Tags: patch security upstream
the following vulnerability was published for tiff.
| In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the
| TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage
| this vulnerability to cause a denial of service via a crafted tif file.
| This occurs because the declared number of directory entries is not
| validated against the actual number of directory entries.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
Please adjust the affected versions in the BTS as needed.
Secure-testing-team mailing list