Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-2327 (GCVE-0-2008-2327)
Vulnerability from cvelistv5
Published
2008-08-27 20:00
Modified
2024-08-07 08:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:58:01.844Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "265030",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"name": "31670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31670"
},
{
"name": "MDVSA-2008:184",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"name": "APPLE-SA-2008-11-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"name": "20080905 rPSA-2008-0268-1 libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
},
{
"name": "31838",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31838"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"name": "APPLE-SA-2008-09-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31698"
},
{
"name": "FEDORA-2008-7388",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
},
{
"name": "ADV-2008-2971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "TA08-260A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"name": "ADV-2008-2776",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "RHSA-2008:0863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"name": "APPLE-SA-2008-11-20",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"name": "31623",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31623"
},
{
"name": "ADV-2008-2584",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"name": "1020750",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020750"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-3107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"name": "31610",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31610"
},
{
"name": "30832",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30832"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"name": "oval:org.mitre.oval:def:11489",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "ADV-2008-3232",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"name": "31882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31882"
},
{
"name": "RHSA-2008:0848",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"name": "31668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31668"
},
{
"name": "ADV-2009-2143",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2143"
},
{
"name": "32706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32706"
},
{
"name": "oval:org.mitre.oval:def:5514",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"name": "DSA-1632",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3318"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3298"
},
{
"name": "USN-639-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"name": "RHSA-2008:0847",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3276"
},
{
"name": "ADV-2008-2438",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"name": "32756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32756"
},
{
"name": "GLSA-200809-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"name": "FEDORA-2008-7370",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "265030",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"name": "31670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31670"
},
{
"name": "MDVSA-2008:184",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"name": "APPLE-SA-2008-11-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"name": "20080905 rPSA-2008-0268-1 libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
},
{
"name": "31838",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31838"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"name": "APPLE-SA-2008-09-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31698"
},
{
"name": "FEDORA-2008-7388",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
},
{
"name": "ADV-2008-2971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "TA08-260A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"name": "ADV-2008-2776",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "RHSA-2008:0863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"name": "APPLE-SA-2008-11-20",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"name": "31623",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31623"
},
{
"name": "ADV-2008-2584",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"name": "1020750",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020750"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-3107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"name": "31610",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31610"
},
{
"name": "30832",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30832"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"name": "oval:org.mitre.oval:def:11489",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "ADV-2008-3232",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"name": "31882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31882"
},
{
"name": "RHSA-2008:0848",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"name": "31668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31668"
},
{
"name": "ADV-2009-2143",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2143"
},
{
"name": "32706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32706"
},
{
"name": "oval:org.mitre.oval:def:5514",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"name": "DSA-1632",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3318"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3298"
},
{
"name": "USN-639-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"name": "RHSA-2008:0847",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3276"
},
{
"name": "ADV-2008-2438",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"name": "32756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32756"
},
{
"name": "GLSA-200809-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"name": "FEDORA-2008-7370",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "265030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"name": "31670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31670"
},
{
"name": "MDVSA-2008:184",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"name": "APPLE-SA-2008-11-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"name": "20080905 rPSA-2008-0268-1 libtiff",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
},
{
"name": "31838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31838"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=234080",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"name": "APPLE-SA-2008-09-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "31982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31698"
},
{
"name": "FEDORA-2008-7388",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
},
{
"name": "ADV-2008-2971",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "TA08-260A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"name": "ADV-2008-2776",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html",
"refsource": "MISC",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "RHSA-2008:0863",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"name": "APPLE-SA-2008-11-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"name": "31623",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31623"
},
{
"name": "ADV-2008-2584",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"name": "http://security-tracker.debian.net/tracker/CVE-2008-2327",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"name": "1020750",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020750"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-3107",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"name": "31610",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31610"
},
{
"name": "30832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30832"
},
{
"name": "http://security-tracker.debian.net/tracker/DTSA-160-1",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"name": "oval:org.mitre.oval:def:11489",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"name": "SUSE-SR:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "ADV-2008-3232",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"name": "31882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31882"
},
{
"name": "RHSA-2008:0848",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"name": "31668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31668"
},
{
"name": "ADV-2009-2143",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2143"
},
{
"name": "32706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32706"
},
{
"name": "oval:org.mitre.oval:def:5514",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"name": "DSA-1632",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"name": "http://support.apple.com/kb/HT3318",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3318"
},
{
"name": "http://security-tracker.debian.net/tracker/DSA-1632-1",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"name": "http://support.apple.com/kb/HT3298",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3298"
},
{
"name": "USN-639-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"name": "RHSA-2008:0847",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"name": "http://support.apple.com/kb/HT3276",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3276"
},
{
"name": "ADV-2008-2438",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=458674",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"name": "32756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32756"
},
{
"name": "GLSA-200809-07",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"name": "FEDORA-2008-7370",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2327",
"datePublished": "2008-08-27T20:00:00",
"dateReserved": "2008-05-18T00:00:00",
"dateUpdated": "2024-08-07T08:58:01.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2008-2327\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-08-27T20:41:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer en las funciones (1) LZWDecode, (2) LZWDecodeCompat y (3) LZWDecodeVector en el archivo tif_lzw.c en el decodificador LZW en LibTIFF versi\u00f3n 3.8.2 y anteriores, permite a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de un archivo TIFF dise\u00f1ado, relacionado con el manejo inapropiado del c\u00f3digo CODE_CLEAR.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.2\",\"matchCriteriaId\":\"36B8B853-0FF0-4E2F-983D-683A0951CEF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"261FAE51-5207-4136-9FFE-2330A281266C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B32C83B9-F7DA-450A-A687-9A73734CD712\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9485283A-B73E-4567-914A-42A86F5FFCB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95892168-0FB6-4E3F-9303-2F9B3CF60D2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5021564-5E0A-4DDC-BC68-200B6050043E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11C50750-FE1D-42BA-9125-7D8E872AA2DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19AA66E5-FDDD-4243-B945-DFEBDD25F258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62F359CD-5DC4-4919-B8E1-95BDDBD27EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2C8C550-3313-4266-B4B3-E9E9047CFE04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABEEBA7B-81D5-4148-912B-9AD448BBE741\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"448555FE-8E91-4EA7-BA05-6915F5508319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44BC5E2C-B6A6-4999-A1EA-B91DA5C350C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2850FD9-8BE8-410E-8A24-28549DAACEB3\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=234080\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31610\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31623\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31668\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31670\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31698\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31838\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31882\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31982\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/32706\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/32756\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security-tracker.debian.net/tracker/CVE-2008-2327\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security-tracker.debian.net/tracker/DSA-1632-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security-tracker.debian.net/tracker/DTSA-160-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200809-07.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3276\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3298\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3318\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1632\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:184\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0847.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0848.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0863.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/496033/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/497962/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/30832\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1020750\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-639-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0017.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2438\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2776\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2971\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/3107\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/3232\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/2143\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=458674\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=234080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31610\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31623\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31668\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31670\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31698\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31838\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31882\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/31982\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32706\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/32756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security-tracker.debian.net/tracker/CVE-2008-2327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security-tracker.debian.net/tracker/DSA-1632-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security-tracker.debian.net/tracker/DTSA-160-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200809-07.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3276\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3298\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3318\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:184\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0847.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0848.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0863.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/496033/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/497962/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/30832\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1020750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-639-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-260A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2008-0017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2776\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/2971\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/3107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/3232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/2143\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=458674\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
RHSA-2008:0847
Vulnerability from csaf_redhat
Published
2008-08-28 22:12
Modified
2025-10-09 13:08
Summary
Red Hat Security Advisory: libtiff security and bug fix update
Notes
Topic
Updated libtiff packages that fix a security issue and a bug are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
Additionally, these updated packages fix the following bug:
* the libtiff packages included manual pages for the sgi2tiff and tiffsv
commands, which are not included in these packages. These extraneous manual
pages were removed.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix a security issue and a bug are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nAdditionally, these updated packages fix the following bug:\n\n* the libtiff packages included manual pages for the sgi2tiff and tiffsv\ncommands, which are not included in these packages. These extraneous manual\npages were removed.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0847",
"url": "https://access.redhat.com/errata/RHSA-2008:0847"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "460120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460120"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0847.json"
}
],
"title": "Red Hat Security Advisory: libtiff security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T13:08:37+00:00",
"generator": {
"date": "2025-10-09T13:08:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2008:0847",
"initial_release_date": "2008-08-28T22:12:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:12:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:12:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:08:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.src",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-0:3.8.2-7.el5_2.2.src",
"5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:12:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-0:3.8.2-7.el5_2.2.src",
