libtiff-4.0.9-33.el8_10

エラータID: AXSA:2024-8966:06

Release date: 
Thursday, November 7, 2024 - 18:35
Subject: 
libtiff-4.0.9-33.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* libtiff: NULL pointer dereference in tif_dirinfo.c (CVE-2024-7006)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-7006
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

Solution: 

Update packages.

CVEs: 
CVE-2024-7006
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.
Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-4.0.9-33.el8_10.src.rpm
    MD5: 3b147915acd6ba4fa128abed5d656038
    SHA-256: 5b7648b29f6fe7a128edc245b03fc4ae400b51f7645588f0dec2745195df198b
    Size: 2.28 MB

Asianux Server 8 for x86_64
  1. libtiff-4.0.9-33.el8_10.i686.rpm
    MD5: 7feee3d5304f6bc2074aafacf16be8e3
    SHA-256: d4b64b56b4d14bd00b27f8ef3fc9b792cbcce7a8df1f884e252ba50267ccb1e2
    Size: 203.86 kB
  2. libtiff-4.0.9-33.el8_10.x86_64.rpm
    MD5: d1bbf236328545e3c8c7d467f4f5f2ed
    SHA-256: 4eaaf45cf146f20163abe0207e6c3f489cb263ffb3297eb7c639872595280994
    Size: 189.26 kB
  3. libtiff-devel-4.0.9-33.el8_10.i686.rpm
    MD5: 6f86368414871776b610037abbc18734
    SHA-256: 4c09d5752e0836d31dc1a32cf290014d0d924835ade85a97c661137a24c29e88
    Size: 511.87 kB
  4. libtiff-devel-4.0.9-33.el8_10.x86_64.rpm
    MD5: b2d619bdad8329e49b142cc4e666cb57
    SHA-256: 2e33d20ecd73484e6b4b62f05ad09ea0213d5eacc255feff6b388e2eb994deca
    Size: 511.86 kB
  5. libtiff-tools-4.0.9-33.el8_10.x86_64.rpm
    MD5: eb051634e8e9d7c39d48d6df11044ea0
    SHA-256: de6acb043c50da72de8f2fa447637cdf06e02bc2c92d0c7890060e6d138915c4
    Size: 255.29 kB