MGASA-2018-0426

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0426.html

Import Source

https://advisories.mageia.org/MGASA-2018-0426.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2018-0426

Related

Published

2018-10-30T18:01:43Z

Modified

2018-10-30T17:35:19Z

Summary

Updated libtiff packages fix security vulnerabilities

Details

The updated packages fix security vulnerabilities:

An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file (CVE-2018-17100).

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file (CVE-2018-17101).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2018-0426

Affected packages