RHSA-2022:7585-01 -- Redhat libtiffID: oval:org.secpod.oval:def:507283 | Date: (C)2022-11-23 (M)2023-12-26 |
Class: PATCH | Family: unix |
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: Denial of Service via crafted TIFF file * libtiff: Null source pointer lead to Denial of Service via crafted TIFF file * libtiff: reachable assertion * libtiff: Out-of-bounds Read error in tiffcp * libtiff: stack-buffer-overflow in tiffcp.c in main * libtiff: out-of-bounds read in _TIFFmemcpy in tif_unix.c * libtiff: heap buffer overflow in extractImageSection * tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag in tif_dirread.c * tiff: Divide By Zero error in tiffcrop For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |