FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0ab66088-4aa5-11e6-a7bd-14dae9d210b8tiff -- buffer overflow

Mathias Svensson reports:

potential buffer write overrun in PixarLogDecode() on corrupted/unexpected images


Discovery 2016-06-28
Entry 2016-07-15
Modified 2016-09-06
tiff
< 4.0.6_2

linux-c6-tiff
< 3.9.4_2

linux-f10-tiff
ge *

https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
CVE-2016-5314
CVE-2016-5320
CVE-2016-5875
2a96e498-3234-4950-a9ad-419bc84a839dtiff -- multiple vulnerabilities

NVD reports:

Please reference CVE/URL list for details


Discovery 2017-04-01
Entry 2017-04-20
tiff
linux-f8-tiff
linux-f10-tiff
linux-c6-tiff
linux-c7-tiff
< 4.0.8

CVE-2017-5225
CVE-2017-7592
CVE-2017-7593
CVE-2017-7594
CVE-2017-7595
CVE-2017-7596
CVE-2017-7597
CVE-2017-7598
CVE-2017-7599
CVE-2017-7600
CVE-2017-7601
CVE-2017-7602
https://github.com/vadz/libtiff/commit/5c080298d59e
https://github.com/vadz/libtiff/commit/48780b4fcc42
https://github.com/vadz/libtiff/commit/d60332057b95
https://github.com/vadz/libtiff/commit/2ea32f7372b6
https://github.com/vadz/libtiff/commit/8283e4d1b7e5
https://github.com/vadz/libtiff/commit/47f2fb61a3a6
https://github.com/vadz/libtiff/commit/3cfd62d77c2a
https://github.com/vadz/libtiff/commit/3144e57770c1
https://github.com/vadz/libtiff/commit/0a76a8c765c7
https://github.com/vadz/libtiff/commit/66e7bd595209
fb74eacc-ec8a-11e6-bc8a-0011d823eebdtiff -- multiple vulnerabilities

libtiff project reports:

Multiple flaws have been discovered in libtiff library and utilities.


Discovery 2016-11-19
Entry 2017-02-06
tiff
< 4.0.7

linux-c6-libtiff
linux-c6-tiff
< 3.9.4_5

linux-c7-libtiff
linux-c7-tiff
< 4.0.3_3

http://simplesystems.org/libtiff/v4.0.7.html
CVE-2016-9533
CVE-2016-9534
CVE-2016-9535
CVE-2015-8870
CVE-2016-5652
CVE-2016-9540
CVE-2016-9537
CVE-2016-9536
bd349f7a-b3b9-11e5-8255-5453ed2e2b49tiff -- out-of-bounds read in tif_getimage.c

LMX of Qihoo 360 Codesafe Team discovered an out-of-bounds read in tif_getimage.c. An attacker could create a specially-crafted TIFF file that could cause libtiff to crash.


Discovery 2015-12-24
Entry 2016-01-05
Modified 2016-09-06
tiff
< 4.0.6_1

linux-c6-tiff
< 3.9.4_2

linux-f10-tiff
ge *

CVE-2015-8665
http://www.openwall.com/lists/oss-security/2015/12/24/2
b38e8150-0535-11e8-96ab-0800271d4b9ctiff -- multiple vulnerabilities

Debian Security Advisory reports:

Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code.


Discovery 2017-06-22
Entry 2018-01-29
tiff
le 4.0.9

CVE-2017-9935
http://bugzilla.maptools.org/show_bug.cgi?id=2704
CVE-2017-18013
http://bugzilla.maptools.org/show_bug.cgi?id=2770
225544
b65e4914-b3bc-11e5-8255-5453ed2e2b49tiff -- out-of-bounds read in CIE Lab image format

zzf of Alibaba discovered an out-of-bounds vulnerability in the code processing the LogLUV and CIE Lab image format files. An attacker could create a specially-crafted TIFF file that could cause libtiff to crash.


Discovery 2015-12-25
Entry 2016-01-05
Modified 2016-09-06
tiff
< 4.0.6_1

linux-c6-tiff
< 3.9.4_2

linux-f10-tiff
ge *

CVE-2015-8683
http://www.openwall.com/lists/oss-security/2015/12/25/2