Test Kennung:	1.3.6.1.4.1.25623.1.0.851682
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for tiff (openSUSE-SU-2018:0097-1)
Zusammenfassung:	The remote host is missing an update for the 'tiff'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'tiff' package(s) announced via the referenced advisory. Vulnerability Insight: This update for tiff to version 4.0.9 fixes the following issues: Security issues fixed: - CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools (bsc#969783). - CVE-2015-7554: Fix invalid write in tiffsplit / _TIFFVGetField (bsc#960341). - CVE-2016-10095: Fix stack-based buffer overflow in _TIFFVGetField (tif_dir.c) (bsc#1017690). - CVE-2016-5318: Fix stackoverflow in thumbnail (bsc#983436). - CVE-2017-16232: Fix memory-based DoS in tiff2bw (bsc#1069213). This update was imported from the SUSE:SLE-12:Update update project. Affected Software/OS: tiff on openSUSE Leap 42.3, openSUSE Leap 42.2 Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8128 http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://openwall.com/lists/oss-security/2015/01/24/15 http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 http://www.conostix.com/pub/adv/CVE-2014-8128-LibTIFF-Out-of-bounds_Writes.txt https://bugzilla.redhat.com/show_bug.cgi?id=1185812 Common Vulnerability Exposure (CVE) ID: CVE-2015-7554 BugTraq ID: 79699 http://www.securityfocus.com/bid/79699 Bugtraq: 20151226 libtiff: invalid write (CVE-2015-7554) (Google Search) http://www.securityfocus.com/archive/1/537205/100/0/threaded http://seclists.org/fulldisclosure/2015/Dec/119 https://security.gentoo.org/glsa/201701-16 http://packetstormsecurity.com/files/135078/libtiff-4.0.6-Invalid-Write.html http://www.openwall.com/lists/oss-security/2015/12/26/7 RedHat Security Advisories: RHSA-2016:1546 http://rhn.redhat.com/errata/RHSA-2016-1546.html RedHat Security Advisories: RHSA-2016:1547 http://rhn.redhat.com/errata/RHSA-2016-1547.html SuSE Security Announcement: openSUSE-SU-2016:0212 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00078.html SuSE Security Announcement: openSUSE-SU-2016:0215 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00081.html SuSE Security Announcement: openSUSE-SU-2016:0252 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00100.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5318 BugTraq ID: 88604 http://www.securityfocus.com/bid/88604 http://www.openwall.com/lists/oss-security/2016/04/27/6 http://www.openwall.com/lists/oss-security/2016/06/07/1 https://usn.ubuntu.com/3606-1/
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.