--------------------------------------------------------------------------------


Fedora Update Notification

FEDORA-2017-021bebae25

2017-04-14 17:18:15.814481

--------------------------------------------------------------------------------




Name        : libtiff

Product     : Fedora 25

Version     : 4.0.7

Release     : 5.fc25

URL         : http://www.simplesystems.org/libtiff/

Summary     : Library of functions for manipulating TIFF format image files

Description :

The libtiff package contains a library of functions for manipulating

TIFF (Tagged Image File Format) image format files.  TIFF is a widely

used file format for bitmapped images.  TIFF files usually end in the

.tif extension and they are often quite large.



The libtiff package should be installed if you need to manipulate TIFF

format image files.



--------------------------------------------------------------------------------


Update Information:



Security fix for:  * **CVE-2017-7592** * **CVE-2017-7593** * **CVE-2017-7594**
 *

**CVE-2017-7595** * **CVE-2017-7596** * **CVE-2017-7597** * **CVE-2017-7598**
 *

**CVE-2017-7599** * **CVE-2017-7600** * **CVE-2017-7601** * **CVE-2017-7602**

--------------------------------------------------------------------------------


References:



  [ 1 ] Bug #1441263 - CVE-2017-7602 libtiff: Signed integer overflow in
 tif_read.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441263

  [ 2 ] Bug #1441261 - CVE-2017-7601 libtiff: Signed integer overflow in
 tif_jpeg.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441261

  [ 3 ] Bug #1441260 - CVE-2017-7600 libtiff: Unsigned char out of range in
 tif_dirwrite.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441260

  [ 4 ] Bug #1441259 - CVE-2017-7599 libtiff: Unsigned short out of range in
 tif_dirwrite.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441259

  [ 5 ] Bug #1441254 - CVE-2017-7598 libtiff: Divide-by-zero in tif_dirread.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441254

  [ 6 ] Bug #1441252 - CVE-2017-7597 libtiff: Float out of range issue in
 tif_dirread.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441252

  [ 7 ] Bug #1441250 - CVE-2017-7596 libtiff: Float out of range issue in
 tif_dir.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441250

  [ 8 ] Bug #1441248 - CVE-2017-7595 libtiff: Divide-by-zero in JPEGSetupEncode
 (tiff_jpeg.c)

        https://bugzilla.redhat.com/show_bug.cgi?id=1441248

  [ 9 ] Bug #1441247 - CVE-2017-7594 libtiff: Memory leak in
 OJPEGReadHeaderInfoSecTablesDcTable function

        https://bugzilla.redhat.com/show_bug.cgi?id=1441247

  [ 10 ] Bug #1441246 - CVE-2017-7593 libtiff: tif_rawdata not properly
 initialized in tif_read.c

        https://bugzilla.redhat.com/show_bug.cgi?id=1441246

  [ 11 ] Bug #1441240 - CVE-2017-7592 libtiff: Left shift of unsigned char
 without a cast

        https://bugzilla.redhat.com/show_bug.cgi?id=1441240

--------------------------------------------------------------------------------




This update can be installed with the "dnf" update program. Use

su -c 'dnf upgrade libtiff' at the command line.

For more information, refer to the dnf documentation available at

http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label



All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org