Synopsis

Moderate: libtiff security update

Type/Severity

Security Advisory: Moderate

Topic

An update for libtiff is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

• libtiff: buffer overflow in gif2tiff (CVE-2016-3186)
  
• libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution (CVE-2018-12900)
  
• libtiff: Out-of-bounds write in tif_jbig.c (CVE-2018-18557)
  
• libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service (CVE-2018-7456)
  
• libtiff: heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial of service (CVE-2018-8905)
  
• libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c (CVE-2018-10779)
  
• libtiff: reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c (CVE-2018-10963)
  
• libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c (CVE-2018-17100)
  
• libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c (CVE-2018-17101)
  
• libtiff: tiff2bw tool failed memory allocation leads to crash (CVE-2018-18661)
  

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running applications linked against libtiff must be restarted for this update to take effect.

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for IBM z Systems 7 s390x
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

• BZ - 1319503 - buffer overflow in gif2tiff
• BZ - 1319666 - CVE-2016-3186 libtiff: buffer overflow in gif2tiff
• BZ - 1556708 - CVE-2018-7456 libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service
• BZ - 1559704 - CVE-2018-8905 libtiff: heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial of service
• BZ - 1577311 - CVE-2018-10779 libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c
• BZ - 1579058 - CVE-2018-10963 libtiff: reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c
• BZ - 1595575 - CVE-2018-12900 libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution
• BZ - 1631069 - CVE-2018-17100 libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c
• BZ - 1631078 - CVE-2018-17101 libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c
• BZ - 1644229 - CVE-2018-18557 libtiff: Out-of-bounds write in tif_jbig.c
• BZ - 1644448 - CVE-2018-18661 libtiff: tiff2bw tool failed memory allocation leads to crash

CVEs

• CVE-2016-3186
• CVE-2018-7456
• CVE-2018-8905
• CVE-2018-10779
• CVE-2018-10963
• CVE-2018-12900
• CVE-2018-17100
• CVE-2018-17101
• CVE-2018-18557
• CVE-2018-18661

References

• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/7.7_release_notes/index

Red Hat Enterprise Linux Server 7

SRPM
libtiff-4.0.3-32.el7.src.rpm	SHA-256: 6d9afb86f8c08811e48bae76ed7b9d2a8208e0a11412f6d157b513bb79aab5aa
x86_64
libtiff-4.0.3-32.el7.i686.rpm	SHA-256: 2dc8edfdef514ac698102cd05259c2380fd18a67d7e4ab880bbbf3e341a95ffe
libtiff-4.0.3-32.el7.x86_64.rpm	SHA-256: b289b1adcda215624be5c191046962b91e6efb924bbd7606ef8f68defee0f495
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-devel-4.0.3-32.el7.i686.rpm	SHA-256: fa0411d8f59afcfb69814cfc499d0d4d105713f68199dbfaaf70097e24470904
libtiff-devel-4.0.3-32.el7.x86_64.rpm	SHA-256: b43b11555dff85cca2c7eed3d80dec2ec29641c6c6d9e4f448483700435d5ecd
libtiff-static-4.0.3-32.el7.i686.rpm	SHA-256: 99f7f8f3172293a7891dea768cd2719c028f98e62c64dc3b943495e7c6c72c01
libtiff-static-4.0.3-32.el7.x86_64.rpm	SHA-256: 490f7b944d43c5191faff2a4d8eb03c646e7462f5a85aad2f368ccc1d1b387ba
libtiff-tools-4.0.3-32.el7.x86_64.rpm	SHA-256: ed3c2455e1e53ea164a7c658af2c4019345f2c7ec1bd56f9b6ad3da65b540ecf

Red Hat Enterprise Linux Workstation 7

SRPM
libtiff-4.0.3-32.el7.src.rpm	SHA-256: 6d9afb86f8c08811e48bae76ed7b9d2a8208e0a11412f6d157b513bb79aab5aa
x86_64
libtiff-4.0.3-32.el7.i686.rpm	SHA-256: 2dc8edfdef514ac698102cd05259c2380fd18a67d7e4ab880bbbf3e341a95ffe
libtiff-4.0.3-32.el7.x86_64.rpm	SHA-256: b289b1adcda215624be5c191046962b91e6efb924bbd7606ef8f68defee0f495
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-devel-4.0.3-32.el7.i686.rpm	SHA-256: fa0411d8f59afcfb69814cfc499d0d4d105713f68199dbfaaf70097e24470904
libtiff-devel-4.0.3-32.el7.x86_64.rpm	SHA-256: b43b11555dff85cca2c7eed3d80dec2ec29641c6c6d9e4f448483700435d5ecd
libtiff-static-4.0.3-32.el7.i686.rpm	SHA-256: 99f7f8f3172293a7891dea768cd2719c028f98e62c64dc3b943495e7c6c72c01
libtiff-static-4.0.3-32.el7.x86_64.rpm	SHA-256: 490f7b944d43c5191faff2a4d8eb03c646e7462f5a85aad2f368ccc1d1b387ba
libtiff-tools-4.0.3-32.el7.x86_64.rpm	SHA-256: ed3c2455e1e53ea164a7c658af2c4019345f2c7ec1bd56f9b6ad3da65b540ecf

Red Hat Enterprise Linux Desktop 7

SRPM
libtiff-4.0.3-32.el7.src.rpm	SHA-256: 6d9afb86f8c08811e48bae76ed7b9d2a8208e0a11412f6d157b513bb79aab5aa
x86_64
libtiff-4.0.3-32.el7.i686.rpm	SHA-256: 2dc8edfdef514ac698102cd05259c2380fd18a67d7e4ab880bbbf3e341a95ffe
libtiff-4.0.3-32.el7.x86_64.rpm	SHA-256: b289b1adcda215624be5c191046962b91e6efb924bbd7606ef8f68defee0f495
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-devel-4.0.3-32.el7.i686.rpm	SHA-256: fa0411d8f59afcfb69814cfc499d0d4d105713f68199dbfaaf70097e24470904
libtiff-devel-4.0.3-32.el7.x86_64.rpm	SHA-256: b43b11555dff85cca2c7eed3d80dec2ec29641c6c6d9e4f448483700435d5ecd
libtiff-static-4.0.3-32.el7.i686.rpm	SHA-256: 99f7f8f3172293a7891dea768cd2719c028f98e62c64dc3b943495e7c6c72c01
libtiff-static-4.0.3-32.el7.x86_64.rpm	SHA-256: 490f7b944d43c5191faff2a4d8eb03c646e7462f5a85aad2f368ccc1d1b387ba
libtiff-tools-4.0.3-32.el7.x86_64.rpm	SHA-256: ed3c2455e1e53ea164a7c658af2c4019345f2c7ec1bd56f9b6ad3da65b540ecf

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
libtiff-4.0.3-32.el7.src.rpm	SHA-256: 6d9afb86f8c08811e48bae76ed7b9d2a8208e0a11412f6d157b513bb79aab5aa
s390x
libtiff-4.0.3-32.el7.s390.rpm	SHA-256: f508ec1c88f132f817d012582bf12ae840366177061354c327154cb83e12dd2b
libtiff-4.0.3-32.el7.s390x.rpm	SHA-256: b1737070016f4f3d64db90b50975de5373a059e4bc22cc2bfbb730b8e15ba440
libtiff-debuginfo-4.0.3-32.el7.s390.rpm	SHA-256: 134b1af18d4b9ff1899aa0236542002b2d667882eef1b55c76dfb9c7581dfd52
libtiff-debuginfo-4.0.3-32.el7.s390.rpm	SHA-256: 134b1af18d4b9ff1899aa0236542002b2d667882eef1b55c76dfb9c7581dfd52
libtiff-debuginfo-4.0.3-32.el7.s390x.rpm	SHA-256: 314b13d3d3a91bf189fe1933b5fb9cf4558187321caab95fdd6bbe37584a8856
libtiff-debuginfo-4.0.3-32.el7.s390x.rpm	SHA-256: 314b13d3d3a91bf189fe1933b5fb9cf4558187321caab95fdd6bbe37584a8856
libtiff-devel-4.0.3-32.el7.s390.rpm	SHA-256: 2eb996350804e5f466021a24020f3dd6bc557d46d7aff2bb63494548b0117cab
libtiff-devel-4.0.3-32.el7.s390x.rpm	SHA-256: 913d7c1438c44069f8bfc1451bb7a2baa2a404a8ddc7c254e45aa1605a43cc50
libtiff-static-4.0.3-32.el7.s390.rpm	SHA-256: fc24f01ea9c79b6281ab5f9c81f1c370ae2d1ea25a225702d4b7be6ee0168df2
libtiff-static-4.0.3-32.el7.s390x.rpm	SHA-256: 99389b1f60764366f414c09c8550379176111c588243d33ba52d7ab7efb7cb34
libtiff-tools-4.0.3-32.el7.s390x.rpm	SHA-256: aee12120dbbe9ff898bf36951210b7635a19edd3aa8792925282d62cef688d09

Red Hat Enterprise Linux for Power, big endian 7

SRPM
libtiff-4.0.3-32.el7.src.rpm	SHA-256: 6d9afb86f8c08811e48bae76ed7b9d2a8208e0a11412f6d157b513bb79aab5aa
ppc64
libtiff-4.0.3-32.el7.ppc.rpm	SHA-256: 4fa5a9a7eed94b1817f763e962277404e46ce3c45a901c41835e3c369b0d3baa
libtiff-4.0.3-32.el7.ppc64.rpm	SHA-256: 0c5e048bd5cb8f164914c89bd50b8c861a887a980099bb6cae38fefd356b8a95
libtiff-debuginfo-4.0.3-32.el7.ppc.rpm	SHA-256: bc51c52c26bb8810337a67488c6587d58e449a047b64f912048f81df818e7e5a
libtiff-debuginfo-4.0.3-32.el7.ppc.rpm	SHA-256: bc51c52c26bb8810337a67488c6587d58e449a047b64f912048f81df818e7e5a
libtiff-debuginfo-4.0.3-32.el7.ppc64.rpm	SHA-256: 0c1d95f7199accebd747c5ce552f95a21db1571fdd8e4a933cd28ca09424bf82
libtiff-debuginfo-4.0.3-32.el7.ppc64.rpm	SHA-256: 0c1d95f7199accebd747c5ce552f95a21db1571fdd8e4a933cd28ca09424bf82
libtiff-devel-4.0.3-32.el7.ppc.rpm	SHA-256: aa217daf82b24a30709bc0f4d91804cc886a4223de20c1b27d9cd18192284ef8
libtiff-devel-4.0.3-32.el7.ppc64.rpm	SHA-256: f88c3ffa85a2023e6ef6fc9d8b255e446e3012a17cbd79adb6b97fac9fa60ad6
libtiff-static-4.0.3-32.el7.ppc.rpm	SHA-256: 113b1f61462a65de788420d4b35356fb7aac5d4fbe1cb51d634b247489241924
libtiff-static-4.0.3-32.el7.ppc64.rpm	SHA-256: 57ee5b248feefa63a6b44a4aa9060f44df6d40cc4f17f1fae4ae911e417e3897
libtiff-tools-4.0.3-32.el7.ppc64.rpm	SHA-256: f33f01ae01f2bbaebf0698b9ef1b1a69feed9ecd24ac1ddf931e6292aa7bad49

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
libtiff-4.0.3-32.el7.src.rpm	SHA-256: 6d9afb86f8c08811e48bae76ed7b9d2a8208e0a11412f6d157b513bb79aab5aa
x86_64
libtiff-4.0.3-32.el7.i686.rpm	SHA-256: 2dc8edfdef514ac698102cd05259c2380fd18a67d7e4ab880bbbf3e341a95ffe
libtiff-4.0.3-32.el7.x86_64.rpm	SHA-256: b289b1adcda215624be5c191046962b91e6efb924bbd7606ef8f68defee0f495
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.i686.rpm	SHA-256: 106c519f1500cefd816d2eba335e19a924dc8bb40622ffbc7e7cc2a89b2d5ecc
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-debuginfo-4.0.3-32.el7.x86_64.rpm	SHA-256: 7dfe528f7dfa481ce426cca7fdd7a3d01436afe39149fea51a876638d0779179
libtiff-devel-4.0.3-32.el7.i686.rpm	SHA-256: fa0411d8f59afcfb69814cfc499d0d4d105713f68199dbfaaf70097e24470904
libtiff-devel-4.0.3-32.el7.x86_64.rpm	SHA-256: b43b11555dff85cca2c7eed3d80dec2ec29641c6c6d9e4f448483700435d5ecd
libtiff-static-4.0.3-32.el7.i686.rpm	SHA-256: 99f7f8f3172293a7891dea768cd2719c028f98e62c64dc3b943495e7c6c72c01
libtiff-static-4.0.3-32.el7.x86_64.rpm	SHA-256: 490f7b944d43c5191faff2a4d8eb03c646e7462f5a85aad2f368ccc1d1b387ba
libtiff-tools-4.0.3-32.el7.x86_64.rpm	SHA-256: ed3c2455e1e53ea164a7c658af2c4019345f2c7ec1bd56f9b6ad3da65b540ecf

Red Hat Enterprise Linux for Power, little endian 7

SRPM
libtiff-4.0.3-32.el7.src.rpm	SHA-256: 6d9afb86f8c08811e48bae76ed7b9d2a8208e0a11412f6d157b513bb79aab5aa
ppc64le
libtiff-4.0.3-32.el7.ppc64le.rpm	SHA-256: 9f7389f09ef46679391046bde3c436434822aeaa689ff04eecae4d4329d71e64
libtiff-debuginfo-4.0.3-32.el7.ppc64le.rpm	SHA-256: a7c24760dbdd5f26aff63c3505cbb203a4ec9a7440c6cc939604b0ebc981c1f7
libtiff-debuginfo-4.0.3-32.el7.ppc64le.rpm	SHA-256: a7c24760dbdd5f26aff63c3505cbb203a4ec9a7440c6cc939604b0ebc981c1f7
libtiff-devel-4.0.3-32.el7.ppc64le.rpm	SHA-256: a146cbaa82aad8ecc3969d2e60703db61a4d6e770cd5fb40224fe8165916a654
libtiff-static-4.0.3-32.el7.ppc64le.rpm	SHA-256: 1f34f26c2c8c39d2fb89369a462f3119b879280d1e906035d7d366c91bd60a5d
libtiff-tools-4.0.3-32.el7.ppc64le.rpm	SHA-256: 980a34402bec5406c3894980070c3088a75c0e209fe7d8dd79b2d91dd316efa2