libtiff-4.0.3-35.0.3.el7.AXS7
エラータID: AXSA:2025-10907:02
The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) image format files. TIFF is a widely
used file format for bitmapped images. TIFF files usually end in the
.tif extension and they are often quite large.
The libtiff package should be installed if you need to manipulate TIFF
format image files.
Security Fix(es):
* CVE-2017-9117: add checks for all BMP reading operations to avoid buffer
overflow
CVE(s):
CVE-2017-9117
In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).
Update packages.
In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).
N/A
Asianux Server 7 for x86_64
- libtiff-4.0.3-35.0.3.el7.AXS7.i686.rpm
MD5: 3da9ecb5ac342abdd6afb4c4ea4d42a0
SHA-256: a5a28a912e2d242c35095b4dc1aace64f3301997a9dc85d9e7c63224dbb1a808
Size: 176.14 kB - libtiff-4.0.3-35.0.3.el7.AXS7.x86_64.rpm
MD5: 684871a78928b2604b41cbc80fa20ec5
SHA-256: 043170952df85347a2d853fd96132305fd97affc5c550e690d5ecae337705e1c
Size: 173.15 kB - libtiff-devel-4.0.3-35.0.3.el7.AXS7.i686.rpm
MD5: 66b383c1148e0b41382240ce43b3a122
SHA-256: a1caed8fbc4cd09d667947c0ec7fa57bb5585b1c27e4698347650a3e594f6fd7
Size: 474.62 kB - libtiff-devel-4.0.3-35.0.3.el7.AXS7.x86_64.rpm
MD5: f2fdcf2988547815461f253cf2e65d5c
SHA-256: d064593f9aff58723fd2c12db236522a11e1e6a268553769dd8c79bc54a1b101
Size: 474.60 kB