767852 – (CVE-2012-2113) VUL-0: CVE-2012-2113: libtiff: integer overflow leading to heap-based buffer overflow when parsing crafted tiff files

Bug 767852 (CVE-2012-2113) - VUL-0: CVE-2012-2113: libtiff: integer overflow leading to heap-based buffer overflow when parsing crafted tiff files

Summary: VUL-0: CVE-2012-2113: libtiff: integer overflow leading to heap-based buffer ...

Status:	RESOLVED FIXED

Alias:	CVE-2012-2113

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P2 - High Severity: Major
Target Milestone:	---
Deadline:	2012-06-29
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle10-sp3:48017 maint:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2012-06-20 08:45 UTC by Matthias Weckbecker
Modified:	2019-05-01 15:42 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
-- libtiff_CVE-2012-2113.patch (8.96 KB, patch) 2012-06-20 08:49 UTC, Matthias Weckbecker	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Weckbecker 2012-06-20 08:45:31 UTC

There has recently been an issue reported in libtiff which could cause an
integer overflow that leads to a heap-based buffer overflow via specially 
crafted tiff files.

Comment 1 Matthias Weckbecker 2012-06-20 08:49:34 UTC

Created attachment 495571 [details]
-- libtiff_CVE-2012-2113.patch

Comment 2 Bernhard Wiedemann 2012-06-20 10:00:28 UTC

This is an autogenerated message for OBS integration:
This bug (767852) was mentioned in
https://build.opensuse.org/request/show/125510 Factory / tiff

Comment 3 Matthias Weckbecker 2012-06-20 10:57:12 UTC

SLE11-SP-{1,2} + SLE10-SP-{3,4} affected.

Comment 4 Matthias Weckbecker 2012-06-20 11:16:06 UTC

Issue can be triggered via `tiff2pdf'.

Comment 5 Petr Gajdos 2012-06-20 13:11:12 UTC

openSUSE: mr#125536

Comment 6 Petr Gajdos 2012-06-22 09:08:06 UTC

9sp3:  sr#19843
10sp3: sr#19844
11:    sr#19845

Comment 7 Swamp Workflow Management 2012-06-22 12:01:58 UTC

The SWAMPID for this issue is 48014.
This issue was rated as important.
Please submit fixed packages until 2012-06-29.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 8 Swamp Workflow Management 2012-07-04 07:09:31 UTC

openSUSE-SU-2012:0829-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 767852,767854
CVE References: CVE-2012-2088,CVE-2012-2113
Sources used:
openSUSE 12.1 (src):    tiff-3.9.5-8.7.1
openSUSE 11.4 (src):    tiff-3.9.4-28.1

Comment 9 Bernhard Wiedemann 2012-07-10 10:00:15 UTC

This is an autogenerated message for OBS integration:
This bug (767852) was mentioned in
https://build.opensuse.org/request/show/127461 Evergreen:11.2 / tiff

Comment 10 Bernhard Wiedemann 2012-07-13 06:00:39 UTC

This is an autogenerated message for OBS integration:
This bug (767852) was mentioned in
https://build.opensuse.org/request/show/127792 Evergreen:11.2 / tiff

Comment 11 Matthias Weckbecker 2012-07-19 13:02:24 UTC

released

Comment 12 Swamp Workflow Management 2012-07-19 13:08:42 UTC

Update released for: libtiff, tiff
Products:
SUSE-CORE 9-SP3-TERADATA (x86_64)

Comment 13 Swamp Workflow Management 2012-07-19 13:09:05 UTC

Update released for: libtiff, libtiff-32bit, libtiff-devel, libtiff-devel-32bit, tiff, tiff-debuginfo
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 14 Swamp Workflow Management 2012-07-19 15:12:01 UTC

Update released for: libtiff, libtiff-32bit, libtiff-64bit, libtiff-devel, libtiff-devel-32bit, libtiff-devel-64bit, libtiff-x86, tiff, tiff-debuginfo
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)

Comment 15 Swamp Workflow Management 2012-07-19 17:07:01 UTC

Update released for: libtiff-devel, libtiff-devel-32bit, libtiff3, libtiff3-32bit, libtiff3-x86, tiff, tiff-debuginfo, tiff-debugsource
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-DESKTOP 11-SP1-FOR-SP2 (i386, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SDK 11-SP1-FOR-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-FOR-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)

Comment 16 Swamp Workflow Management 2013-11-07 12:55:47 UTC

Update released for: libtiff, libtiff-32bit, libtiff-devel, libtiff-devel-32bit, tiff, tiff-debuginfo
Products:
SLE-SERVER 10-SP3-LTSS (i386, s390x, x86_64)