[SECURITY] [DLA 1346-1] tiff security update

2018-04-16T03:46:18
ID DEBIAN:DLA-1346-1:1B772
Type debian
Reporter Debian
Modified 2018-04-16T03:46:18

Description

Package : tiff Version : 4.0.2-6+deb7u19 CVE ID : CVE-2018-7456 Debian Bug : 891288

A NULL Pointer Dereference was discovered in the TIFFPrintDirectory function (tif_print.c) when using the tiffinfo tool to print crafted TIFF information. This vulnerability could be leveraged by remote attackers to cause a crash of the application.

For Debian 7 "Wheezy", these problems have been fixed in version 4.0.2-6+deb7u19.

We recommend that you upgrade your tiff packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS