Package: tiff Version: 4.0.2-6 Severity: serious Tags: security Control: forwarded -1 http://bugzilla.maptools.org/show_bug.cgi?id=2564
Hi, the following vulnerabilities were published for tiff. CVE-2015-7554[0]: | The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows | attackers to cause a denial of service (invalid memory write and | crash) or possibly have unspecified other impact via crafted field | data in an extension tag in a TIFF image. CVE-2016-5318[1]: libtiff: stack buffer overflow in _TIFFVGetField function If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-7554 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7554 [1] https://security-tracker.debian.org/tracker/CVE-2016-5318 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318 Please adjust the affected versions in the BTS as needed. I believe both CVE are about the same (underlying) issue and I tried to initiate a discussion with upstream in https://bugzilla.maptools.org/show_bug.cgi?id=2564 but he didn't gave any feedback yet. As part of my LTS work, I will try to write a mitigation patch that would decline to process the 1-argument fields as 2-arguments fields. If you have better idea, I'm interested. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
