| Package | tiff3 |
|---|---|
| Version | 3.9.6-11+deb7u14 |
| Related CVEs | CVE-2018-5360 |
A vulnerability has been discovered in tiff3, an older implementation of the libtiff library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. Mishandling the reading of TIFF files has been demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick.
For Debian 7 Wheezy, these problems have been fixed in version 3.9.6-11+deb7u14.
We recommend that you upgrade your tiff3 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.