Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Nov 2016 22:13:40 -0600
From: "Brian 'geeknik' Carpenter" <>
Subject: CVE Request: libtiff: read outside buffer in _TIFFPrintField()

Hi, could you assign a CVE to the following issue in libtiff?

Fixed per
>> 2016-11-11 Even Rouault <even.rouault at>
>> * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that
>> values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII
>> access are null terminated, to avoid potential read outside buffer
>> in _TIFFPrintField().
>> /cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog
>> new revision: 1.1154; previous revision: 1.1153
>> /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <--
>> libtiff/tif_dirread.c
>> new revision: 1.203; previous revision: 1.202


Brian 'geeknik' Carpenter

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