Univention Bugzilla – Full Text Bug Listing |
Summary: | tiff: Multiple issues (3.2) | ||
---|---|---|---|
Product: | UCS | Reporter: | Moritz Muehlenhoff <jmm> |
Component: | Security updates | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Daniel Tröder <troeder> |
Severity: | normal | ||
Priority: | P3 | CC: | gohmann, requate |
Version: | UCS 3.0 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 3.2-8-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | 33831 | ||
Bug Blocks: |
Description
Moritz Muehlenhoff
2014-01-02 12:59:42 CET
Buffer overflow in bmp2tiff (CVE-2014-9330) Multiple out of bound reads in processing TIFF files (CVE-2014-8127) Multiple out of bound writes in processing TIFF files (CVE-2014-8128) Multiple out of bound reads/writes in processing TIFF files (CVE-2014-8129) Multiple NULL pointer dereferences in processing TIFF files (CVE-2014-8130) Denial of service by accessing uninitialised memory (CVE-2015-1547, CVE-2014-9655) Fixed in 3.9.4-5+squeeze12: * Buffer overflow in gif2tiff (CVE-2013-4243) * Buffer overflow in bmp2tiff (CVE-2014-9330) * Multiple out of bound reads in processing TIFF files (CVE-2014-8127) * Multiple out of bound writes in processing TIFF files (CVE-2014-8128) * Multiple out of bound reads/writes in processing TIFF files (CVE-2014-8129) * Denial of service by accessing uninitialised memory (CVE-2014-9655) No fix yet for: * uninitialized memory in NeXTDecode (CVE-2015-1547) [patch available] * Denial of service by accessing uninitialised memory/divide by zero (CVE-2014-8130) [marked as unimportant in Debian] * Out-of-bounds Read (CVE-2015-8665) * Out-of-bounds read in CIE Lab image format (CVE-2015-8683) Fixed in 3.9.4-5+squeeze13: * Out-of-bounds Read (CVE-2015-8665) * Out-of-bounds read in CIE Lab image format (CVE-2015-8683) CVE-2015-1547 may also be fixed by the patch for CVE-2014-9655, see Debian security tracker. Fixed in 3.9.4-5+squeeze14: * an out of bounds write in tif_luv.c (CVE-2015-8781) * other out-of-bounds writes (CVE-2015-8782) * other out-of-bounds reads (CVE-2015-8783) * potential out-of-bound write in NeXTDecode (CVE-2015-8784) 3.9.4-5+squeeze14 imported and built with fixed buildsystem version increment. Advisory: tiff.yaml OK: advisory OK: manual functional test: # univention-install libtiff-tools caca-utils # gif2tiff -c lzw /usr/share/apache2/icons/small/rainbow.gif /tmp/rainbow.tiff # cacaview /usr/share/apache2/icons/small/rainbow.gif /tmp/rainbow.tiff |