Source: tiff Version: 4.0.10-4 Severity: important Tags: security upstream Hi,
The following vulnerability was published for tiff. CVE-2019-14973[0]: | _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through | 4.0.10 mishandle Integer Overflow checks because they rely on compiler | behavior that is undefined by the applicable C standards. This can, | for example, lead to an application crash. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-14973 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14973 [1] https://gitlab.com/libtiff/libtiff/merge_requests/90 [2] https://gitlab.com/libtiff/libtiff/commit/1b5e3b6a23827c33acf19ad50ce5ce78f12b3773 Please adjust the affected versions in the BTS as needed. Regards, Salvatore