A null pointer dereference vulnerability in TIFFFetchNormalTag() occurs when values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are 0-byte arrays. Fix for CVE-2016-9297 introduced this issue. Upstream bug: http://bugzilla.maptools.org/show_bug.cgi?id=2593 CVE assignment: http://seclists.org/oss-sec/2016/q4/464
Created libtiff tracking bugs for this issue: Affects: fedora-all [bug 1397781]
Created mingw-libtiff tracking bugs for this issue: Affects: fedora-all [bug 1397782] Affects: epel-7 [bug 1397783]