[3.7] Tiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() (CVE-2017-18013)
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the
tif_print.c
TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.
References:
http://bugzilla.maptools.org/show\_bug.cgi?id=2770
https://nvd.nist.gov/vuln/detail/CVE-2017-18013
Patch:
https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01
(from redmine: issue id 8461, created on 2018-02-01, closed on 2018-02-17)
- Relations:
- parent #8458 (closed)
- Changesets:
- Revision 0ee7d7a3 on 2018-02-08T08:51:28Z:
main/tiff: security fix CVE-2017-18013
Fixes #8461