oss-sec mailing list archives
CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips
From: Henri Salo <henri () nerv fi>
Date: Fri, 11 Nov 2016 22:57:56 +0200
Please assign CVE identifier for LibTIFF tiffcrop heap buffer overflow via writeBufferToSeparateStrips, thanks. Reported in: http://bugzilla.maptools.org/show_bug.cgi?id=2592 Fixed per: 2016-11-11 Even Rouault <even.rouault at spatialys.com> * tools/tiffcrop.c: fix multiple uint32 overflows in writeBufferToSeparateStrips(), writeBufferToContigTiles() and writeBufferToSeparateTiles() that could cause heap buffer overflows. Reported by Henri Salo from Nixu Corporation. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2592 /cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog new revision: 1.1152; previous revision: 1.1151 /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c new revision: 1.43; previous revision: 1.42 -- Henri Salo
Current thread:
- CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips Henri Salo (Nov 11)
- Re: CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips Salvatore Bonaccorso (Nov 20)
- Re: CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips cve-assign (Nov 21)