CVE-2017-16232

Priority
Description
** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities,
which allow attackers to cause a denial of service (memory consumption), as
demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties
were unable to reproduce the issue.
Notes
mdeslaurfix only solves memory leak, but not high memory usage
this CVE was disputed, marking as ignored
Package
Source: tiff (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):ignored
Ubuntu 14.04 ESM (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored
Ubuntu 18.04 LTS (Bionic Beaver):ignored
Ubuntu 19.04 (Disco Dingo):ignored
Ubuntu 19.10 (Eoan Ermine):ignored
Patches:
Upstream:https://gitlab.com/libtiff/libtiff/commit/25f9ffa56548c1846c4a1f19308b7f561f7b1ab0
More Information

Updated: 2019-12-05 21:08:39 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)