Index: vuln.xml =================================================================== --- vuln.xml (revision 419541) +++ vuln.xml (working copy) @@ -58,6 +58,51 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + linux-c6-tiff - multiple vulnerabilities + + + linux-c6-tiff + linux-c6_64-tiff + 3.9.4_1 + + + + +

Red Hat reports:

+
Security fixes for tiff
+
+
CVE-2014-9330 libtiff: Out-of-bounds reads followed by a crash in bmp2tiff
+
CVE-2014-8127 libtiff: out-of-bounds read with malformed TIFF image in multiple tools
+
CVE-2014-8129 libtiff: out-of-bounds read/write with malformed TIFF image in tiff2pdf
+
CVE-2014-8130 libtiff: divide by zero in the tiffdither tool
+
CVE-2014-9655 libtiff: use of uninitialized memory in putcontig8bitYCbCr21tile and NeXTDecode
+
CVE-2015-1547 libtiff: use of uninitialized memory in NeXTDecode
+
CVE-2015-7554 libtiff: Invalid-write in _TIFFVGetField() when parsing some extension tags
+
CVE-2015-8668 libtiff: OOB read in bmp2tiff
+
CVE-2015-8683 libtiff: Out-of-bounds when reading CIE Lab image format files
+
CVE-2015-8665 libtiff: Out-of-bounds read in tif_getimage.c
+
CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 libtiff: invalid assertion
+
CVE-2015-8784 libtiff: out-of-bound write in NeXTDecode()
+
CVE-2016-3945 libtiff: out-of-bounds write in the tiff2rgba tool
+
CVE-2016-3632 libtiff: out-of-bounds write in _TIFFVGetField function
+
CVE-2016-3990 libtiff: out-of-bounds write in horizontalDifference8()
+
CVE-2016-3991 libtiff: out-of-bounds write in loadImage() function
+
CVE-2016-5320 libtiff: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c
+
+

+ + + + https://rhn.redhat.com/errata/RHSA-2016-1547.html + + + 2016-08-02 + 2016-08-03 + + + lighttpd - multiple vulnerabilities