Advisories » MGASA-2019-0075

Updated libtiff packages fix security vulnerability

Publication date: 13 Feb 2019
Modification date: 13 Feb 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-6128

Description

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak,
as demonstrated by pal2rgb. (CVE-2019-6128)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24343
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CXMZF6QHRSV4QSTQXM5RAXOWNJHAGFIW/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6128

SRPMS

6/core

• libtiff-4.0.10-1.git20190202.1.mga6