suse-su-2016:3301-1
Vulnerability from csaf_suse
Published
2016-12-29 19:48
Modified
2016-12-29 19:48
Summary
Security update for tiff
Notes
Title of the patch
Security update for tiff
Description of the patch
The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues.
- CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools [bnc#914890]
- CVE-2016-9297: tif_dirread.c read outside buffer in _TIFFPrintField() [bnc#1010161]
- CVE-2016-3658: Illegal read in TIFFWriteDirectoryTagLongLong8Array function in tiffset / tif_dirwrite.c [bnc#974840]
- CVE-2016-9273: heap overflow [bnc#1010163]
- CVE-2016-3622: divide By Zero in the tiff2rgba tool [bnc#974449]
- CVE-2016-5652: tiff2pdf JPEG Compression Tables Heap Buffer Overflow [bnc#1007280]
- CVE-2016-9453: out-of-bounds Write memcpy and less bound check in tiff2pdf [bnc#1011107]
- CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat [bnc#987351]
- CVE-2016-9448: regression introduced by fixing CVE-2016-9297 [bnc#1011103]
- CVE-2016-5321: out-of-bounds read in tiffcrop / DumpModeDecode() function [bnc#984813]
- CVE-2016-5323: Divide-by-zero in _TIFFFax3fillruns() function (null ptr dereference?) [bnc#984815]
Patchnames
SUSE-SLE-DESKTOP-12-SP1-2016-1937,SUSE-SLE-DESKTOP-12-SP2-2016-1937,SUSE-SLE-RPI-12-SP2-2016-1937,SUSE-SLE-SDK-12-SP1-2016-1937,SUSE-SLE-SDK-12-SP2-2016-1937,SUSE-SLE-SERVER-12-SP1-2016-1937,SUSE-SLE-SERVER-12-SP2-2016-1937
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tiff",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe tiff library and tools were updated to version 4.0.7 fixing various bug and security issues.\n\n- CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools [bnc#914890]\n- CVE-2016-9297: tif_dirread.c read outside buffer in _TIFFPrintField() [bnc#1010161]\n- CVE-2016-3658: Illegal read in TIFFWriteDirectoryTagLongLong8Array function in tiffset / tif_dirwrite.c [bnc#974840]\n- CVE-2016-9273: heap overflow [bnc#1010163]\n- CVE-2016-3622: divide By Zero in the tiff2rgba tool [bnc#974449]\n- CVE-2016-5652: tiff2pdf JPEG Compression Tables Heap Buffer Overflow [bnc#1007280]\n- CVE-2016-9453: out-of-bounds Write memcpy and less bound check in tiff2pdf [bnc#1011107]\n- CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat [bnc#987351]\n- CVE-2016-9448: regression introduced by fixing CVE-2016-9297 [bnc#1011103]\n- CVE-2016-5321: out-of-bounds read in tiffcrop / DumpModeDecode() function [bnc#984813]\n- CVE-2016-5323: Divide-by-zero in _TIFFFax3fillruns() function (null ptr dereference?) [bnc#984815]\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2016-1937,SUSE-SLE-DESKTOP-12-SP2-2016-1937,SUSE-SLE-RPI-12-SP2-2016-1937,SUSE-SLE-SDK-12-SP1-2016-1937,SUSE-SLE-SDK-12-SP2-2016-1937,SUSE-SLE-SERVER-12-SP1-2016-1937,SUSE-SLE-SERVER-12-SP2-2016-1937",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_3301-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:3301-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20163301-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:3301-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-December/002537.html"
},
{
"category": "self",
"summary": "SUSE Bug 1007280",
"url": "https://bugzilla.suse.com/1007280"
},
{
"category": "self",
"summary": "SUSE Bug 1010161",
"url": "https://bugzilla.suse.com/1010161"
},
{
"category": "self",
"summary": "SUSE Bug 1010163",
"url": "https://bugzilla.suse.com/1010163"
},
{
"category": "self",
"summary": "SUSE Bug 1011103",
"url": "https://bugzilla.suse.com/1011103"
},
{
"category": "self",
"summary": "SUSE Bug 1011107",
"url": "https://bugzilla.suse.com/1011107"
},
{
"category": "self",
"summary": "SUSE Bug 914890",
"url": "https://bugzilla.suse.com/914890"
},
{
"category": "self",
"summary": "SUSE Bug 974449",
"url": "https://bugzilla.suse.com/974449"
},
{
"category": "self",
"summary": "SUSE Bug 974840",
"url": "https://bugzilla.suse.com/974840"
},
{
"category": "self",
"summary": "SUSE Bug 984813",
"url": "https://bugzilla.suse.com/984813"
},
{
"category": "self",
"summary": "SUSE Bug 984815",
"url": "https://bugzilla.suse.com/984815"
},
{
"category": "self",
"summary": "SUSE Bug 987351",
