CVE-2018-5360 (retired)

Priority
Description
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated
by a heap-based buffer over-read in the ReadTIFFImage function in
coders/tiff.c in GraphicsMagick 1.3.27.
Notes
mdeslaurdupe of CVE-2014-8127 and CVE-2016-3658
this will not be fixed in precise/esm
Package
Source: tiff (LP Ubuntu Debian)
Upstream:released (4.0.7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored
Ubuntu 16.04 LTS (Xenial Xerus):released (4.0.6-1ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.0.7-1)
Ubuntu 19.04 (Disco Dingo):not-affected (4.0.7-1)
Patches:
Upstream:https://gitlab.com/libtiff/libtiff/commit/739dcd28a061738b317c1e9f91029d9cbc157159
More Information

Updated: 2019-10-09 08:04:10 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)