libTIFF: Multiple vulnerabilities
Multiple vulnerabilities have been found in libTIFF, the worst of
which may allow execution of arbitrary code.
tiff
2017-01-09
2017-01-09
484542
534108
538318
561880
572876
585274
585508
599746
remote
4.0.7
4.0.7
The TIFF library contains encoding and decoding routines for the Tag
Image File Format. It is called by numerous programs, including GNOME and
KDE applications, to interpret TIFF images.
Multiple vulnerabilities have been discovered in libTIFF. Please review
the CVE identifier and bug reports referenced for details.
A remote attacker could entice a user to process a specially crafted
image file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
There is no known workaround at this time.
All libTIFF users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/tiff-4.0.7"
CVE-2013-4243
CVE-2014-8127
CVE-2014-8128
CVE-2014-8129
CVE-2014-8130
CVE-2014-9330
CVE-2014-9655
CVE-2015-1547
CVE-2015-7313
CVE-2015-7554
CVE-2015-8665
CVE-2015-8668
CVE-2015-8683
CVE-2015-8781
CVE-2015-8782
CVE-2015-8783
CVE-2015-8784
CVE-2016-3186
CVE-2016-3619
CVE-2016-3620
CVE-2016-3621
CVE-2016-3622
CVE-2016-3623
CVE-2016-3624
CVE-2016-3625
CVE-2016-3631
CVE-2016-3632
CVE-2016-3633
CVE-2016-3634
CVE-2016-3658
CVE-2016-3945
CVE-2016-3990
CVE-2016-3991
CVE-2016-5102
CVE-2016-5314
CVE-2016-5315
CVE-2016-5316
CVE-2016-5317
CVE-2016-5318
CVE-2016-5319
CVE-2016-5320
CVE-2016-5321
CVE-2016-5322
CVE-2016-5323
CVE-2016-5652
CVE-2016-5875
CVE-2016-6223
CVE-2016-8331
CVE-2016-9273
CVE-2016-9297
CVE-2016-9448
CVE-2016-9453
CVE-2016-9532
b-man
b-man