"url": "https://bugzilla.suse.com/987351"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8127 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3622 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3658 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5321 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5323 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5652 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5875 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9273 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9297 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9448 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9453 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9453/"
}
],
"title": "Security update for tiff",
"tracking": {
"current_release_date": "2016-12-29T19:48:15Z",
"generator": {
"date": "2016-12-29T19:48:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:3301-1",
"initial_release_date": "2016-12-29T19:48:15Z",
"revision_history": [
{
"date": "2016-12-29T19:48:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libtiff5-4.0.7-35.1.aarch64",
"product": {
"name": "libtiff5-4.0.7-35.1.aarch64",
"product_id": "libtiff5-4.0.7-35.1.aarch64"
}
},
{
"category": "product_version",
"name": "tiff-4.0.7-35.1.aarch64",
"product": {
"name": "tiff-4.0.7-35.1.aarch64",
"product_id": "tiff-4.0.7-35.1.aarch64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-4.0.7-35.1.aarch64",
"product": {
"name": "libtiff-devel-4.0.7-35.1.aarch64",
"product_id": "libtiff-devel-4.0.7-35.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-4.0.7-35.1.ppc64le",
"product": {
"name": "libtiff-devel-4.0.7-35.1.ppc64le",
"product_id": "libtiff-devel-4.0.7-35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libtiff5-4.0.7-35.1.ppc64le",
"product": {
"name": "libtiff5-4.0.7-35.1.ppc64le",
"product_id": "libtiff5-4.0.7-35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tiff-4.0.7-35.1.ppc64le",
"product": {
"name": "tiff-4.0.7-35.1.ppc64le",
"product_id": "tiff-4.0.7-35.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-4.0.7-35.1.s390x",
"product": {
"name": "libtiff-devel-4.0.7-35.1.s390x",
"product_id": "libtiff-devel-4.0.7-35.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff5-4.0.7-35.1.s390x",
"product": {
"name": "libtiff5-4.0.7-35.1.s390x",
"product_id": "libtiff5-4.0.7-35.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff5-32bit-4.0.7-35.1.s390x",
"product": {
"name": "libtiff5-32bit-4.0.7-35.1.s390x",
"product_id": "libtiff5-32bit-4.0.7-35.1.s390x"
}
},
{
"category": "product_version",
"name": "tiff-4.0.7-35.1.s390x",
"product": {
"name": "tiff-4.0.7-35.1.s390x",
"product_id": "tiff-4.0.7-35.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff5-4.0.7-35.1.x86_64",
"product": {
"name": "libtiff5-4.0.7-35.1.x86_64",
"product_id": "libtiff5-4.0.7-35.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff5-32bit-4.0.7-35.1.x86_64",
"product": {
"name": "libtiff5-32bit-4.0.7-35.1.x86_64",
"product_id": "libtiff5-32bit-4.0.7-35.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-4.0.7-35.1.x86_64",
"product": {
"name": "libtiff-devel-4.0.7-35.1.x86_64",
"product_id": "libtiff-devel-4.0.7-35.1.x86_64"
}
},
{
"category": "product_version",
"name": "tiff-4.0.7-35.1.x86_64",
"product": {
"name": "tiff-4.0.7-35.1.x86_64",
"product_id": "tiff-4.0.7-35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64"
},
"product_reference": "libtiff5-4.0.7-35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64"
},
"product_reference": "tiff-4.0.7-35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le"
},
"product_reference": "libtiff-devel-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x"
},
"product_reference": "libtiff-devel-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff-devel-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.0.7-35.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64"
},
"product_reference": "libtiff-devel-4.0.7-35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le"
},
"product_reference": "libtiff-devel-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x"
},
"product_reference": "libtiff-devel-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff-devel-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le"
},
"product_reference": "libtiff5-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le"
},
"product_reference": "tiff-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x"
