[3.8] tiff: uncontrolled resource consumption in TIFFSetDirectory function in tif_dir.c (CVE-2018-5784)
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the
TIFFSetDirectory function of tif_dir.c. Remote attackers could
this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not
validated against the actual number of directory entries.
(from redmine: issue id 8706, created on 2018-03-22, closed on 2018-04-03)
- Revision 332be619 on 2018-04-02T10:23:45Z:
main/tiff: fix CVE-2018-5784 fixes #8706