{"id":"MGASA-2016-0388","summary":"Updated libtiff packages fix security vulnerability","details":"A read outside of array in tiffsplit (or other utilities using\nTIFFNumberOfStrips()) (CVE-2016-9273).\n\nA potential read outside buffer in _TIFFPrintField() (CVE-2016-9297).\n\nMultiple uint32 overflows in writeBufferToSeparateStrips(),\nwriteBufferToContigTiles() and writeBufferToSeparateTiles() that could\ncause heap buffer overflows (CVE-2016-9532).\n","modified":"2026-02-02T03:10:53.481963Z","published":"2016-11-17T23:40:52Z","related":["CVE-2016-9273","CVE-2016-9297","CVE-2016-9532"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0388.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19758"},{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2016/11/11/6"},{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2016/11/14/7"},{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2016/11/22/1"}],"affected":[{"package":{"name":"libtiff","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libtiff?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.0.6-1.6.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0388.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}