},
"product_reference": "tiff-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64"
},
"product_reference": "tiff-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le"
},
"product_reference": "libtiff5-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le"
},
"product_reference": "tiff-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x"
},
"product_reference": "tiff-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64"
},
"product_reference": "tiff-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64"
},
"product_reference": "libtiff5-4.0.7-35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le"
},
"product_reference": "libtiff5-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64"
},
"product_reference": "tiff-4.0.7-35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le"
},
"product_reference": "tiff-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x"
},
"product_reference": "tiff-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64"
},
"product_reference": "tiff-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64"
},
"product_reference": "libtiff5-4.0.7-35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le"
},
"product_reference": "libtiff5-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff5-32bit-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64"
},
"product_reference": "libtiff5-32bit-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64"
},
"product_reference": "tiff-4.0.7-35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le"
},
"product_reference": "tiff-4.0.7-35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x"
},
"product_reference": "tiff-4.0.7-35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-4.0.7-35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64"
},
"product_reference": "tiff-4.0.7-35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-8127",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8127"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8127",
"url": "https://www.suse.com/security/cve/CVE-2014-8127"
},
{
"category": "external",
"summary": "SUSE Bug 1206220 for CVE-2014-8127",
"url": "https://bugzilla.suse.com/1206220"
},
{
"category": "external",
"summary": "SUSE Bug 914890 for CVE-2014-8127",
"url": "https://bugzilla.suse.com/914890"
},
{
"category": "external",
"summary": "SUSE Bug 916925 for CVE-2014-8127",
"url": "https://bugzilla.suse.com/916925"
},
{
"category": "external",
"summary": "SUSE Bug 942690 for CVE-2014-8127",
"url": "https://bugzilla.suse.com/942690"
},
{
"category": "external",
"summary": "SUSE Bug 969783 for CVE-2014-8127",
"url": "https://bugzilla.suse.com/969783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "critical"
}
],
"title": "CVE-2014-8127"
},
{
"cve": "CVE-2016-3622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3622"
}
],
"notes": [
{
"category": "general",
"text": "The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3622",
"url": "https://www.suse.com/security/cve/CVE-2016-3622"
},
{
"category": "external",
"summary": "SUSE Bug 974449 for CVE-2016-3622",
"url": "https://bugzilla.suse.com/974449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "low"
}
],
"title": "CVE-2016-3622"
},
{
"cve": "CVE-2016-3658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3658"
}
],
"notes": [
{
"category": "general",
"text": "The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3658",
"url": "https://www.suse.com/security/cve/CVE-2016-3658"
},
{
"category": "external",
"summary": "SUSE Bug 974840 for CVE-2016-3658",
"url": "https://bugzilla.suse.com/974840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "low"
}
],
"title": "CVE-2016-3658"
},
{
"cve": "CVE-2016-5321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5321"
}
],
"notes": [
{
"category": "general",
"text": "The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5321",
"url": "https://www.suse.com/security/cve/CVE-2016-5321"
},
{
"category": "external",
"summary": "SUSE Bug 984813 for CVE-2016-5321",
"url": "https://bugzilla.suse.com/984813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-5321"
},
{
"cve": "CVE-2016-5323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5323"
}
],
"notes": [
{
"category": "general",
"text": "The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5323",
"url": "https://www.suse.com/security/cve/CVE-2016-5323"
},
{
"category": "external",
"summary": "SUSE Bug 984815 for CVE-2016-5323",
"url": "https://bugzilla.suse.com/984815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-5323"
},
{
"cve": "CVE-2016-5652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5652"
}
],
"notes": [
{
"category": "general",
"text": "An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF\u0027s TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5652",
"url": "https://www.suse.com/security/cve/CVE-2016-5652"
},
{
"category": "external",
"summary": "SUSE Bug 1007280 for CVE-2016-5652",
"url": "https://bugzilla.suse.com/1007280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-5652"
},
{
"cve": "CVE-2016-5875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5875"
}
],
"notes": [
{
"category": "general",
"text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5875",
"url": "https://www.suse.com/security/cve/CVE-2016-5875"
},
{
"category": "external",
"summary": "SUSE Bug 1007284 for CVE-2016-5875",
"url": "https://bugzilla.suse.com/1007284"
},
{
"category": "external",
"summary": "SUSE Bug 984809 for CVE-2016-5875",
"url": "https://bugzilla.suse.com/984809"
},
{
"category": "external",
"summary": "SUSE Bug 984831 for CVE-2016-5875",
"url": "https://bugzilla.suse.com/984831"
},
{
"category": "external",
"summary": "SUSE Bug 987351 for CVE-2016-5875",
"url": "https://bugzilla.suse.com/987351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-5875"
},
{
"cve": "CVE-2016-9273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9273"
}
],
"notes": [
{
"category": "general",
"text": "tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9273",
"url": "https://www.suse.com/security/cve/CVE-2016-9273"
},
{
"category": "external",
"summary": "SUSE Bug 1010163 for CVE-2016-9273",
"url": "https://bugzilla.suse.com/1010163"
},
{
"category": "external",
"summary": "SUSE Bug 1017693 for CVE-2016-9273",
"url": "https://bugzilla.suse.com/1017693"
},
{
"category": "external",
"summary": "SUSE Bug 1150480 for CVE-2016-9273",
"url": "https://bugzilla.suse.com/1150480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-9273"
},
{
"cve": "CVE-2016-9297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9297"
}
],
"notes": [
{
"category": "general",
"text": "The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9297",
"url": "https://www.suse.com/security/cve/CVE-2016-9297"
},
{
"category": "external",
"summary": "SUSE Bug 1010161 for CVE-2016-9297",
"url": "https://bugzilla.suse.com/1010161"
},
{
"category": "external",
"summary": "SUSE Bug 1011103 for CVE-2016-9297",
"url": "https://bugzilla.suse.com/1011103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-9297"
},
{
"cve": "CVE-2016-9448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9448"
}
],
"notes": [
{
"category": "general",
"text": "The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9448",
"url": "https://www.suse.com/security/cve/CVE-2016-9448"
},
{
"category": "external",
"summary": "SUSE Bug 1010161 for CVE-2016-9448",
"url": "https://bugzilla.suse.com/1010161"
},
{
"category": "external",
"summary": "SUSE Bug 1011103 for CVE-2016-9448",
"url": "https://bugzilla.suse.com/1011103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "moderate"
}
],
"title": "CVE-2016-9448"
},
{
"cve": "CVE-2016-9453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9453"
}
],
"notes": [
{
"category": "general",
"text": "The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9453",
"url": "https://www.suse.com/security/cve/CVE-2016-9453"
},
{
"category": "external",
"summary": "SUSE Bug 1007280 for CVE-2016-9453",
"url": "https://bugzilla.suse.com/1007280"
},
{
"category": "external",
"summary": "SUSE Bug 1011107 for CVE-2016-9453",
"url": "https://bugzilla.suse.com/1011107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-32bit-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libtiff5-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tiff-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel-4.0.7-35.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:libtiff-devel-4.0.7-35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-12-29T19:48:15Z",
"details": "important"
}
],
"title": "CVE-2016-9453"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…