A vulnerability was found in libtiff tiffcrop tool. Processing a maliciously crafted TIFF file within the tiffcrop tool could cause a memory corruption, resulting in an application crash or, possibly, execution of arbitrary code. References: http://seclists.org/oss-sec/2016/q2/549 http://bugzilla.maptools.org/show_bug.cgi?id=2558
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1346699]
Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 1346700] Affects: epel-7 [bug 1346701]
Created attachment 1277611 [details] patch for RHEL7 This is http://bugzilla.maptools.org/show_bug.cgi?id=2558#c2 ported to RHEL7.