"5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0847"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
rhsa-2008:0848
Vulnerability from csaf_redhat
Published
2008-08-28 22:23
Modified
2025-10-09 12:49
Summary
Red Hat Security Advisory: libtiff security and bug fix update
Notes
Topic
Updated libtiff packages that fix various security issues and a bug are now
available for Red Hat Enterprise Linux 4.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
A buffer overflow flaw was discovered in the tiff2pdf conversion program
distributed with libtiff. An attacker could create a TIFF file containing
UTF-8 characters that would, when converted to PDF format, cause tiff2pdf
to crash, or, possibly, execute arbitrary code. (CVE-2006-2193)
Additionally, these updated packages fix the following bug:
* the libtiff packages included manual pages for the sgi2tiff and tiffsv
commands, which are not included in these packages. These extraneous manual
pages were removed.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix various security issues and a bug are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nA buffer overflow flaw was discovered in the tiff2pdf conversion program\ndistributed with libtiff. An attacker could create a TIFF file containing\nUTF-8 characters that would, when converted to PDF format, cause tiff2pdf\nto crash, or, possibly, execute arbitrary code. (CVE-2006-2193)\n\nAdditionally, these updated packages fix the following bug:\n\n* the libtiff packages included manual pages for the sgi2tiff and tiffsv\ncommands, which are not included in these packages. These extraneous manual\npages were removed.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0848",
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "194362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=194362"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "459404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459404"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0848.json"
}
],
"title": "Red Hat Security Advisory: libtiff security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T12:49:54+00:00",
"generator": {
"date": "2025-10-09T12:49:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2008:0848",
"initial_release_date": "2008-08-28T22:23:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:23:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:23:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T12:49:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.src",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-2193",
"discovery_date": "2006-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "194362"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tiff2pdf buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect Red Hat Enterprise Linux 2.1 and 3\n\nRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-2193"
},
{
"category": "external",
"summary": "RHBZ#194362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=194362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2193"
}
],
"release_date": "2006-06-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:23:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tiff2pdf buffer overflow"
},
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:23:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
RHSA-2008:0863
Vulnerability from csaf_redhat
Published
2008-08-28 22:31
Modified
2025-10-09 13:08
Summary
Red Hat Security Advisory: libtiff security update
Notes
Topic
Updated libtiff packages that fix a security issue are now available for
Red Hat Enterprise Linux 2.1 and 3.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0863",
"url": "https://access.redhat.com/errata/RHSA-2008:0863"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0863.json"
}
],
"title": "Red Hat Security Advisory: libtiff security update",
"tracking": {
"current_release_date": "2025-10-09T13:08:38+00:00",
"generator": {
"date": "2025-10-09T13:08:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2008:0863",
"initial_release_date": "2008-08-28T22:31:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:31:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:32:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:08:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Linux Advanced Workstation 2.1",
"product": {
"name": "Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.ia64",
"product": {
"name": "libtiff-0:3.5.7-31.el2.ia64",
"product_id": "libtiff-0:3.5.7-31.el2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product_id": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.src",
"product": {
"name": "libtiff-0:3.5.7-31.el2.src",
"product_id": "libtiff-0:3.5.7-31.el2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=src"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.src",
"product": {
"name": "libtiff-0:3.5.7-31.el3.src",
"product_id": "libtiff-0:3.5.7-31.el3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.i386",
"product": {
"name": "libtiff-0:3.5.7-31.el2.i386",
"product_id": "libtiff-0:3.5.7-31.el2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el2.i386",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386",
"product_id": "libtiff-devel-0:3.5.7-31.el2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-0:3.5.7-31.el3.i386",
"product_id": "libtiff-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386",
"product_id": "libtiff-devel-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ppc64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ppc64",
"product_id": "libtiff-0:3.5.7-31.el3.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-0:3.5.7-31.el3.s390",
"product_id": "libtiff-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390",
"product_id": "libtiff-devel-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:libtiff-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-0:3.5.7-31.el2.ia64",
"2.1AS:libtiff-0:3.5.7-31.el2.src",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.src",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.src",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.src",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64",
"3AS:libtiff-0:3.5.7-31.el3.i386",
"3AS:libtiff-0:3.5.7-31.el3.ia64",
"3AS:libtiff-0:3.5.7-31.el3.ppc",
"3AS:libtiff-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-0:3.5.7-31.el3.s390",
"3AS:libtiff-0:3.5.7-31.el3.s390x",
"3AS:libtiff-0:3.5.7-31.el3.src",
"3AS:libtiff-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-devel-0:3.5.7-31.el3.i386",
"3AS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3AS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3AS:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-0:3.5.7-31.el3.src",
"3Desktop:libtiff-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-0:3.5.7-31.el3.i386",
"3ES:libtiff-0:3.5.7-31.el3.ia64",
"3ES:libtiff-0:3.5.7-31.el3.ppc",
"3ES:libtiff-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-0:3.5.7-31.el3.s390",
"3ES:libtiff-0:3.5.7-31.el3.s390x",
"3ES:libtiff-0:3.5.7-31.el3.src",
"3ES:libtiff-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-devel-0:3.5.7-31.el3.i386",
"3ES:libtiff-devel-0:3.5.7-31.el3.ia64",
"3ES:libtiff-devel-0:3.5.7-31.el3.ppc",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390x",
"3ES:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-0:3.5.7-31.el3.i386",
"3WS:libtiff-0:3.5.7-31.el3.ia64",
"3WS:libtiff-0:3.5.7-31.el3.ppc",
"3WS:libtiff-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-0:3.5.7-31.el3.s390",
"3WS:libtiff-0:3.5.7-31.el3.s390x",
"3WS:libtiff-0:3.5.7-31.el3.src",
"3WS:libtiff-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-devel-0:3.5.7-31.el3.i386",
"3WS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3WS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:31:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"2.1AS:libtiff-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-0:3.5.7-31.el2.ia64",
"2.1AS:libtiff-0:3.5.7-31.el2.src",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.src",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.src",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.src",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64",
"3AS:libtiff-0:3.5.7-31.el3.i386",
"3AS:libtiff-0:3.5.7-31.el3.ia64",
"3AS:libtiff-0:3.5.7-31.el3.ppc",
"3AS:libtiff-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-0:3.5.7-31.el3.s390",
"3AS:libtiff-0:3.5.7-31.el3.s390x",
"3AS:libtiff-0:3.5.7-31.el3.src",
"3AS:libtiff-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-devel-0:3.5.7-31.el3.i386",
"3AS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3AS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3AS:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-0:3.5.7-31.el3.src",
"3Desktop:libtiff-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-0:3.5.7-31.el3.i386",
"3ES:libtiff-0:3.5.7-31.el3.ia64",
"3ES:libtiff-0:3.5.7-31.el3.ppc",
"3ES:libtiff-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-0:3.5.7-31.el3.s390",
"3ES:libtiff-0:3.5.7-31.el3.s390x",
"3ES:libtiff-0:3.5.7-31.el3.src",
"3ES:libtiff-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-devel-0:3.5.7-31.el3.i386",
"3ES:libtiff-devel-0:3.5.7-31.el3.ia64",
"3ES:libtiff-devel-0:3.5.7-31.el3.ppc",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390x",
"3ES:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-0:3.5.7-31.el3.i386",
"3WS:libtiff-0:3.5.7-31.el3.ia64",
"3WS:libtiff-0:3.5.7-31.el3.ppc",
"3WS:libtiff-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-0:3.5.7-31.el3.s390",
"3WS:libtiff-0:3.5.7-31.el3.s390x",
"3WS:libtiff-0:3.5.7-31.el3.src",
"3WS:libtiff-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-devel-0:3.5.7-31.el3.i386",
"3WS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3WS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0863"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
rhsa-2008:0863
Vulnerability from csaf_redhat
Published
2008-08-28 22:31
Modified
2025-10-09 13:08
Summary
Red Hat Security Advisory: libtiff security update
Notes
Topic
Updated libtiff packages that fix a security issue are now available for
Red Hat Enterprise Linux 2.1 and 3.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0863",
"url": "https://access.redhat.com/errata/RHSA-2008:0863"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0863.json"
}
],
"title": "Red Hat Security Advisory: libtiff security update",
"tracking": {
"current_release_date": "2025-10-09T13:08:38+00:00",
"generator": {
"date": "2025-10-09T13:08:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2008:0863",
"initial_release_date": "2008-08-28T22:31:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:31:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:32:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:08:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Linux Advanced Workstation 2.1",
"product": {
"name": "Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.ia64",
"product": {
"name": "libtiff-0:3.5.7-31.el2.ia64",
"product_id": "libtiff-0:3.5.7-31.el2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product_id": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.src",
"product": {
"name": "libtiff-0:3.5.7-31.el2.src",
"product_id": "libtiff-0:3.5.7-31.el2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=src"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.src",
"product": {
"name": "libtiff-0:3.5.7-31.el3.src",
"product_id": "libtiff-0:3.5.7-31.el3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.i386",
"product": {
"name": "libtiff-0:3.5.7-31.el2.i386",
"product_id": "libtiff-0:3.5.7-31.el2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el2.i386",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386",
"product_id": "libtiff-devel-0:3.5.7-31.el2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-0:3.5.7-31.el3.i386",
"product_id": "libtiff-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386",
"product_id": "libtiff-devel-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ppc64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ppc64",
"product_id": "libtiff-0:3.5.7-31.el3.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-0:3.5.7-31.el3.s390",
"product_id": "libtiff-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390",
"product_id": "libtiff-devel-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:libtiff-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-0:3.5.7-31.el2.ia64",
"2.1AS:libtiff-0:3.5.7-31.el2.src",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.src",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.src",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.src",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64",
"3AS:libtiff-0:3.5.7-31.el3.i386",
"3AS:libtiff-0:3.5.7-31.el3.ia64",
"3AS:libtiff-0:3.5.7-31.el3.ppc",
"3AS:libtiff-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-0:3.5.7-31.el3.s390",
"3AS:libtiff-0:3.5.7-31.el3.s390x",
"3AS:libtiff-0:3.5.7-31.el3.src",
"3AS:libtiff-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-devel-0:3.5.7-31.el3.i386",
"3AS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3AS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3AS:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-0:3.5.7-31.el3.src",
"3Desktop:libtiff-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-0:3.5.7-31.el3.i386",
"3ES:libtiff-0:3.5.7-31.el3.ia64",
"3ES:libtiff-0:3.5.7-31.el3.ppc",
"3ES:libtiff-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-0:3.5.7-31.el3.s390",
"3ES:libtiff-0:3.5.7-31.el3.s390x",
"3ES:libtiff-0:3.5.7-31.el3.src",
"3ES:libtiff-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-devel-0:3.5.7-31.el3.i386",
"3ES:libtiff-devel-0:3.5.7-31.el3.ia64",
"3ES:libtiff-devel-0:3.5.7-31.el3.ppc",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390x",
"3ES:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-0:3.5.7-31.el3.i386",
"3WS:libtiff-0:3.5.7-31.el3.ia64",
"3WS:libtiff-0:3.5.7-31.el3.ppc",
"3WS:libtiff-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-0:3.5.7-31.el3.s390",
"3WS:libtiff-0:3.5.7-31.el3.s390x",
"3WS:libtiff-0:3.5.7-31.el3.src",
"3WS:libtiff-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-devel-0:3.5.7-31.el3.i386",
"3WS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3WS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:31:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"2.1AS:libtiff-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-0:3.5.7-31.el2.ia64",
"2.1AS:libtiff-0:3.5.7-31.el2.src",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.src",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.src",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.src",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64",
"3AS:libtiff-0:3.5.7-31.el3.i386",
"3AS:libtiff-0:3.5.7-31.el3.ia64",
"3AS:libtiff-0:3.5.7-31.el3.ppc",
"3AS:libtiff-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-0:3.5.7-31.el3.s390",
"3AS:libtiff-0:3.5.7-31.el3.s390x",
"3AS:libtiff-0:3.5.7-31.el3.src",
"3AS:libtiff-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-devel-0:3.5.7-31.el3.i386",
"3AS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3AS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3AS:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-0:3.5.7-31.el3.src",
"3Desktop:libtiff-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-0:3.5.7-31.el3.i386",
"3ES:libtiff-0:3.5.7-31.el3.ia64",
"3ES:libtiff-0:3.5.7-31.el3.ppc",
"3ES:libtiff-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-0:3.5.7-31.el3.s390",
"3ES:libtiff-0:3.5.7-31.el3.s390x",
"3ES:libtiff-0:3.5.7-31.el3.src",
"3ES:libtiff-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-devel-0:3.5.7-31.el3.i386",
"3ES:libtiff-devel-0:3.5.7-31.el3.ia64",
"3ES:libtiff-devel-0:3.5.7-31.el3.ppc",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390x",
"3ES:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-0:3.5.7-31.el3.i386",
"3WS:libtiff-0:3.5.7-31.el3.ia64",
"3WS:libtiff-0:3.5.7-31.el3.ppc",
"3WS:libtiff-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-0:3.5.7-31.el3.s390",
"3WS:libtiff-0:3.5.7-31.el3.s390x",
"3WS:libtiff-0:3.5.7-31.el3.src",
"3WS:libtiff-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-devel-0:3.5.7-31.el3.i386",
"3WS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3WS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0863"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
rhsa-2008:0847
Vulnerability from csaf_redhat
Published
2008-08-28 22:12
Modified
2025-10-09 13:08
Summary
Red Hat Security Advisory: libtiff security and bug fix update
Notes
Topic
Updated libtiff packages that fix a security issue and a bug are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
Additionally, these updated packages fix the following bug:
* the libtiff packages included manual pages for the sgi2tiff and tiffsv
commands, which are not included in these packages. These extraneous manual
pages were removed.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix a security issue and a bug are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nAdditionally, these updated packages fix the following bug:\n\n* the libtiff packages included manual pages for the sgi2tiff and tiffsv\ncommands, which are not included in these packages. These extraneous manual\npages were removed.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0847",
"url": "https://access.redhat.com/errata/RHSA-2008:0847"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "460120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460120"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0847.json"
}
],
"title": "Red Hat Security Advisory: libtiff security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T13:08:37+00:00",
"generator": {
"date": "2025-10-09T13:08:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2008:0847",
"initial_release_date": "2008-08-28T22:12:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:12:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:12:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:08:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.src",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-0:3.8.2-7.el5_2.2.src",
"5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:12:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-0:3.8.2-7.el5_2.2.src",
"5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0847"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
RHSA-2008:0848
Vulnerability from csaf_redhat
Published
2008-08-28 22:23
Modified
2025-10-09 12:49
Summary
Red Hat Security Advisory: libtiff security and bug fix update
Notes
Topic
Updated libtiff packages that fix various security issues and a bug are now
available for Red Hat Enterprise Linux 4.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
A buffer overflow flaw was discovered in the tiff2pdf conversion program
distributed with libtiff. An attacker could create a TIFF file containing
UTF-8 characters that would, when converted to PDF format, cause tiff2pdf
to crash, or, possibly, execute arbitrary code. (CVE-2006-2193)
Additionally, these updated packages fix the following bug:
* the libtiff packages included manual pages for the sgi2tiff and tiffsv
commands, which are not included in these packages. These extraneous manual
pages were removed.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix various security issues and a bug are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nA buffer overflow flaw was discovered in the tiff2pdf conversion program\ndistributed with libtiff. An attacker could create a TIFF file containing\nUTF-8 characters that would, when converted to PDF format, cause tiff2pdf\nto crash, or, possibly, execute arbitrary code. (CVE-2006-2193)\n\nAdditionally, these updated packages fix the following bug:\n\n* the libtiff packages included manual pages for the sgi2tiff and tiffsv\ncommands, which are not included in these packages. These extraneous manual\npages were removed.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0848",
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "194362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=194362"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "459404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459404"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0848.json"
}
],
"title": "Red Hat Security Advisory: libtiff security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T12:49:54+00:00",
"generator": {
"date": "2025-10-09T12:49:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2008:0848",
"initial_release_date": "2008-08-28T22:23:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:23:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:23:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T12:49:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.src",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-2193",
"discovery_date": "2006-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "194362"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tiff2pdf buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect Red Hat Enterprise Linux 2.1 and 3\n\nRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-2193"
},
{
"category": "external",
"summary": "RHBZ#194362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=194362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2193"
}
],
"release_date": "2006-06-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:23:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tiff2pdf buffer overflow"
},
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:23:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
rhsa-2008_0848
Vulnerability from csaf_redhat
Published
2008-08-28 22:23
Modified
2024-11-22 02:12
Summary
Red Hat Security Advisory: libtiff security and bug fix update
Notes
Topic
Updated libtiff packages that fix various security issues and a bug are now
available for Red Hat Enterprise Linux 4.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
A buffer overflow flaw was discovered in the tiff2pdf conversion program
distributed with libtiff. An attacker could create a TIFF file containing
UTF-8 characters that would, when converted to PDF format, cause tiff2pdf
to crash, or, possibly, execute arbitrary code. (CVE-2006-2193)
Additionally, these updated packages fix the following bug:
* the libtiff packages included manual pages for the sgi2tiff and tiffsv
commands, which are not included in these packages. These extraneous manual
pages were removed.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix various security issues and a bug are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nA buffer overflow flaw was discovered in the tiff2pdf conversion program\ndistributed with libtiff. An attacker could create a TIFF file containing\nUTF-8 characters that would, when converted to PDF format, cause tiff2pdf\nto crash, or, possibly, execute arbitrary code. (CVE-2006-2193)\n\nAdditionally, these updated packages fix the following bug:\n\n* the libtiff packages included manual pages for the sgi2tiff and tiffsv\ncommands, which are not included in these packages. These extraneous manual\npages were removed.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0848",
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "194362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=194362"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "459404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459404"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0848.json"
}
],
"title": "Red Hat Security Advisory: libtiff security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T02:12:04+00:00",
"generator": {
"date": "2024-11-22T02:12:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2008:0848",
"initial_release_date": "2008-08-28T22:23:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:23:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:23:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T02:12:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.src",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.6.1-12.el4_7.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.6.1-12.el4_7.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product_id": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.6.1-12.el4_7.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.src"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-2193",
"discovery_date": "2006-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "194362"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tiff2pdf buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect Red Hat Enterprise Linux 2.1 and 3\n\nRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-2193"
},
{
"category": "external",
"summary": "RHBZ#194362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=194362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-2193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2193"
}
],
"release_date": "2006-06-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:23:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tiff2pdf buffer overflow"
},
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:23:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"4AS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-0:3.6.1-12.el4_7.2.src",
"4AS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4AS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.src",
"4Desktop:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4Desktop:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-0:3.6.1-12.el4_7.2.src",
"4ES:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4ES:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-0:3.6.1-12.el4_7.2.src",
"4WS:libtiff-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.ppc64",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-debuginfo-0:3.6.1-12.el4_7.2.x86_64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.i386",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ia64",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.ppc",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.s390x",
"4WS:libtiff-devel-0:3.6.1-12.el4_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0848"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
rhsa-2008_0863
Vulnerability from csaf_redhat
Published
2008-08-28 22:31
Modified
2024-11-22 02:12
Summary
Red Hat Security Advisory: libtiff security update
Notes
Topic
Updated libtiff packages that fix a security issue are now available for
Red Hat Enterprise Linux 2.1 and 3.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0863",
"url": "https://access.redhat.com/errata/RHSA-2008:0863"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0863.json"
}
],
"title": "Red Hat Security Advisory: libtiff security update",
"tracking": {
"current_release_date": "2024-11-22T02:12:08+00:00",
"generator": {
"date": "2024-11-22T02:12:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2008:0863",
"initial_release_date": "2008-08-28T22:31:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:31:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:32:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T02:12:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Linux Advanced Workstation 2.1",
"product": {
"name": "Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.ia64",
"product": {
"name": "libtiff-0:3.5.7-31.el2.ia64",
"product_id": "libtiff-0:3.5.7-31.el2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product_id": "libtiff-devel-0:3.5.7-31.el2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product_id": "libtiff-devel-0:3.5.7-31.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.src",
"product": {
"name": "libtiff-0:3.5.7-31.el2.src",
"product_id": "libtiff-0:3.5.7-31.el2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=src"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.src",
"product": {
"name": "libtiff-0:3.5.7-31.el3.src",
"product_id": "libtiff-0:3.5.7-31.el3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el2.i386",
"product": {
"name": "libtiff-0:3.5.7-31.el2.i386",
"product_id": "libtiff-0:3.5.7-31.el2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el2.i386",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386",
"product_id": "libtiff-devel-0:3.5.7-31.el2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-0:3.5.7-31.el3.i386",
"product_id": "libtiff-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.i386",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386",
"product_id": "libtiff-devel-0:3.5.7-31.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product_id": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ppc64",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ppc64",
"product_id": "libtiff-0:3.5.7-31.el3.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product_id": "libtiff-devel-0:3.5.7-31.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product_id": "libtiff-devel-0:3.5.7-31.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-0:3.5.7-31.el3.s390",
"product_id": "libtiff-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.5.7-31.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product_id": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.5.7-31.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-devel-0:3.5.7-31.el3.s390",
"product": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390",
"product_id": "libtiff-devel-0:3.5.7-31.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.5.7-31.el3?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el2.src as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-0:3.5.7-31.el2.src"
},
"product_reference": "libtiff-0:3.5.7-31.el2.src",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-devel-0:3.5.7-31.el2.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el2.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.src"
},
"product_reference": "libtiff-0:3.5.7-31.el3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.i386"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.ia64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.ppc"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.s390"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.s390x"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.5.7-31.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
},
"product_reference": "libtiff-devel-0:3.5.7-31.el3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:libtiff-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-0:3.5.7-31.el2.ia64",
"2.1AS:libtiff-0:3.5.7-31.el2.src",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.src",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.src",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.src",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64",
"3AS:libtiff-0:3.5.7-31.el3.i386",
"3AS:libtiff-0:3.5.7-31.el3.ia64",
"3AS:libtiff-0:3.5.7-31.el3.ppc",
"3AS:libtiff-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-0:3.5.7-31.el3.s390",
"3AS:libtiff-0:3.5.7-31.el3.s390x",
"3AS:libtiff-0:3.5.7-31.el3.src",
"3AS:libtiff-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-devel-0:3.5.7-31.el3.i386",
"3AS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3AS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3AS:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-0:3.5.7-31.el3.src",
"3Desktop:libtiff-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-0:3.5.7-31.el3.i386",
"3ES:libtiff-0:3.5.7-31.el3.ia64",
"3ES:libtiff-0:3.5.7-31.el3.ppc",
"3ES:libtiff-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-0:3.5.7-31.el3.s390",
"3ES:libtiff-0:3.5.7-31.el3.s390x",
"3ES:libtiff-0:3.5.7-31.el3.src",
"3ES:libtiff-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-devel-0:3.5.7-31.el3.i386",
"3ES:libtiff-devel-0:3.5.7-31.el3.ia64",
"3ES:libtiff-devel-0:3.5.7-31.el3.ppc",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390x",
"3ES:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-0:3.5.7-31.el3.i386",
"3WS:libtiff-0:3.5.7-31.el3.ia64",
"3WS:libtiff-0:3.5.7-31.el3.ppc",
"3WS:libtiff-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-0:3.5.7-31.el3.s390",
"3WS:libtiff-0:3.5.7-31.el3.s390x",
"3WS:libtiff-0:3.5.7-31.el3.src",
"3WS:libtiff-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-devel-0:3.5.7-31.el3.i386",
"3WS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3WS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:31:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"2.1AS:libtiff-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-0:3.5.7-31.el2.ia64",
"2.1AS:libtiff-0:3.5.7-31.el2.src",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AS:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-0:3.5.7-31.el2.ia64",
"2.1AW:libtiff-0:3.5.7-31.el2.src",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1AW:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-0:3.5.7-31.el2.ia64",
"2.1ES:libtiff-0:3.5.7-31.el2.src",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1ES:libtiff-devel-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-0:3.5.7-31.el2.ia64",
"2.1WS:libtiff-0:3.5.7-31.el2.src",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.i386",
"2.1WS:libtiff-devel-0:3.5.7-31.el2.ia64",
"3AS:libtiff-0:3.5.7-31.el3.i386",
"3AS:libtiff-0:3.5.7-31.el3.ia64",
"3AS:libtiff-0:3.5.7-31.el3.ppc",
"3AS:libtiff-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-0:3.5.7-31.el3.s390",
"3AS:libtiff-0:3.5.7-31.el3.s390x",
"3AS:libtiff-0:3.5.7-31.el3.src",
"3AS:libtiff-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3AS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3AS:libtiff-devel-0:3.5.7-31.el3.i386",
"3AS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3AS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390",
"3AS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3AS:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-0:3.5.7-31.el3.src",
"3Desktop:libtiff-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.i386",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ia64",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.ppc",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.s390x",
"3Desktop:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-0:3.5.7-31.el3.i386",
"3ES:libtiff-0:3.5.7-31.el3.ia64",
"3ES:libtiff-0:3.5.7-31.el3.ppc",
"3ES:libtiff-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-0:3.5.7-31.el3.s390",
"3ES:libtiff-0:3.5.7-31.el3.s390x",
"3ES:libtiff-0:3.5.7-31.el3.src",
"3ES:libtiff-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3ES:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3ES:libtiff-devel-0:3.5.7-31.el3.i386",
"3ES:libtiff-devel-0:3.5.7-31.el3.ia64",
"3ES:libtiff-devel-0:3.5.7-31.el3.ppc",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390",
"3ES:libtiff-devel-0:3.5.7-31.el3.s390x",
"3ES:libtiff-devel-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-0:3.5.7-31.el3.i386",
"3WS:libtiff-0:3.5.7-31.el3.ia64",
"3WS:libtiff-0:3.5.7-31.el3.ppc",
"3WS:libtiff-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-0:3.5.7-31.el3.s390",
"3WS:libtiff-0:3.5.7-31.el3.s390x",
"3WS:libtiff-0:3.5.7-31.el3.src",
"3WS:libtiff-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.i386",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ia64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.ppc64",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.s390x",
"3WS:libtiff-debuginfo-0:3.5.7-31.el3.x86_64",
"3WS:libtiff-devel-0:3.5.7-31.el3.i386",
"3WS:libtiff-devel-0:3.5.7-31.el3.ia64",
"3WS:libtiff-devel-0:3.5.7-31.el3.ppc",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390",
"3WS:libtiff-devel-0:3.5.7-31.el3.s390x",
"3WS:libtiff-devel-0:3.5.7-31.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0863"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
rhsa-2008_0847
Vulnerability from csaf_redhat
Published
2008-08-28 22:12
Modified
2024-11-22 02:12
Summary
Red Hat Security Advisory: libtiff security and bug fix update
Notes
Topic
Updated libtiff packages that fix a security issue and a bug are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. (CVE-2008-2327)
Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting this issue.
Additionally, these updated packages fix the following bug:
* the libtiff packages included manual pages for the sgi2tiff and tiffsv
commands, which are not included in these packages. These extraneous manual
pages were removed.
All libtiff users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated libtiff packages that fix a security issue and a bug are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The libtiff packages contain a library of functions for manipulating Tagged\nImage File Format (TIFF) files.\n\nMultiple uses of uninitialized values were discovered in libtiff\u0027s\nLempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could\ncreate a carefully crafted LZW-encoded TIFF file that would cause an\napplication linked with libtiff to crash or, possibly, execute arbitrary\ncode. (CVE-2008-2327)\n\nRed Hat would like to thank Drew Yao of the Apple Product Security team for\nreporting this issue.\n\nAdditionally, these updated packages fix the following bug:\n\n* the libtiff packages included manual pages for the sgi2tiff and tiffsv\ncommands, which are not included in these packages. These extraneous manual\npages were removed.\n\nAll libtiff users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0847",
"url": "https://access.redhat.com/errata/RHSA-2008:0847"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "460120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460120"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0847.json"
}
],
"title": "Red Hat Security Advisory: libtiff security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T02:12:00+00:00",
"generator": {
"date": "2024-11-22T02:12:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2008:0847",
"initial_release_date": "2008-08-28T22:12:00+00:00",
"revision_history": [
{
"date": "2008-08-28T22:12:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-08-28T18:12:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T02:12:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.src",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-devel@3.8.2-7.el5_2.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff-debuginfo@3.8.2-7.el5_2.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product_id": "libtiff-0:3.8.2-7.el5_2.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libtiff@3.8.2-7.el5_2.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.src"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
},
"product_reference": "libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Drew Yao"
],
"organization": "Apple Product Security team"
}
],
"cve": "CVE-2008-2327",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "458674"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: use of uninitialized memory in LZW decoder",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-0:3.8.2-7.el5_2.2.src",
"5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "RHBZ#458674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-08-28T22:12:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client-Workstation:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client-Workstation:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-0:3.8.2-7.el5_2.2.src",
"5Client:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Client:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-0:3.8.2-7.el5_2.2.src",
"5Server:libtiff-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-debuginfo-0:3.8.2-7.el5_2.2.x86_64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.i386",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ia64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.ppc64",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.s390x",
"5Server:libtiff-devel-0:3.8.2-7.el5_2.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0847"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: use of uninitialized memory in LZW decoder"
}
]
}
CERTA-2008-AVI-463
Vulnerability from certfr_avis
None
Description
De multiples vulnérabilités ont été corrigées dans Mac OS X. Celles-ci permettent notamment à une personne malintentionnée d'exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mac OS X Server versions ant\u00e9rieures \u00e0 10.5.5.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Mac OS X versions ant\u00e9rieures \u00e0 10.5.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Mac OS X. Celles-ci\npermettent notamment \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3608"
},
{
"name": "CVE-2008-2376",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2376"
},
{
"name": "CVE-2008-2332",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2332"
},
{
"name": "CVE-2008-1483",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1483"
},
{
"name": "CVE-2008-1835",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1835"
},
{
"name": "CVE-2008-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3618"
},
{
"name": "CVE-2008-2331",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2331"
},
{
"name": "CVE-2008-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1382"
},
{
"name": "CVE-2008-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3617"
},
{
"name": "CVE-2008-1100",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1100"
},
{
"name": "CVE-2008-2329",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2329"
},
{
"name": "CVE-2008-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3610"
},
{
"name": "CVE-2008-3215",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3215"
},
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"name": "CVE-2008-2713",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2713"
},
{
"name": "CVE-2008-3622",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3622"
},
{
"name": "CVE-2008-1447",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1447"
},
{
"name": "CVE-2008-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2305"
},
{
"name": "CVE-2008-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3619"
},
{
"name": "CVE-2008-1387",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1387"
},
{
"name": "CVE-2008-2330",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2330"
},
{
"name": "CVE-2008-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2312"
},
{
"name": "CVE-2008-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3616"
},
{
"name": "CVE-2008-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1833"
},
{
"name": "CVE-2008-0314",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0314"
},
{
"name": "CVE-2008-1657",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1657"
},
{
"name": "CVE-2008-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1836"
},
{
"name": "CVE-2008-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3609"
},
{
"name": "CVE-2008-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3613"
},
{
"name": "CVE-2008-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3621"
},
{
"name": "CVE-2008-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1837"
},
{
"name": "CVE-2008-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3611"
},
{
"name": "CVE-2008-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3614"
}
],
"initial_release_date": "2008-09-16T00:00:00",
"last_revision_date": "2008-09-16T00:00:00",
"links": [],
"reference": "CERTA-2008-AVI-463",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-09-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": null,
"title": "Multiples vuln\u00e9rabilit\u00e9s dans MacOSX",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple 2008-006",
"url": "http://support.apple.com/kb/HT3137"
}
]
}
CERTA-2008-AVI-557
Vulnerability from certfr_avis
Plusieurs vulnérabilités affectent le navigateur Safari. Leur exploitation permet d'accéder à des données sensibles ou d'exécuter du code arbitraire à distance sur le système vulnérable.
Description
Plusieurs vulnérabilités affectent le traitement des images, en particulier au format PNG, TIFF ou JPEG. L'exploitation de chacune d'entre elles permet d'exécuter du code arbitraire à distance.
Une vulnérabilité dans le traitement des feuilles de style est utilisable de manière malveillante pour exécuter du code arbitraire à distance.
Une vulnérabilité dans le traitement des javascripts est utilisable de manière malveillante pour exécuter du code arbitraire à distance.
Une erreur dans Webkit et une erreur dans la gestion des formulaires permettent à un utilisateur malveillant d'accéder à des données sensibles.
Solution
La version 3.2 remédie à ces vulnérabilités.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Safari 3.x.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eSafari 3.x.\u003c/p\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s affectent le traitement des images, en\nparticulier au format PNG, TIFF ou JPEG. L\u0027exploitation de chacune\nd\u0027entre elles permet d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nUne vuln\u00e9rabilit\u00e9 dans le traitement des feuilles de style est\nutilisable de mani\u00e8re malveillante pour ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\nUne vuln\u00e9rabilit\u00e9 dans le traitement des javascripts est utilisable de\nmani\u00e8re malveillante pour ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nUne erreur dans Webkit et une erreur dans la gestion des formulaires\npermettent \u00e0 un utilisateur malveillant d\u0027acc\u00e9der \u00e0 des donn\u00e9es\nsensibles.\n\n## Solution\n\nLa version 3.2 rem\u00e9die \u00e0 ces vuln\u00e9rabilit\u00e9s.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3608"
},
{
"name": "CVE-2008-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3642"
},
{
"name": "CVE-2008-2303",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2303"
},
{
"name": "CVE-2008-2332",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2332"
},
{
"name": "CVE-2008-4216",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4216"
},
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"name": "CVE-2008-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3623"
},
{
"name": "CVE-2005-2096",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2096"
},
{
"name": "CVE-2008-2317",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2317"
},
{
"name": "CVE-2008-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1767"
},
{
"name": "CVE-2008-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3644"
}
],
"initial_release_date": "2008-11-14T00:00:00",
"last_revision_date": "2008-11-14T00:00:00",
"links": [],
"reference": "CERTA-2008-AVI-557",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent le navigateur Safari. Leur\nexploitation permet d\u0027acc\u00e9der \u00e0 des donn\u00e9es sensibles ou d\u0027ex\u00e9cuter du\ncode arbitraire \u00e0 distance sur le syst\u00e8me vuln\u00e9rable.\n",
"title": "Vuln\u00e9rabilit\u00e9s de Safari",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT3298 du 13 novembre 2008",
"url": "http://support.apple.com/kb/HT3298"
}
]
}
CERTFR-2020-AVI-420
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Junos Space et Junos Space Security Director versions antérieures à 20.1R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos Space et Junos Space Security Director versions ant\u00e9rieures \u00e0 20.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
},
{
"name": "CVE-2016-2324",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2324"
},
{
"name": "CVE-2013-1960",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1960"
},
{
"name": "CVE-2012-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4447"
},
{
"name": "CVE-2016-3991",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3991"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2014-7826",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7826"
},
{
"name": "CVE-2020-1648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1648"
},
{
"name": "CVE-2016-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3621"
},
{
"name": "CVE-2011-0192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
},
{
"name": "CVE-2016-1000341",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
},
{
"name": "CVE-2016-6662",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6662"
},
{
"name": "CVE-2019-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
},
{
"name": "CVE-2019-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
},
{
"name": "CVE-2009-2347",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2347"
},
{
"name": "CVE-2014-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3634"
},
{
"name": "CVE-2016-1000343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
},
{
"name": "CVE-2015-1782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1782"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2019-11132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
},
{
"name": "CVE-2014-7825",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7825"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2020-1646",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1646"
},
{
"name": "CVE-2019-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
},
{
"name": "CVE-2017-7895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
},
{
"name": "CVE-2012-1173",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1173"
},
{
"name": "CVE-2012-2088",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
},
{
"name": "CVE-2014-9938",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9938"
},
{
"name": "CVE-2015-1158",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
},
{
"name": "CVE-2020-1651",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1651"
},
{
"name": "CVE-2010-2067",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2067"
},
{
"name": "CVE-2019-11106",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
},
{
"name": "CVE-2016-1000346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
},
{
"name": "CVE-2016-3945",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3945"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2020-1645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1645"
},
{
"name": "CVE-2016-1000345",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
},
{
"name": "CVE-2020-1640",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1640"
},
{
"name": "CVE-2013-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4244"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2020-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1643"
},
{
"name": "CVE-2018-16881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16881"
},
{
"name": "CVE-2015-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7940"
},
{
"name": "CVE-2017-1000117",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000117"
},
{
"name": "CVE-2012-5581",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5581"
},
{
"name": "CVE-2016-1000338",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
},
{
"name": "CVE-2014-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
},
{
"name": "CVE-2018-1000613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000613"
},
{
"name": "CVE-2017-12588",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12588"
},
{
"name": "CVE-2016-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0787"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"name": "CVE-2016-3990",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3990"
},
{
"name": "CVE-2019-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
},
{
"name": "CVE-2018-1000021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000021"
},
{
"name": "CVE-2019-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
},
{
"name": "CVE-2014-9679",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9679"
},
{
"name": "CVE-2020-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1647"
},
{
"name": "CVE-2019-11107",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
},
{
"name": "CVE-2020-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1652"
},
{
"name": "CVE-2017-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
},
{
"name": "CVE-2009-5022",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5022"
},
{
"name": "CVE-2016-1835",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1835"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2020-1650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1650"
},
{
"name": "CVE-2016-1000342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2019-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2016-1000339",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
},
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"name": "CVE-2017-9935",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9935"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2018-5382",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5382"
},
{
"name": "CVE-2014-9584",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
},
{
"name": "CVE-2019-11102",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
},
{
"name": "CVE-2019-11105",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
},
{
"name": "CVE-2016-5616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5616"
},
{
"name": "CVE-2015-1421",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
},
{
"name": "CVE-2014-9529",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
},
{
"name": "CVE-2020-1654",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1654"
},
{
"name": "CVE-2013-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1961"
},
{
"name": "CVE-2015-7082",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7082"
},
{
"name": "CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"name": "CVE-2014-8171",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8171"
},
{
"name": "CVE-2006-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2656"
},
{
"name": "CVE-2019-11101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2018-11233",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11233"
},
{
"name": "CVE-2013-4232",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4232"
},
{
"name": "CVE-2013-4243",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4243"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2011-3200",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3200"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2017-15298",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15298"
},
{
"name": "CVE-2014-8884",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
},
{
"name": "CVE-2015-1159",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2019-11131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
},
{
"name": "CVE-2020-1641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1641"
},
{
"name": "CVE-2019-11090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
},
{
"name": "CVE-2013-4758",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4758"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2019-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
},
{
"name": "CVE-2019-11109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
},
{
"name": "CVE-2016-5314",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5314"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-1000352",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
},
{
"name": "CVE-2010-2065",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2065"
},
{
"name": "CVE-2019-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
},
{
"name": "CVE-2010-1411",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1411"
},
{
"name": "CVE-2016-3632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3632"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2015-7547",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7547"
},
{
"name": "CVE-2020-1649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1649"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2012-4564",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4564"
},
{
"name": "CVE-2012-2113",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2113"
},
{
"name": "CVE-2019-11104",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
},
{
"name": "CVE-2019-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
},
{
"name": "CVE-2016-1000344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
},
{
"name": "CVE-2019-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
},
{
"name": "CVE-2014-3215",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3215"
},
{
"name": "CVE-2018-11235",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11235"
},
{
"name": "CVE-2016-6663",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6663"
},
{
"name": "CVE-2018-19486",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19486"
},
{
"name": "CVE-2015-7545",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7545"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2019-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
},
{
"name": "CVE-2018-5360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5360"
},
{
"name": "CVE-2018-1000180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
},
{
"name": "CVE-2019-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
},
{
"name": "CVE-2020-1644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1644"
},
{
"name": "CVE-2019-11147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
},
{
"name": "CVE-2012-3401",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3401"
},
{
"name": "CVE-2019-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0211"
},
{
"name": "CVE-2014-3683",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3683"
}
],
"initial_release_date": "2020-07-09T00:00:00",
"last_revision_date": "2020-07-09T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-420",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11038 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11038\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11024 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11024\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11026 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11026\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11027 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11027\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11035 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11035\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11023 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11025 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11025\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11034 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11034\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11033 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11033\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11032 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11032\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11036 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11036\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11031 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11031\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11030 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11030\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11037 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11037\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11028 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11028\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTA-2008-AVI-447
Vulnerability from certfr_avis
Une vulnerabilité dans libtiff permet à une personne malintentionnée d'exécuter du code arbitraire à distance.
Description
Une vulnérabilité de type débordement de mémoire dans libtiff permet à une personne malintionnée distante d'effectuer un déni de service voire d'exécuter du code arbitraire via un fichier tiff spécialement conçu.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
libtiff 3.8.2 et versions antérieures.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003elibtiff 3.8.2 et versions ant\u00e9rieures.\u003c/P\u003e",
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire dans libtiff permet \u00e0\nune personne malintionn\u00e9e distante d\u0027effectuer un d\u00e9ni de service voire\nd\u0027ex\u00e9cuter du code arbitraire via un fichier tiff sp\u00e9cialement con\u00e7u.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
}
],
"initial_release_date": "2008-09-05T00:00:00",
"last_revision_date": "2008-09-05T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0847 du 28 ao\u00fbt 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0847.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1632 du 26 ao\u00fbt 2008 :",
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-639-1 du 02 septembre 2008 :",
"url": "http://www.ubuntulinux.org/usn/usn-639-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0863 du 28 ao\u00fbt 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0863.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0848 du 28 ao\u00fbt 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0848.html"
}
],
"reference": "CERTA-2008-AVI-447",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vulnerabilit\u00e9 dans libtiff permet \u00e0 une personne malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans libtiff",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1632 du 26 ao\u00fbt 2008",
"url": null
}
]
}
gsd-2008-2327
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2008-2327",
"description": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"id": "GSD-2008-2327",
"references": [
"https://www.suse.com/security/cve/CVE-2008-2327.html",
"https://www.debian.org/security/2008/dsa-1632",
"https://access.redhat.com/errata/RHSA-2008:0863",
"https://access.redhat.com/errata/RHSA-2008:0848",
"https://access.redhat.com/errata/RHSA-2008:0847",
"https://linux.oracle.com/cve/CVE-2008-2327.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2008-2327"
],
"details": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"id": "GSD-2008-2327",
"modified": "2023-12-13T01:23:01.123212Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "265030",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"name": "31670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31670"
},
{
"name": "MDVSA-2008:184",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"name": "APPLE-SA-2008-11-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"name": "20080905 rPSA-2008-0268-1 libtiff",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
},
{
"name": "31838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31838"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=234080",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"name": "APPLE-SA-2008-09-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "31982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31698"
},
{
"name": "FEDORA-2008-7388",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
},
{
"name": "ADV-2008-2971",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "TA08-260A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"name": "ADV-2008-2776",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html",
"refsource": "MISC",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "RHSA-2008:0863",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"name": "APPLE-SA-2008-11-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"name": "31623",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31623"
},
{
"name": "ADV-2008-2584",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"name": "http://security-tracker.debian.net/tracker/CVE-2008-2327",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"name": "1020750",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020750"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-3107",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"name": "31610",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31610"
},
{
"name": "30832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30832"
},
{
"name": "http://security-tracker.debian.net/tracker/DTSA-160-1",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"name": "oval:org.mitre.oval:def:11489",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"name": "SUSE-SR:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "ADV-2008-3232",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"name": "31882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31882"
},
{
"name": "RHSA-2008:0848",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"name": "31668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31668"
},
{
"name": "ADV-2009-2143",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2143"
},
{
"name": "32706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32706"
},
{
"name": "oval:org.mitre.oval:def:5514",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"name": "DSA-1632",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"name": "http://support.apple.com/kb/HT3318",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3318"
},
{
"name": "http://security-tracker.debian.net/tracker/DSA-1632-1",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"name": "http://support.apple.com/kb/HT3298",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3298"
},
{
"name": "USN-639-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"name": "RHSA-2008:0847",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"name": "http://support.apple.com/kb/HT3276",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3276"
},
{
"name": "ADV-2008-2438",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=458674",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"name": "32756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32756"
},
{
"name": "GLSA-200809-07",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"name": "FEDORA-2008-7370",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.8.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2327"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security-tracker.debian.net/tracker/CVE-2008-2327",
"refsource": "CONFIRM",
"tags": [],
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"name": "http://security-tracker.debian.net/tracker/DSA-1632-1",
"refsource": "CONFIRM",
"tags": [],
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"name": "http://security-tracker.debian.net/tracker/DTSA-160-1",
"refsource": "CONFIRM",
"tags": [],
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"name": "DSA-1632",
"refsource": "DEBIAN",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"name": "30832",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/30832"
},
{
"name": "31610",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31610"
},
{
"name": "RHSA-2008:0863",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"name": "MDVSA-2008:184",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=234080",
"refsource": "CONFIRM",
"tags": [],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"name": "31623",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31623"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=458674",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"name": "31668",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31668"
},
{
"name": "RHSA-2008:0847",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"name": "31670",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31670"
},
{
"name": "RHSA-2008:0848",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"name": "31698",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31698"
},
{
"name": "APPLE-SA-2008-09-15",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"name": "USN-639-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"name": "31882",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31882"
},
{
"name": "SUSE-SR:2008:018",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "FEDORA-2008-7388",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
},
{
"name": "31838",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31838"
},
{
"name": "FEDORA-2008-7370",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
},
{
"name": "GLSA-200809-07",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html",
"refsource": "MISC",
"tags": [],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "1020750",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1020750"
},
{
"name": "TA08-260A",
"refsource": "CERT",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"name": "APPLE-SA-2008-11-13",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT3298",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT3298"
},
{
"name": "http://support.apple.com/kb/HT3318",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT3318"
},
{
"name": "APPLE-SA-2008-11-20",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"name": "32756",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32756"
},
{
"name": "http://support.apple.com/kb/HT3276",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT3276"
},
{
"name": "31982",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "ADV-2009-2143",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2143"
},
{
"name": "265030",
"refsource": "SUNALERT",
"tags": [],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"name": "ADV-2008-2971",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "ADV-2008-3107",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"name": "ADV-2008-2438",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"name": "ADV-2008-2584",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"name": "ADV-2008-3232",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"name": "ADV-2008-2776",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"name": "32706",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/32706"
},
{
"name": "oval:org.mitre.oval:def:5514",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"name": "oval:org.mitre.oval:def:11489",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "20080905 rPSA-2008-0268-1 libtiff",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2018-10-11T20:40Z",
"publishedDate": "2008-08-27T20:41Z"
}
}
}
opensuse-su-2024:11461-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libtiff-devel-32bit-4.3.0-1.3 on GA media
Notes
Title of the patch
libtiff-devel-32bit-4.3.0-1.3 on GA media
Description of the patch
These are all security issues fixed in the libtiff-devel-32bit-4.3.0-1.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11461
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libtiff-devel-32bit-4.3.0-1.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libtiff-devel-32bit-4.3.0-1.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11461",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11461-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2006-0405 page",
"url": "https://www.suse.com/security/cve/CVE-2006-0405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2006-2656 page",
"url": "https://www.suse.com/security/cve/CVE-2006-2656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1586 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-2327 page",
"url": "https://www.suse.com/security/cve/CVE-2008-2327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10095 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10266 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10267 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10268 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10268/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10269 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10270 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10271 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10272 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10371 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5318 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5318/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9538 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11613 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16232 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18013 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5225 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5225/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7592 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7593 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7594 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7595 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7596 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7598 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7599 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7601 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7602 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9403 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9404 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9935 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9936 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10779 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10963 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12900 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16335 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16335/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17000 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17100 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17101 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17795 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18557 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18661 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19210 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5784 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7456 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8905 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6128 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7663 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7663/"
}
],
"title": "libtiff-devel-32bit-4.3.0-1.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11461-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-4.3.0-1.3.aarch64",
"product": {
"name": "libtiff-devel-4.3.0-1.3.aarch64",
"product_id": "libtiff-devel-4.3.0-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-4.3.0-1.3.aarch64",
"product": {
"name": "libtiff-devel-32bit-4.3.0-1.3.aarch64",
"product_id": "libtiff-devel-32bit-4.3.0-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "libtiff5-4.3.0-1.3.aarch64",
"product": {
"name": "libtiff5-4.3.0-1.3.aarch64",
"product_id": "libtiff5-4.3.0-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "libtiff5-32bit-4.3.0-1.3.aarch64",
"product": {
"name": "libtiff5-32bit-4.3.0-1.3.aarch64",
"product_id": "libtiff5-32bit-4.3.0-1.3.aarch64"
}
},
{
"category": "product_version",
"name": "tiff-4.3.0-1.3.aarch64",
"product": {
"name": "tiff-4.3.0-1.3.aarch64",
"product_id": "tiff-4.3.0-1.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-4.3.0-1.3.ppc64le",
"product": {
"name": "libtiff-devel-4.3.0-1.3.ppc64le",
"product_id": "libtiff-devel-4.3.0-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"product": {
"name": "libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"product_id": "libtiff-devel-32bit-4.3.0-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libtiff5-4.3.0-1.3.ppc64le",
"product": {
"name": "libtiff5-4.3.0-1.3.ppc64le",
"product_id": "libtiff5-4.3.0-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libtiff5-32bit-4.3.0-1.3.ppc64le",
"product": {
"name": "libtiff5-32bit-4.3.0-1.3.ppc64le",
"product_id": "libtiff5-32bit-4.3.0-1.3.ppc64le"
}
},
{
"category": "product_version",
"name": "tiff-4.3.0-1.3.ppc64le",
"product": {
"name": "tiff-4.3.0-1.3.ppc64le",
"product_id": "tiff-4.3.0-1.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-4.3.0-1.3.s390x",
"product": {
"name": "libtiff-devel-4.3.0-1.3.s390x",
"product_id": "libtiff-devel-4.3.0-1.3.s390x"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-4.3.0-1.3.s390x",
"product": {
"name": "libtiff-devel-32bit-4.3.0-1.3.s390x",
"product_id": "libtiff-devel-32bit-4.3.0-1.3.s390x"
}
},
{
"category": "product_version",
"name": "libtiff5-4.3.0-1.3.s390x",
"product": {
"name": "libtiff5-4.3.0-1.3.s390x",
"product_id": "libtiff5-4.3.0-1.3.s390x"
}
},
{
"category": "product_version",
"name": "libtiff5-32bit-4.3.0-1.3.s390x",
"product": {
"name": "libtiff5-32bit-4.3.0-1.3.s390x",
"product_id": "libtiff5-32bit-4.3.0-1.3.s390x"
}
},
{
"category": "product_version",
"name": "tiff-4.3.0-1.3.s390x",
"product": {
"name": "tiff-4.3.0-1.3.s390x",
"product_id": "tiff-4.3.0-1.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-4.3.0-1.3.x86_64",
"product": {
"name": "libtiff-devel-4.3.0-1.3.x86_64",
"product_id": "libtiff-devel-4.3.0-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-4.3.0-1.3.x86_64",
"product": {
"name": "libtiff-devel-32bit-4.3.0-1.3.x86_64",
"product_id": "libtiff-devel-32bit-4.3.0-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff5-4.3.0-1.3.x86_64",
"product": {
"name": "libtiff5-4.3.0-1.3.x86_64",
"product_id": "libtiff5-4.3.0-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff5-32bit-4.3.0-1.3.x86_64",
"product": {
"name": "libtiff5-32bit-4.3.0-1.3.x86_64",
"product_id": "libtiff5-32bit-4.3.0-1.3.x86_64"
}
},
{
"category": "product_version",
"name": "tiff-4.3.0-1.3.x86_64",
"product": {
"name": "tiff-4.3.0-1.3.x86_64",
"product_id": "tiff-4.3.0-1.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.3.0-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64"
},
"product_reference": "libtiff-devel-4.3.0-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.3.0-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le"
},
"product_reference": "libtiff-devel-4.3.0-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.3.0-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x"
},
"product_reference": "libtiff-devel-4.3.0-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.3.0-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64"
},
"product_reference": "libtiff-devel-4.3.0-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-4.3.0-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64"
},
"product_reference": "libtiff-devel-32bit-4.3.0-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-4.3.0-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le"
},
"product_reference": "libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-4.3.0-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x"
},
"product_reference": "libtiff-devel-32bit-4.3.0-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-4.3.0-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64"
},
"product_reference": "libtiff-devel-32bit-4.3.0-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.3.0-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64"
},
"product_reference": "libtiff5-4.3.0-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.3.0-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le"
},
"product_reference": "libtiff5-4.3.0-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.3.0-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x"
},
"product_reference": "libtiff5-4.3.0-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.3.0-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64"
},
"product_reference": "libtiff5-4.3.0-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.3.0-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64"
},
"product_reference": "libtiff5-32bit-4.3.0-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.3.0-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le"
},
"product_reference": "libtiff5-32bit-4.3.0-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.3.0-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x"
},
"product_reference": "libtiff5-32bit-4.3.0-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.3.0-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64"
},
"product_reference": "libtiff5-32bit-4.3.0-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.3.0-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64"
},
"product_reference": "tiff-4.3.0-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.3.0-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le"
},
"product_reference": "tiff-4.3.0-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.3.0-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x"
},
"product_reference": "tiff-4.3.0-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.3.0-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
},
"product_reference": "tiff-4.3.0-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-0405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2006-0405"
}
],
"notes": [
{
"category": "general",
"text": "The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2006-0405",
"url": "https://www.suse.com/security/cve/CVE-2006-0405"
},
{
"category": "external",
"summary": "SUSE Bug 145757 for CVE-2006-0405",
"url": "https://bugzilla.suse.com/145757"
},
{
"category": "external",
"summary": "SUSE Bug 165237 for CVE-2006-0405",
"url": "https://bugzilla.suse.com/165237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2006-0405"
},
{
"cve": "CVE-2006-2656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2006-2656"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2006-2656",
"url": "https://www.suse.com/security/cve/CVE-2006-2656"
},
{
"category": "external",
"summary": "SUSE Bug 179051 for CVE-2006-2656",
"url": "https://bugzilla.suse.com/179051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2006-2656"
},
{
"cve": "CVE-2008-1586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1586"
}
],
"notes": [
{
"category": "general",
"text": "ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1586",
"url": "https://www.suse.com/security/cve/CVE-2008-1586"
},
{
"category": "external",
"summary": "SUSE Bug 444079 for CVE-2008-1586",
"url": "https://bugzilla.suse.com/444079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2008-1586"
},
{
"cve": "CVE-2008-2327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-2327"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-2327",
"url": "https://www.suse.com/security/cve/CVE-2008-2327"
},
{
"category": "external",
"summary": "SUSE Bug 414946 for CVE-2008-2327",
"url": "https://bugzilla.suse.com/414946"
},
{
"category": "external",
"summary": "SUSE Bug 518698 for CVE-2008-2327",
"url": "https://bugzilla.suse.com/518698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2008-2327"
},
{
"cve": "CVE-2016-10095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10095"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10095",
"url": "https://www.suse.com/security/cve/CVE-2016-10095"
},
{
"category": "external",
"summary": "SUSE Bug 1017690 for CVE-2016-10095",
"url": "https://bugzilla.suse.com/1017690"
},
{
"category": "external",
"summary": "SUSE Bug 960341 for CVE-2016-10095",
"url": "https://bugzilla.suse.com/960341"
},
{
"category": "external",
"summary": "SUSE Bug 983436 for CVE-2016-10095",
"url": "https://bugzilla.suse.com/983436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10095"
},
{
"cve": "CVE-2016-10266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10266"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10266",
"url": "https://www.suse.com/security/cve/CVE-2016-10266"
},
{
"category": "external",
"summary": "SUSE Bug 1017694 for CVE-2016-10266",
"url": "https://bugzilla.suse.com/1017694"
},
{
"category": "external",
"summary": "SUSE Bug 1031263 for CVE-2016-10266",
"url": "https://bugzilla.suse.com/1031263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10266"
},
{
"cve": "CVE-2016-10267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10267"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10267",
"url": "https://www.suse.com/security/cve/CVE-2016-10267"
},
{
"category": "external",
"summary": "SUSE Bug 1017694 for CVE-2016-10267",
"url": "https://bugzilla.suse.com/1017694"
},
{
"category": "external",
"summary": "SUSE Bug 1031262 for CVE-2016-10267",
"url": "https://bugzilla.suse.com/1031262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10267"
},
{
"cve": "CVE-2016-10268",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10268"
}
],
"notes": [
{
"category": "general",
"text": "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10268",
"url": "https://www.suse.com/security/cve/CVE-2016-10268"
},
{
"category": "external",
"summary": "SUSE Bug 1017693 for CVE-2016-10268",
"url": "https://bugzilla.suse.com/1017693"
},
{
"category": "external",
"summary": "SUSE Bug 1031255 for CVE-2016-10268",
"url": "https://bugzilla.suse.com/1031255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10268"
},
{
"cve": "CVE-2016-10269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10269"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 512\" and libtiff/tif_unix.c:340:2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10269",
"url": "https://www.suse.com/security/cve/CVE-2016-10269"
},
{
"category": "external",
"summary": "SUSE Bug 1017693 for CVE-2016-10269",
"url": "https://bugzilla.suse.com/1017693"
},
{
"category": "external",
"summary": "SUSE Bug 1031254 for CVE-2016-10269",
"url": "https://bugzilla.suse.com/1031254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10269"
},
{
"cve": "CVE-2016-10270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10270"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 8\" and libtiff/tif_read.c:523:22.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10270",
"url": "https://www.suse.com/security/cve/CVE-2016-10270"
},
{
"category": "external",
"summary": "SUSE Bug 1031250 for CVE-2016-10270",
"url": "https://bugzilla.suse.com/1031250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10270"
},
{
"cve": "CVE-2016-10271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10271"
}
],
"notes": [
{
"category": "general",
"text": "tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 1\" and libtiff/tif_fax3.c:413:13.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10271",
"url": "https://www.suse.com/security/cve/CVE-2016-10271"
},
{
"category": "external",
"summary": "SUSE Bug 1031249 for CVE-2016-10271",
"url": "https://bugzilla.suse.com/1031249"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10271"
},
{
"cve": "CVE-2016-10272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10272"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to \"WRITE of size 2048\" and libtiff/tif_next.c:64:9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10272",
"url": "https://www.suse.com/security/cve/CVE-2016-10272"
},
{
"category": "external",
"summary": "SUSE Bug 1031247 for CVE-2016-10272",
"url": "https://bugzilla.suse.com/1031247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-10272"
},
{
"cve": "CVE-2016-10371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10371"
}
],
"notes": [
{
"category": "general",
"text": "The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10371",
"url": "https://www.suse.com/security/cve/CVE-2016-10371"
},
{
"category": "external",
"summary": "SUSE Bug 1038438 for CVE-2016-10371",
"url": "https://bugzilla.suse.com/1038438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-10371"
},
{
"cve": "CVE-2016-5318",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5318"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5318",
"url": "https://www.suse.com/security/cve/CVE-2016-5318"
},
{
"category": "external",
"summary": "SUSE Bug 1007276 for CVE-2016-5318",
"url": "https://bugzilla.suse.com/1007276"
},
{
"category": "external",
"summary": "SUSE Bug 1017690 for CVE-2016-5318",
"url": "https://bugzilla.suse.com/1017690"
},
{
"category": "external",
"summary": "SUSE Bug 1040322 for CVE-2016-5318",
"url": "https://bugzilla.suse.com/1040322"
},
{
"category": "external",
"summary": "SUSE Bug 960341 for CVE-2016-5318",
"url": "https://bugzilla.suse.com/960341"
},
{
"category": "external",
"summary": "SUSE Bug 974621 for CVE-2016-5318",
"url": "https://bugzilla.suse.com/974621"
},
{
"category": "external",
"summary": "SUSE Bug 983436 for CVE-2016-5318",
"url": "https://bugzilla.suse.com/983436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5318"
},
{
"cve": "CVE-2016-9538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9538"
}
],
"notes": [
{
"category": "general",
"text": "tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9538",
"url": "https://www.suse.com/security/cve/CVE-2016-9538"
},
{
"category": "external",
"summary": "SUSE Bug 1004519 for CVE-2016-9538",
"url": "https://bugzilla.suse.com/1004519"
},
{
"category": "external",
"summary": "SUSE Bug 1011841 for CVE-2016-9538",
"url": "https://bugzilla.suse.com/1011841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9538"
},
{
"cve": "CVE-2017-11613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11613"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11613",
"url": "https://www.suse.com/security/cve/CVE-2017-11613"
},
{
"category": "external",
"summary": "SUSE Bug 1082332 for CVE-2017-11613",
"url": "https://bugzilla.suse.com/1082332"
},
{
"category": "external",
"summary": "SUSE Bug 1106853 for CVE-2017-11613",
"url": "https://bugzilla.suse.com/1106853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-11613"
},
{
"cve": "CVE-2017-16232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16232"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16232",
"url": "https://www.suse.com/security/cve/CVE-2017-16232"
},
{
"category": "external",
"summary": "SUSE Bug 1069213 for CVE-2017-16232",
"url": "https://bugzilla.suse.com/1069213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-16232"
},
{
"cve": "CVE-2017-18013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18013"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18013",
"url": "https://www.suse.com/security/cve/CVE-2017-18013"
},
{
"category": "external",
"summary": "SUSE Bug 1074317 for CVE-2017-18013",
"url": "https://bugzilla.suse.com/1074317"
},
{
"category": "external",
"summary": "SUSE Bug 1082825 for CVE-2017-18013",
"url": "https://bugzilla.suse.com/1082825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-18013"
},
{
"cve": "CVE-2017-5225",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5225"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5225",
"url": "https://www.suse.com/security/cve/CVE-2017-5225"
},
{
"category": "external",
"summary": "SUSE Bug 1019611 for CVE-2017-5225",
"url": "https://bugzilla.suse.com/1019611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5225"
},
{
"cve": "CVE-2017-7592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7592"
}
],
"notes": [
{
"category": "general",
"text": "The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7592",
"url": "https://www.suse.com/security/cve/CVE-2017-7592"
},
{
"category": "external",
"summary": "SUSE Bug 1033131 for CVE-2017-7592",
"url": "https://bugzilla.suse.com/1033131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-7592"
},
{
"cve": "CVE-2017-7593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7593"
}
],
"notes": [
{
"category": "general",
"text": "tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7593",
"url": "https://www.suse.com/security/cve/CVE-2017-7593"
},
{
"category": "external",
"summary": "SUSE Bug 1033129 for CVE-2017-7593",
"url": "https://bugzilla.suse.com/1033129"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-7593"
},
{
"cve": "CVE-2017-7594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7594"
}
],
"notes": [
{
"category": "general",
"text": "The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7594",
"url": "https://www.suse.com/security/cve/CVE-2017-7594"
},
{
"category": "external",
"summary": "SUSE Bug 1033128 for CVE-2017-7594",
"url": "https://bugzilla.suse.com/1033128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-7594"
},
{
"cve": "CVE-2017-7595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7595"
}
],
"notes": [
{
"category": "general",
"text": "The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7595",
"url": "https://www.suse.com/security/cve/CVE-2017-7595"
},
{
"category": "external",
"summary": "SUSE Bug 1033111 for CVE-2017-7595",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "external",
"summary": "SUSE Bug 1033127 for CVE-2017-7595",
"url": "https://bugzilla.suse.com/1033127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-7595"
},
{
"cve": "CVE-2017-7596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7596"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type float\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7596",
"url": "https://www.suse.com/security/cve/CVE-2017-7596"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-7596"
},
{
"cve": "CVE-2017-7598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7598"
}
],
"notes": [
{
"category": "general",
"text": "tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7598",
"url": "https://www.suse.com/security/cve/CVE-2017-7598"
},
{
"category": "external",
"summary": "SUSE Bug 1033118 for CVE-2017-7598",
"url": "https://bugzilla.suse.com/1033118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-7598"
},
{
"cve": "CVE-2017-7599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7599"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type short\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7599",
"url": "https://www.suse.com/security/cve/CVE-2017-7599"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-7599"
},
{
"cve": "CVE-2017-7601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7601"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has a \"shift exponent too large for 64-bit type long\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7601",
"url": "https://www.suse.com/security/cve/CVE-2017-7601"
},
{
"category": "external",
"summary": "SUSE Bug 1033111 for CVE-2017-7601",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "external",
"summary": "SUSE Bug 1033127 for CVE-2017-7601",
"url": "https://bugzilla.suse.com/1033127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7601"
},
{
"cve": "CVE-2017-7602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7602"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7602",
"url": "https://www.suse.com/security/cve/CVE-2017-7602"
},
{
"category": "external",
"summary": "SUSE Bug 1033109 for CVE-2017-7602",
"url": "https://bugzilla.suse.com/1033109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-7602"
},
{
"cve": "CVE-2017-9403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9403"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9403",
"url": "https://www.suse.com/security/cve/CVE-2017-9403"
},
{
"category": "external",
"summary": "SUSE Bug 1042805 for CVE-2017-9403",
"url": "https://bugzilla.suse.com/1042805"
},
{
"category": "external",
"summary": "SUSE Bug 1045688 for CVE-2017-9403",
"url": "https://bugzilla.suse.com/1045688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-9403"
},
{
"cve": "CVE-2017-9404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9404"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9404",
"url": "https://www.suse.com/security/cve/CVE-2017-9404"
},
{
"category": "external",
"summary": "SUSE Bug 1042804 for CVE-2017-9404",
"url": "https://bugzilla.suse.com/1042804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-9404"
},
{
"cve": "CVE-2017-9935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9935"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9935",
"url": "https://www.suse.com/security/cve/CVE-2017-9935"
},
{
"category": "external",
"summary": "SUSE Bug 1046077 for CVE-2017-9935",
"url": "https://bugzilla.suse.com/1046077"
},
{
"category": "external",
"summary": "SUSE Bug 1074318 for CVE-2017-9935",
"url": "https://bugzilla.suse.com/1074318"
},
{
"category": "external",
"summary": "SUSE Bug 1108606 for CVE-2017-9935",
"url": "https://bugzilla.suse.com/1108606"
},
{
"category": "external",
"summary": "SUSE Bug 1110358 for CVE-2017-9935",
"url": "https://bugzilla.suse.com/1110358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-9935"
},
{
"cve": "CVE-2017-9936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9936"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9936",
"url": "https://www.suse.com/security/cve/CVE-2017-9936"
},
{
"category": "external",
"summary": "SUSE Bug 1046073 for CVE-2017-9936",
"url": "https://bugzilla.suse.com/1046073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-9936"
},
{
"cve": "CVE-2018-10779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10779"
}
],
"notes": [
{
"category": "general",
"text": "TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10779",
"url": "https://www.suse.com/security/cve/CVE-2018-10779"
},
{
"category": "external",
"summary": "SUSE Bug 1092480 for CVE-2018-10779",
"url": "https://bugzilla.suse.com/1092480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-10779"
},
{
"cve": "CVE-2018-10963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10963"
}
],
"notes": [
{
"category": "general",
"text": "The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10963",
"url": "https://www.suse.com/security/cve/CVE-2018-10963"
},
{
"category": "external",
"summary": "SUSE Bug 1092949 for CVE-2018-10963",
