oss-sec mailing list archives
CVE Request: libtiff: heap buffer overflow/read outside of array
From: "Brian 'geeknik' Carpenter" <brian.carpenter () gmail com>
Date: Wed, 9 Nov 2016 17:32:09 -0600
Hi, could you assign a CVE to the following issue in libtiff? http://bugzilla.maptools.org/show_bug.cgi?id=2587 Fixed per
2016-11-10 Even Rouault <even.rouault at spatialys.com> * libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips value when it is non-zero, instead of recomputing it. This is needed in TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outside of array in tiffsplit (or other utilities using TIFFNumberOfStrips()). /cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog new revision: 1.1151; previous revision: 1.1150 /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v <--
libtiff/tif_strip.c
new revision: 1.37; previous revision: 1.36
Regards, Brian 'geeknik' Carpenter https://twitter.com/geeknik
Current thread:
- CVE Request: libtiff: heap buffer overflow/read outside of array Brian 'geeknik' Carpenter (Nov 09)
- Re: CVE Request: libtiff: heap buffer overflow/read outside of array Ian Zimmerman (Nov 09)
- Re: Re: CVE Request: libtiff: heap buffer overflow/read outside of array Bob Friesenhahn (Nov 09)
- Re: CVE Request: libtiff: heap buffer overflow/read outside of array cve-assign (Nov 11)
- Re: CVE Request: libtiff: heap buffer overflow/read outside of array Ian Zimmerman (Nov 09)