[3.7] tiff: uncontrolled resource consumption in TIFFSetDirectory function in tif_dir.c (CVE-2018-5784)
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the
TIFFSetDirectory function of tif_dir.c. Remote attackers could
this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not
validated against the actual number of directory entries.
(from redmine: issue id 8707, created on 2018-03-22, closed on 2018-04-03)
- Revision d44bbad6 on 2018-04-02T10:28:16Z:
main/tiff: fix CVE-2018-5784 fixes #8707