Package : tiff Version : 4.0.2-6+deb7u8 CVE ID : CVE-2016-9273 CVE-2016-9297 CVE-2016-9532 Debian Bug : 844013 844226 844057 Multiple memory corruption issues have been identified in libtiff and its associated tools. CVE-2016-9273 Heap buffer overflow in cpStrips(). CVE-2016-9297 Read outside buffer in _TIFFPrintField(). CVE-2016-9532 Heap buffer overflow via writeBufferToSeparateStrips(). For Debian 7 "Wheezy", these problems have been fixed in version 4.0.2-6+deb7u8. We recommend that you upgrade your tiff packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: PGP signature