| Package | tiff |
|---|---|
| Version | 4.0.2-6+deb7u22 |
| Related CVEs | CVE-2018-10963 |
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.
For Debian 7 Wheezy, these problems have been fixed in version 4.0.2-6+deb7u22.
We recommend that you upgrade your tiff packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.