Security update for tiff SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:4191-1 Final 1 1 2018-12-19T13:17:26Z current 2018-12-19T13:17:26Z 2018-12-19T13:17:26Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tiff This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function (bsc#1115717). - CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function (bsc#1054594). - CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693). - CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693). - CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693). - CVE-2016-6223: Fixed out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() (bsc#990460). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-SP3-2018-2991,SUSE-SLE-DESKTOP-12-SP4-2018-2991,SUSE-SLE-SDK-12-SP3-2018-2991,SUSE-SLE-SDK-12-SP4-2018-2991,SUSE-SLE-SERVER-12-SP3-2018-2991,SUSE-SLE-SERVER-12-SP4-2018-2991 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20184191-1/ Link for SUSE-SU-2018:4191-1 https://lists.suse.com/pipermail/sle-security-updates/2018-December/004984.html E-Mail link for SUSE-SU-2018:4191-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1017693 SUSE Bug 1017693 https://bugzilla.suse.com/1054594 SUSE Bug 1054594 https://bugzilla.suse.com/1115717 SUSE Bug 1115717 https://bugzilla.suse.com/990460 SUSE Bug 990460 https://www.suse.com/security/cve/CVE-2016-10092/ SUSE CVE CVE-2016-10092 page https://www.suse.com/security/cve/CVE-2016-10093/ SUSE CVE CVE-2016-10093 page https://www.suse.com/security/cve/CVE-2016-10094/ SUSE CVE CVE-2016-10094 page https://www.suse.com/security/cve/CVE-2016-6223/ SUSE CVE CVE-2016-6223 page https://www.suse.com/security/cve/CVE-2017-12944/ SUSE CVE CVE-2017-12944 page https://www.suse.com/security/cve/CVE-2018-19210/ SUSE CVE CVE-2018-19210 page SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 libtiff5-4.0.9-44.30.1 libtiff5-32bit-4.0.9-44.30.1 libtiff-devel-4.0.9-44.30.1 tiff-4.0.9-44.30.1 libtiff5-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libtiff5-32bit-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libtiff5-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libtiff5-32bit-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libtiff5-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server 12 SP3 libtiff5-32bit-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server 12 SP3 tiff-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server 12 SP3 libtiff5-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server 12 SP4 libtiff5-32bit-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server 12 SP4 tiff-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server 12 SP4 libtiff5-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libtiff5-32bit-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 tiff-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libtiff5-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libtiff5-32bit-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 tiff-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libtiff-devel-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libtiff-devel-4.0.9-44.30.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP4 Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image. CVE-2016-10092 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP4:libtiff-devel-4.0.9-44.30.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20184191-1/ https://www.suse.com/security/cve/CVE-2016-10092.html CVE-2016-10092 https://bugzilla.suse.com/1017693 SUSE Bug 1017693 https://bugzilla.suse.com/1122679 SUSE Bug 1122679 Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow. CVE-2016-10093 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP4:libtiff-devel-4.0.9-44.30.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20184191-1/ https://www.suse.com/security/cve/CVE-2016-10093.html CVE-2016-10093 https://bugzilla.suse.com/1017693 SUSE Bug 1017693 https://bugzilla.suse.com/1122679 SUSE Bug 1122679 Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. CVE-2016-10094 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP4:libtiff-devel-4.0.9-44.30.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20184191-1/ https://www.suse.com/security/cve/CVE-2016-10094.html CVE-2016-10094 https://bugzilla.suse.com/1017693 SUSE Bug 1017693 https://bugzilla.suse.com/1122679 SUSE Bug 1122679 The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer. CVE-2016-6223 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP4:libtiff-devel-4.0.9-44.30.1 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20184191-1/ https://www.suse.com/security/cve/CVE-2016-6223.html CVE-2016-6223 https://bugzilla.suse.com/990460 SUSE Bug 990460 The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. CVE-2017-12944 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP4:libtiff-devel-4.0.9-44.30.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20184191-1/ https://www.suse.com/security/cve/CVE-2017-12944.html CVE-2017-12944 https://bugzilla.suse.com/1003874 SUSE Bug 1003874 https://bugzilla.suse.com/1054594 SUSE Bug 1054594 In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. CVE-2018-19210 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Desktop 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-32bit-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libtiff5-4.0.9-44.30.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:tiff-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.30.1 SUSE Linux Enterprise Software Development Kit 12 SP4:libtiff-devel-4.0.9-44.30.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20184191-1/ https://www.suse.com/security/cve/CVE-2018-19210.html CVE-2018-19210 https://bugzilla.suse.com/1108606 SUSE Bug 1108606 https://bugzilla.suse.com/1115717 SUSE Bug 1115717