libtiff-4.0.9-32.el8_10

エラータID: AXSA:2024-8648:03

Release date: 
Friday, August 9, 2024 - 15:24
Subject: 
libtiff-4.0.9-32.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tif_dirread.c (CVE-2018-15209)
* libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c (CVE-2023-25433)
* libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c (CVE-2023-6228)
* libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service (CVE-2023-52356)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2018-15209
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.
CVE-2023-25433
libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.
CVE-2023-52356
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
CVE-2023-6228
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.

Solution: 

Update packages.

CVEs: 
CVE-2018-15209
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.
CVE-2023-25433
libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.
CVE-2023-52356
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
CVE-2023-6228
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.
Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-4.0.9-32.el8_10.src.rpm
    MD5: 16817433f5dce4b81a82d5a287ed9cf8
    SHA-256: cd664c789e529ad1ab40dbc497d4d06e0696c54c56bd389a94c6daaa2d078f5e
    Size: 2.28 MB

Asianux Server 8 for x86_64
  1. libtiff-4.0.9-32.el8_10.i686.rpm
    MD5: 8d97fa49382552894f0157885dc2232d
    SHA-256: 59dd2416f2ce06c06f8fd202c573186c9091eb3c999f4269cb4a840405c7c863
    Size: 203.86 kB
  2. libtiff-4.0.9-32.el8_10.x86_64.rpm
    MD5: 8651d227011bfba91fb7aede9e704c48
    SHA-256: 34c34e91cf12eccbc2af5b11878c8fff59221b9c73218244c4be21306dda4e88
    Size: 189.07 kB
  3. libtiff-devel-4.0.9-32.el8_10.i686.rpm
    MD5: 132d93d8d7315b8bec4c6fe43b4d55ec
    SHA-256: 48feb4be92ff4d504738cb284a2168170c1e4d3028ac8af7c087b4e8911c543d
    Size: 511.75 kB
  4. libtiff-devel-4.0.9-32.el8_10.x86_64.rpm
    MD5: 7e454a3469c0991357cdbdf8c7b5b852
    SHA-256: 64019ea8de7a571e9a0e8f7c1acdad1226336cacc71c4fb424c9b5ccebc78e55
    Size: 511.74 kB
  5. libtiff-tools-4.0.9-32.el8_10.x86_64.rpm
    MD5: f2840b002fc3aedb0c9f669fff0b468f
    SHA-256: 40fd2860ad68d4422b85ece496843075ee80d21528e163720738c7a744bd9e7b
    Size: 255.20 kB