Updated libtiff packages fix security vulnerabilities
Publication date: 22 Mar 2015Modification date: 22 Mar 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8127 , CVE-2014-8128 , CVE-2014-8129 , CVE-2014-8130 , CVE-2014-9655 , CVE-2015-1547
Description
The libtiff image decoder library contains several issues that could cause the
decoder to crash when reading crafted TIFF images (CVE-2014-8127,
CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-9655, CVE-2015-1547).
References
- https://bugs.mageia.org/show_bug.cgi?id=15132
- http://openwall.com/lists/oss-security/2015/01/24/15
- http://openwall.com/lists/oss-security/2015/02/07/5
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00022.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547
SRPMS
4/core
- libtiff-4.0.4-0.1.mga4