libtiff-4.0.9-17.el8
エラータID: AXSA:2020-290:01
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.
Security Fix(es):
* libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c (CVE-2019-14973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 8.2 Release Notes linked from the References section.
CVE-2019-14973
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
Update packages.
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
N/A
SRPMS
- libtiff-4.0.9-17.el8.src.rpm
MD5: 8c785f87a0f588c44ba8778e87137259
SHA-256: bd1ce488fd21428580c6133d3784d507e3f1025cc0b6063ed7290aed8aba6ef0
Size: 2.24 MB
Asianux Server 8 for x86_64
- libtiff-4.0.9-17.el8.x86_64.rpm
MD5: 0ce934a657ede594f5d42ca21e33d328
SHA-256: 4ada9f2d64c2aa6f4eed6fa2a3897c84be47351309c854a8a244bbfe0929d69d
Size: 187.26 kB - libtiff-devel-4.0.9-17.el8.x86_64.rpm
MD5: d6f36fa57712ef3220563c7eaa5d5b09
SHA-256: 6d818f31585824a9a2f85a85a377f0a5c46201ee988455a8e4699dac535c99ae
Size: 509.82 kB - libtiff-4.0.9-17.el8.i686.rpm
MD5: d82c45568bd90c53a810f71353513933
SHA-256: 626df52d8e25e632d8352ef4de38072d0184a41ae254454b1a42f520025167b4
Size: 201.72 kB - libtiff-devel-4.0.9-17.el8.i686.rpm
MD5: 62319d080eb28de7c682d7717c5bcc09
SHA-256: da23d774c34e167db7cffa4f6a9e64f2a0ed51f35743e178c8717a938f1e9281
Size: 509.83 kB
日本語