Updated libtiff packages fix security vulnerability
Publication date: 20 Apr 2018Modification date: 20 Apr 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2018-7456
Description
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.). (CVE-2018-7456)
References
SRPMS
6/core
- libtiff-4.0.9-1.3.mga6
5/core
- libtiff-4.0.9-1.3.mga5