A vulnerability was found in libtiff. A maliciously crafted TIFF file could cause the application to crash or even enable RCE on vulnerable machine when using rgb2ycbcr command. References: http://seclists.org/oss-sec/2016/q2/551
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1346699]
Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 1346700] Affects: epel-7 [bug 1346701]
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:1547 https://rhn.redhat.com/errata/RHSA-2016-1547.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:1546 https://rhn.redhat.com/errata/RHSA-2016-1546.html