Package : tiff3 Version : 3.9.6-11+deb7u8 CVE ID : CVE-2017-11335 Debian Bug : 868513 A heap based buffer overflow has been discovered in the tiff2pdf utility, part of the Tag Image File Format (TIFF) library. A PlanarConfig=Contig image can cause an out-of-bounds write (related to the ZIPDecode function). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack. For Debian 7 "Wheezy", these problems have been fixed in version 3.9.6-11+deb7u8. We recommend that you upgrade your tiff3 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: Digital signature