"url": "https://bugzilla.suse.com/1092949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-10963"
},
{
"cve": "CVE-2018-12900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12900"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12900",
"url": "https://www.suse.com/security/cve/CVE-2018-12900"
},
{
"category": "external",
"summary": "SUSE Bug 1099257 for CVE-2018-12900",
"url": "https://bugzilla.suse.com/1099257"
},
{
"category": "external",
"summary": "SUSE Bug 1125113 for CVE-2018-12900",
"url": "https://bugzilla.suse.com/1125113"
},
{
"category": "external",
"summary": "SUSE Bug 1150480 for CVE-2018-12900",
"url": "https://bugzilla.suse.com/1150480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-12900"
},
{
"cve": "CVE-2018-16335",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16335"
}
],
"notes": [
{
"category": "general",
"text": "newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16335",
"url": "https://www.suse.com/security/cve/CVE-2018-16335"
},
{
"category": "external",
"summary": "SUSE Bug 1106853 for CVE-2018-16335",
"url": "https://bugzilla.suse.com/1106853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16335"
},
{
"cve": "CVE-2018-17000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17000"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17000",
"url": "https://www.suse.com/security/cve/CVE-2018-17000"
},
{
"category": "external",
"summary": "SUSE Bug 1108606 for CVE-2018-17000",
"url": "https://bugzilla.suse.com/1108606"
},
{
"category": "external",
"summary": "SUSE Bug 1115717 for CVE-2018-17000",
"url": "https://bugzilla.suse.com/1115717"
},
{
"category": "external",
"summary": "SUSE Bug 1125113 for CVE-2018-17000",
"url": "https://bugzilla.suse.com/1125113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-17000"
},
{
"cve": "CVE-2018-17100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17100"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17100",
"url": "https://www.suse.com/security/cve/CVE-2018-17100"
},
{
"category": "external",
"summary": "SUSE Bug 1108637 for CVE-2018-17100",
"url": "https://bugzilla.suse.com/1108637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-17100"
},
{
"cve": "CVE-2018-17101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17101"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17101",
"url": "https://www.suse.com/security/cve/CVE-2018-17101"
},
{
"category": "external",
"summary": "SUSE Bug 1108627 for CVE-2018-17101",
"url": "https://bugzilla.suse.com/1108627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-17101"
},
{
"cve": "CVE-2018-17795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17795"
}
],
"notes": [
{
"category": "general",
"text": "The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17795",
"url": "https://www.suse.com/security/cve/CVE-2018-17795"
},
{
"category": "external",
"summary": "SUSE Bug 1046077 for CVE-2018-17795",
"url": "https://bugzilla.suse.com/1046077"
},
{
"category": "external",
"summary": "SUSE Bug 1110358 for CVE-2018-17795",
"url": "https://bugzilla.suse.com/1110358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-17795"
},
{
"cve": "CVE-2018-18557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18557"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18557",
"url": "https://www.suse.com/security/cve/CVE-2018-18557"
},
{
"category": "external",
"summary": "SUSE Bug 1113094 for CVE-2018-18557",
"url": "https://bugzilla.suse.com/1113094"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-18557"
},
{
"cve": "CVE-2018-18661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18661"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18661",
"url": "https://www.suse.com/security/cve/CVE-2018-18661"
},
{
"category": "external",
"summary": "SUSE Bug 1113672 for CVE-2018-18661",
"url": "https://bugzilla.suse.com/1113672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-18661"
},
{
"cve": "CVE-2018-19210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19210"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19210",
"url": "https://www.suse.com/security/cve/CVE-2018-19210"
},
{
"category": "external",
"summary": "SUSE Bug 1108606 for CVE-2018-19210",
"url": "https://bugzilla.suse.com/1108606"
},
{
"category": "external",
"summary": "SUSE Bug 1115717 for CVE-2018-19210",
"url": "https://bugzilla.suse.com/1115717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-19210"
},
{
"cve": "CVE-2018-5784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5784"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5784",
"url": "https://www.suse.com/security/cve/CVE-2018-5784"
},
{
"category": "external",
"summary": "SUSE Bug 1081690 for CVE-2018-5784",
"url": "https://bugzilla.suse.com/1081690"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-5784"
},
{
"cve": "CVE-2018-7456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7456"
}
],
"notes": [
{
"category": "general",
"text": "A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7456",
"url": "https://www.suse.com/security/cve/CVE-2018-7456"
},
{
"category": "external",
"summary": "SUSE Bug 1074317 for CVE-2018-7456",
"url": "https://bugzilla.suse.com/1074317"
},
{
"category": "external",
"summary": "SUSE Bug 1082825 for CVE-2018-7456",
"url": "https://bugzilla.suse.com/1082825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7456"
},
{
"cve": "CVE-2018-8905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8905"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8905",
"url": "https://www.suse.com/security/cve/CVE-2018-8905"
},
{
"category": "external",
"summary": "SUSE Bug 1086408 for CVE-2018-8905",
"url": "https://bugzilla.suse.com/1086408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-8905"
},
{
"cve": "CVE-2019-6128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6128"
}
],
"notes": [
{
"category": "general",
"text": "The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6128",
"url": "https://www.suse.com/security/cve/CVE-2019-6128"
},
{
"category": "external",
"summary": "SUSE Bug 1121626 for CVE-2019-6128",
"url": "https://bugzilla.suse.com/1121626"
},
{
"category": "external",
"summary": "SUSE Bug 1153715 for CVE-2019-6128",
"url": "https://bugzilla.suse.com/1153715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-6128"
},
{
"cve": "CVE-2019-7663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7663"
}
],
"notes": [
{
"category": "general",
"text": "An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7663",
"url": "https://www.suse.com/security/cve/CVE-2019-7663"
},
{
"category": "external",
"summary": "SUSE Bug 1125113 for CVE-2019-7663",
"url": "https://bugzilla.suse.com/1125113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff-devel-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-32bit-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:libtiff5-4.3.0-1.3.x86_64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.aarch64",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.ppc64le",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.s390x",
"openSUSE Tumbleweed:tiff-4.3.0-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-7663"
}
]
}
fkie_cve-2008-2327
Vulnerability from fkie_nvd
Published
2008-08-27 20:41
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=234080 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html | ||
| cve@mitre.org | http://secunia.com/advisories/31610 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31623 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31668 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31670 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31698 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31838 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31882 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31982 | ||
| cve@mitre.org | http://secunia.com/advisories/32706 | ||
| cve@mitre.org | http://secunia.com/advisories/32756 | Vendor Advisory | |
| cve@mitre.org | http://security-tracker.debian.net/tracker/CVE-2008-2327 | ||
| cve@mitre.org | http://security-tracker.debian.net/tracker/DSA-1632-1 | ||
| cve@mitre.org | http://security-tracker.debian.net/tracker/DTSA-160-1 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200809-07.xml | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3276 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3298 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3318 | ||
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1632 | Patch | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:184 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0847.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0848.html | Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0863.html | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/496033/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/497962/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/30832 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1020750 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-639-1 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA08-260A.html | US Government Resource | |
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2008-0017.html | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2438 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2584 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2776 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2971 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/3107 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/3232 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/2143 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=458674 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=234080 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31610 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31623 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31668 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31670 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31698 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31838 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31882 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32706 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security-tracker.debian.net/tracker/CVE-2008-2327 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security-tracker.debian.net/tracker/DSA-1632-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security-tracker.debian.net/tracker/DTSA-160-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200809-07.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3276 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3298 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1632 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:184 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0847.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0848.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0863.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/496033/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/497962/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30832 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1020750 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-639-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA08-260A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2008-0017.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2438 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2584 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2776 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2971 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/3107 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/3232 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/2143 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=458674 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libtiff | libtiff | * | |
| libtiff | libtiff | 3.4 | |
| libtiff | libtiff | 3.5.1 | |
| libtiff | libtiff | 3.5.2 | |
| libtiff | libtiff | 3.5.3 | |
| libtiff | libtiff | 3.5.4 | |
| libtiff | libtiff | 3.5.5 | |
| libtiff | libtiff | 3.5.6 | |
| libtiff | libtiff | 3.5.7 | |
| libtiff | libtiff | 3.6.0 | |
| libtiff | libtiff | 3.6.1 | |
| libtiff | libtiff | 3.7.0 | |
| libtiff | libtiff | 3.7.1 | |
| libtiff | libtiff | 3.8.0 | |
| libtiff | libtiff | 3.8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36B8B853-0FF0-4E2F-983D-683A0951CEF3",
"versionEndIncluding": "3.8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "11C50750-FE1D-42BA-9125-7D8E872AA2DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEBA7B-81D5-4148-912B-9AD448BBE741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "448555FE-8E91-4EA7-BA05-6915F5508319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44BC5E2C-B6A6-4999-A1EA-B91DA5C350C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2850FD9-8BE8-410E-8A24-28549DAACEB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en las funciones (1) LZWDecode, (2) LZWDecodeCompat y (3) LZWDecodeVector en el archivo tif_lzw.c en el decodificador LZW en LibTIFF versi\u00f3n 3.8.2 y anteriores, permite a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de un archivo TIFF dise\u00f1ado, relacionado con el manejo inapropiado del c\u00f3digo CODE_CLEAR."
}
],
"id": "CVE-2008-2327",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-08-27T20:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31610"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31623"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31668"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31670"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31698"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31838"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31882"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31982"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32706"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32756"
},
{
"source": "cve@mitre.org",
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"source": "cve@mitre.org",
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"source": "cve@mitre.org",
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3276"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3298"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3318"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30832"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020750"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2143"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-948h-p4jx-fxj7
Vulnerability from github
Published
2022-05-01 23:49
Modified
2022-05-01 23:49
VLAI Severity ?
Details
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
{
"affected": [],
"aliases": [
"CVE-2008-2327"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-08-27T20:41:00Z",
"severity": "MODERATE"
},
"details": "Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.",
"id": "GHSA-948h-p4jx-fxj7",
"modified": "2022-05-01T23:49:03Z",
"published": "2022-05-01T23:49:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2327"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458674"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11489"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5514"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00102.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00121.html"
},
{
"type": "WEB",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=234080"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31610"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31623"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31668"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31670"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31698"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31838"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31882"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31982"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32706"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32756"
},
{
"type": "WEB",
"url": "http://security-tracker.debian.net/tracker/CVE-2008-2327"
},
{
"type": "WEB",
"url": "http://security-tracker.debian.net/tracker/DSA-1632-1"
},
{
"type": "WEB",
"url": "http://security-tracker.debian.net/tracker/DTSA-160-1"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200809-07.xml"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265030-1"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3276"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3298"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3318"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2008/dsa-1632"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:184"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0847.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0848.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0863.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/496033/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/30832"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1020750"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-639-1"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
},
{
"type": "WEB",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2438"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2776"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/3107"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/3232"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/2143"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…