Errata overview
Errata ID 483
Date 2018-08-15
Source package tiff
Fixed in version 4.0.3-12.3+deb8u6
Description 
This update addresses the following issues:
* Memory leak via corrupt td_imagelength in TIFFOpen function
  (CVE-2017-11613)
* uncontrolled resource consumption in TIFFSetDirectory function in tif_dir.c
  (CVE-2018-5784)
* NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a
  denial of service (CVE-2018-7456)
* heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial
  of service (CVE-2018-8905)
* reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c
  (CVE-2018-10963)
* Reachable assertion abort in the function TIFFWriteDirectorySec()
  (CVE-2017-13726)
* NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes crash
  (CVE-2017-18013)
Additional notes
CVE ID CVE-2017-11613
CVE-2018-5784
CVE-2018-7456
CVE-2018-8905
CVE-2018-10963
CVE-2017-18013
CVE-2017-13726
UCS Bug number #47545