Source: tiff Version: 4.0.6-3 Severity: normal Tags: security upstream patch Forwarded: http://bugzilla.maptools.org/show_bug.cgi?id=2590
Hi There is a potential read out-of-bounds read in _TIFFPrintField() as described via http://bugzilla.maptools.org/show_bug.cgi?id=2590 : It is fixed per: > Fixed per > > 2016-11-11 Even Rouault <even.rouault at spatialys.com> > > * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that > values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII > access are null terminated, to avoid potential read outside buffer > in _TIFFPrintField(). > Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 I was not able to easily follow the reproducer in on my testsetup, though from looking at the source it looks present as per 4.0.6-3 Debian source package. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
