[3.9] tiff: Multiple vulnerabilities (CVE-2018-10779, CVE-2018-17100, CVE-2018-17101)
CVE-2018-10779: Heap Buffer Overflow in TIFFWriteScanline of tif_write.c
References:
http://bugzilla.maptools.org/show\_bug.cgi?id=2788
https://nvd.nist.gov/vuln/detail/CVE-2018-10779
Patch:
https://gitlab.com/libtiff/libtiff/commit/981e43ecae83935625c86c9118c0778c942c7048
CVE-2018-17100: An issue was discovered in LibTIFF 4.0.9. There is a
int32 overflow in multiply_ms in tools/ppm2tiff.c,
which can cause a denial of service (crash) or possibly have unspecified
other impact via a crafted image file.
References:
http://bugzilla.maptools.org/show\_bug.cgi?id=2810
Patch:
CVE-2018-17101: An issue was discovered in LibTIFF 4.0.9. There are
two out-of-bounds writes in cpTags in tools/tiff2bw.c and
tools/pal2rgb.c,
which can cause a denial of service (application crash) or possibly have
unspecified other impact via a crafted image file.
References:
http://bugzilla.maptools.org/show\_bug.cgi?id=2807
Patch:
(from redmine: issue id 9583, created on 2018-10-25, closed on 2018-11-08)
- Relations:
- parent #9582 (closed)
- Changesets:
- Revision fb2c4a5a on 2018-11-06T15:33:55Z:
main/tiff: security fixes
(CVE-2018-10779, CVE-2018-17100, CVE-2018-17101)
Fixes #9583