oss-sec mailing list archives
CVE-2016-9297 LibTIFF regression
From: Henri Salo <henri () nerv fi>
Date: Fri, 18 Nov 2016 17:05:24 +0200
CVE-2016-9297 vulnerability reported in http://bugzilla.maptools.org/show_bug.cgi?id=2590 had a regression, which is fixed in http://bugzilla.maptools.org/show_bug.cgi?id=2593 by Even Rouault. Fixed per 2016-11-16 Even Rouault <even.rouault at spatialys.com> * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), do not dereference NULL pointer when values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are 0-byte arrays. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2593 (regression introduced by previous fix done on 2016-11-11 for CVE-2016-9297). Reported by Henri Salo. /cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog new revision: 1.1163; previous revision: 1.1162 /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- libtiff/tif_dirread.c new revision: 1.204; previous revision: 1.203 -- Henri Salo
Current thread:
- CVE-2016-9297 LibTIFF regression Henri Salo (Nov 18)
- Re: CVE-2016-9297 LibTIFF regression cve-assign (Nov 18)