[SECURITY] [DLA 1347-1] tiff3 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1347-1] tiff3 security update
From: Hugo Lefeuvre <hle@debian.org>
Date: Sun, 15 Apr 2018 22:36:28 -0400
Message-id: <[🔎] 20180416023628.GA5932@hle-laptop.local>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tiff3
Version        : 3.9.6-11+deb7u10
CVE ID         : CVE-2018-7456
Debian Bug     : 891288 

A NULL Pointer Dereference was discovered in the TIFFPrintDirectory
function (tif_print.c) when using the tiffinfo tool to print crafted
TIFF information. This vulnerability could be leveraged by remote
attackers to cause a crash of the application.

For Debian 7 "Wheezy", these problems have been fixed in version
3.9.6-11+deb7u10.

We recommend that you upgrade your tiff3 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEE5LpPtQuYJzvmooL3LVy48vb3khkFAlrUC9cACgkQLVy48vb3
khkpqQf/T8mlN9ec5Gx0EmkS9RCC/06VJ7t4GzptVRjuNKnuPCNXgb4Zw7ZxNzoi
sSfcJ4GMoy+Ytwe5CCF6FdbQ+WFGMLUjm5ywBOHzkZ6Si/1jSKpyWHAIqnn9e/41
+JYLm1hoC1fHh/zro1kIdPOsUJD4fnKsTo+EV30vwij0wiF5te+ByOghLCK2V13R
rxc+w8OWTtCKeSzcjtlC5zDHXLIFHMZGg2v6041ETB7vbYSaWAOj2XCKMhbN8kHz
PLy56vtiS54jTYfyC51nVNi39c2LfUTcoMi6usnJn44eauMAoKJz6iDEeW5CnxER
85mfKtUy/RwV9F2L/RtNWqHlQCjHdQ==
=j1X4
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1346-1] tiff security update
Next by Date: [SECURITY] [DLA 1344-1] squirrelmail security update
Previous by thread: [SECURITY] [DLA 1346-1] tiff security update
Next by thread: [SECURITY] [DLA 1344-1] squirrelmail security update
Index(es):
- Date
- Thread