Security update for tiff SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:2271-1 Final 1 1 2016-09-09T07:01:46Z current 2016-09-09T07:01:46Z 2016-09-09T07:01:46Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tiff This update for tiff fixes the following issues: * CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images (bsc#964225) * CVE-2016-3186: Buffer overflow in gif2tiff (bnc#973340). * CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat (bsc#987351) * CVE-2016-5316: Out-of-bounds read in PixarLogCleanup() function in tif_pixarlog.c (bsc#984837) * CVE-2016-5314: Out-of-bounds write in PixarLogDecode() function (bsc#984831) * CVE-2016-5317: Out-of-bounds write in PixarLogDecode() function in libtiff.so (bsc#984842) * CVE-2016-5320: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c (bsc#984808) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-SP1-2016-1330,SUSE-SLE-SDK-12-SP1-2016-1330,SUSE-SLE-SERVER-12-SP1-2016-1330 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ Link for SUSE-SU-2016:2271-1 https://lists.suse.com/pipermail/sle-security-updates/2016-September/002264.html E-Mail link for SUSE-SU-2016:2271-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/964225 SUSE Bug 964225 https://bugzilla.suse.com/973340 SUSE Bug 973340 https://bugzilla.suse.com/984808 SUSE Bug 984808 https://bugzilla.suse.com/984831 SUSE Bug 984831 https://bugzilla.suse.com/984837 SUSE Bug 984837 https://bugzilla.suse.com/984842 SUSE Bug 984842 https://bugzilla.suse.com/987351 SUSE Bug 987351 https://www.suse.com/security/cve/CVE-2015-8781/ SUSE CVE CVE-2015-8781 page https://www.suse.com/security/cve/CVE-2015-8782/ SUSE CVE CVE-2015-8782 page https://www.suse.com/security/cve/CVE-2015-8783/ SUSE CVE CVE-2015-8783 page https://www.suse.com/security/cve/CVE-2016-3186/ SUSE CVE CVE-2016-3186 page https://www.suse.com/security/cve/CVE-2016-5314/ SUSE CVE CVE-2016-5314 page https://www.suse.com/security/cve/CVE-2016-5316/ SUSE CVE CVE-2016-5316 page https://www.suse.com/security/cve/CVE-2016-5317/ SUSE CVE CVE-2016-5317 page https://www.suse.com/security/cve/CVE-2016-5320/ SUSE CVE CVE-2016-5320 page https://www.suse.com/security/cve/CVE-2016-5875/ SUSE CVE CVE-2016-5875 page SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 libtiff5-4.0.6-26.3 libtiff5-32bit-4.0.6-26.3 libtiff-devel-4.0.6-26.3 tiff-4.0.6-26.3 libtiff5-4.0.6-26.3 as a component of SUSE Linux Enterprise Desktop 12 SP1 libtiff5-32bit-4.0.6-26.3 as a component of SUSE Linux Enterprise Desktop 12 SP1 libtiff5-4.0.6-26.3 as a component of SUSE Linux Enterprise Server 12 SP1 libtiff5-32bit-4.0.6-26.3 as a component of SUSE Linux Enterprise Server 12 SP1 tiff-4.0.6-26.3 as a component of SUSE Linux Enterprise Server 12 SP1 libtiff5-4.0.6-26.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 libtiff5-32bit-4.0.6-26.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 tiff-4.0.6-26.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 libtiff-devel-4.0.6-26.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782. CVE-2015-8781 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2015-8781.html CVE-2015-8781 https://bugzilla.suse.com/964213 SUSE Bug 964213 https://bugzilla.suse.com/964225 SUSE Bug 964225 tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781. CVE-2015-8782 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2015-8782.html CVE-2015-8782 https://bugzilla.suse.com/964213 SUSE Bug 964213 https://bugzilla.suse.com/964225 SUSE Bug 964225 tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image. CVE-2015-8783 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2015-8783.html CVE-2015-8783 https://bugzilla.suse.com/964213 SUSE Bug 964213 https://bugzilla.suse.com/964225 SUSE Bug 964225 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. CVE-2016-3186 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2016-3186.html CVE-2016-3186 https://bugzilla.suse.com/973340 SUSE Bug 973340 https://bugzilla.suse.com/983268 SUSE Bug 983268 Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. CVE-2016-5314 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2016-5314.html CVE-2016-5314 https://bugzilla.suse.com/984831 SUSE Bug 984831 https://bugzilla.suse.com/987351 SUSE Bug 987351 Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. CVE-2016-5316 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2016-5316.html CVE-2016-5316 https://bugzilla.suse.com/984837 SUSE Bug 984837 Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. CVE-2016-5317 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2016-5317.html CVE-2016-5317 https://bugzilla.suse.com/984842 SUSE Bug 984842 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2016-5320 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2016-5320.html CVE-2016-5320 https://bugzilla.suse.com/1007284 SUSE Bug 1007284 https://bugzilla.suse.com/984808 SUSE Bug 984808 https://bugzilla.suse.com/987351 SUSE Bug 987351 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2016-5875 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.6-26.3 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.6-26.3 SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.6-26.3 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1/ https://www.suse.com/security/cve/CVE-2016-5875.html CVE-2016-5875 https://bugzilla.suse.com/1007284 SUSE Bug 1007284 https://bugzilla.suse.com/984809 SUSE Bug 984809 https://bugzilla.suse.com/984831 SUSE Bug 984831 https://bugzilla.suse.com/987351 SUSE Bug 987351