Security update for tiff SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1161-1 Final 1 1 2019-04-05T10:07:12Z current 2019-04-05T10:07:12Z 2019-04-05T10:07:12Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tiff This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed a NULL pointer dereference in TIFFWriteDirectorySec function (bsc#1115717). - CVE-2018-17000: Fixed a NULL pointer dereference in the _TIFFmemcmp function (bsc#1108606). - CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626). - CVE-2019-7663: Fixed an invalid address dereference in the TIFFWriteDirectoryTagTransfer function in libtiff/tif_dirwrite.c (bsc#1125113) This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1161 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA/#2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA E-Mail link for openSUSE-SU-2019:1161-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1108606 SUSE Bug 1108606 https://bugzilla.suse.com/1115717 SUSE Bug 1115717 https://bugzilla.suse.com/1121626 SUSE Bug 1121626 https://bugzilla.suse.com/1125113 SUSE Bug 1125113 https://www.suse.com/security/cve/CVE-2018-17000/ SUSE CVE CVE-2018-17000 page https://www.suse.com/security/cve/CVE-2018-19210/ SUSE CVE CVE-2018-19210 page https://www.suse.com/security/cve/CVE-2019-6128/ SUSE CVE CVE-2019-6128 page https://www.suse.com/security/cve/CVE-2019-7663/ SUSE CVE CVE-2019-7663 page openSUSE Leap 15.0 libtiff-devel-4.0.9-lp150.4.16.1 libtiff-devel-32bit-4.0.9-lp150.4.16.1 libtiff5-4.0.9-lp150.4.16.1 libtiff5-32bit-4.0.9-lp150.4.16.1 tiff-4.0.9-lp150.4.16.1 libtiff-devel-4.0.9-lp150.4.16.1 as a component of openSUSE Leap 15.0 libtiff-devel-32bit-4.0.9-lp150.4.16.1 as a component of openSUSE Leap 15.0 libtiff5-4.0.9-lp150.4.16.1 as a component of openSUSE Leap 15.0 libtiff5-32bit-4.0.9-lp150.4.16.1 as a component of openSUSE Leap 15.0 tiff-4.0.9-lp150.4.16.1 as a component of openSUSE Leap 15.0 A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. CVE-2018-17000 openSUSE Leap 15.0:libtiff-devel-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff-devel-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:tiff-4.0.9-lp150.4.16.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA/#2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA https://www.suse.com/security/cve/CVE-2018-17000.html CVE-2018-17000 https://bugzilla.suse.com/1108606 SUSE Bug 1108606 https://bugzilla.suse.com/1115717 SUSE Bug 1115717 https://bugzilla.suse.com/1125113 SUSE Bug 1125113 In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. CVE-2018-19210 openSUSE Leap 15.0:libtiff-devel-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff-devel-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:tiff-4.0.9-lp150.4.16.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA/#2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA https://www.suse.com/security/cve/CVE-2018-19210.html CVE-2018-19210 https://bugzilla.suse.com/1108606 SUSE Bug 1108606 https://bugzilla.suse.com/1115717 SUSE Bug 1115717 The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. CVE-2019-6128 openSUSE Leap 15.0:libtiff-devel-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff-devel-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:tiff-4.0.9-lp150.4.16.1 low 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA/#2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA https://www.suse.com/security/cve/CVE-2019-6128.html CVE-2019-6128 https://bugzilla.suse.com/1121626 SUSE Bug 1121626 https://bugzilla.suse.com/1153715 SUSE Bug 1153715 An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900. CVE-2019-7663 openSUSE Leap 15.0:libtiff-devel-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff-devel-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-32bit-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:libtiff5-4.0.9-lp150.4.16.1 openSUSE Leap 15.0:tiff-4.0.9-lp150.4.16.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA/#2YLOUMN2VASBYA7TXQPDTKRLXQPJGGKA https://www.suse.com/security/cve/CVE-2019-7663.html CVE-2019-7663 https://bugzilla.suse.com/1125113 SUSE Bug 1125113