Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 21 Nov 2016 06:43:48 +0100
From: Salvatore Bonaccorso <>
Subject: Re: CVE request: LibTIFF tiffcrop: Heap buffer
 overflow via writeBufferToSeparateStrips


On Fri, Nov 11, 2016 at 10:57:56PM +0200, Henri Salo wrote:
> Please assign CVE identifier for LibTIFF tiffcrop heap buffer overflow via
> writeBufferToSeparateStrips, thanks.
> Reported in:
> Fixed per:
> 2016-11-11 Even Rouault <even.rouault at>
>         * tools/tiffcrop.c: fix multiple uint32 overflows in
>         writeBufferToSeparateStrips(), writeBufferToContigTiles() and
>         writeBufferToSeparateTiles() that could cause heap buffer overflows.
>         Reported by Henri Salo from Nixu Corporation.
>         Fixes
> /cvs/maptools/cvsroot/libtiff/ChangeLog,v  <--  ChangeLog
> new revision: 1.1152; previous revision: 1.1151
> /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v  <--  tools/tiffcrop.c
> new revision: 1.43; previous revision: 1.42

FTR, this was included in the 4.0.7 release of LibTIFF.

Although it is only in the tools part, this might still need a CVE if
appropriate to identify the issue.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.