Updated libtiff packages fix security vulnerabilityPublication date: 02 Nov 2016
Affected Mageia releases : 5
CVE: CVE-2014-8127 , CVE-2016-3658
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable (CVE-2016-3658). They also fix: An out-of-bound read of up to 3 bytes in readContigTilesIntoBuffer(). An out-of-bound read on some tiled images. Segfault when specifying -r without argument (fax2tiff).