel |
| libtiff5 |
