An Invalid Address dereference was discovered in
TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF
4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote
attackers could leverage this vulnerability to cause a denial-of-service via a
crafted tiff file. This is different from CVE-2018-12900.
Created libtiff tracking bugs for this issue:
Affects: fedora-all [bug 1677529]