oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2016-9297 LibTIFF regression

From: Henri Salo <henri () nerv fi>
Date: Fri, 18 Nov 2016 17:05:24 +0200
CVE-2016-9297 vulnerability reported in http://bugzilla.maptools.org/show_bug.cgi?id=2590 had a
regression, which is fixed in http://bugzilla.maptools.org/show_bug.cgi?id=2593
by Even Rouault.

Fixed per

2016-11-16 Even Rouault <even.rouault at spatialys.com>

        * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), do not dereference
        NULL pointer when values of tags with TIFF_SETGET_C16_ASCII /
TIFF_SETGET_C32_ASCII
        access are 0-byte arrays.
        Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2593 (regression
introduced
        by previous fix done on 2016-11-11 for CVE-2016-9297).
        Reported by Henri Salo.

/cvs/maptools/cvsroot/libtiff/ChangeLog,v  <--  ChangeLog
new revision: 1.1163; previous revision: 1.1162
/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v  <-- 
libtiff/tif_dirread.c
new revision: 1.204; previous revision: 1.203

-- 
Henri Salo
Previous By Date Next
Previous By Thread Next

Current thread: