FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tiff -- buffer overflow

Affected packages
tiff < 4.0.6_2
linux-c6-tiff < 3.9.4_2
* <= linux-f10-tiff

Details

VuXML ID 0ab66088-4aa5-11e6-a7bd-14dae9d210b8
Discovery 2016-06-28
Entry 2016-07-15
Modified 2016-09-06

Mathias Svensson reports:

potential buffer write overrun in PixarLogDecode() on corrupted/unexpected images

References

CVE Name CVE-2016-5314
CVE Name CVE-2016-5320
CVE Name CVE-2016-5875
URL https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2