Vulnerability-Lookup

CVE-2017-11613 (GCVE-0-2017-11613)

Vulnerability from cvelistv5 – Published: 2017-07-26 08:00 – Updated: 2024-08-05 18:12

Summary

In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

6 references

URL	Tags
http://www.securityfocus.com/bid/99977	vdb-entryx_refsource_BID
https://usn.ubuntu.com/3606-1/	vendor-advisoryx_refsource_UBUNTU
https://gist.github.com/dazhouzhou/1a3b7400547f23…	x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
https://www.debian.org/security/2018/dsa-4349	vendor-advisoryx_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST

Date Public

2017-07-26 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.627Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99977",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99977"
          },
          {
            "name": "USN-3606-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3606-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f"
          },
          {
            "name": "[debian-lts-announce] 20180531 [SECURITY] [DLA 1391-1] tiff security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html"
          },
          {
            "name": "DSA-4349",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4349"
          },
          {
            "name": "[debian-lts-announce] 20180702 [SECURITY] [DLA 1411-1] tiff security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-01T10:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99977",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99977"
        },
        {
          "name": "USN-3606-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3606-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f"
        },
        {
          "name": "[debian-lts-announce] 20180531 [SECURITY] [DLA 1391-1] tiff security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html"
        },
        {
          "name": "DSA-4349",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4349"
        },
        {
          "name": "[debian-lts-announce] 20180702 [SECURITY] [DLA 1411-1] tiff security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11613",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99977",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99977"
            },
            {
              "name": "USN-3606-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3606-1/"
            },
            {
              "name": "https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f",
              "refsource": "MISC",
              "url": "https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f"
            },
            {
              "name": "[debian-lts-announce] 20180531 [SECURITY] [DLA 1391-1] tiff security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html"
            },
            {
              "name": "DSA-4349",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4349"
            },
            {
              "name": "[debian-lts-announce] 20180702 [SECURITY] [DLA 1411-1] tiff security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11613",
    "datePublished": "2017-07-26T08:00:00.000Z",
    "dateReserved": "2017-07-25T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:12:40.627Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2017-11613",
      "date": "2026-05-28",
      "epss": "0.00548",
      "percentile": "0.68176"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-11613\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-07-26T08:29:00.197\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.\"},{\"lang\":\"es\",\"value\":\"En LibTIFF 4.0.8, existe una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en la funci\u00f3n TIFFOpen. Se podr\u00eda realizar un ataque de denegaci\u00f3n de servicio con una entrada especialmente manipulada. Durante el proceso TIFFOpen, no se verifica td_imagelength. El valor de td_imagelength se puede controlar directamente por un archivo de entrada. En la funci\u00f3n ChopUpSingleUncompressedStrip , se llama a la funci\u00f3n _TIFFCheckMalloc en base a td_imagelength. Si se establece un valor para td_imagelenght cercano a la cantidad de memoria del sistema, el sistema se colgar\u00e1 o se activar\u00e1 el killer OOM.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:4.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B3BFA08-D819-4896-8E7B-FEDF1711C407\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99977\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3606-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4349\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/99977\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3606-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4349\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

SUSE-SU-2018:3289-1

Vulnerability from csaf_suse - Published: 2018-10-22 13:30 - Updated: 2018-10-22 13:30

Summary

Security update for tiff

Severity

Moderate

Notes

Title of the patch: Security update for tiff

Description of the patch: This update for tiff fixes the following issues: - CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637) - CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627) - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358) - CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)

Patchnames: SUSE-SLE-DESKTOP-12-SP3-2018-2375,SUSE-SLE-SDK-12-SP3-2018-2375,SUSE-SLE-SERVER-12-SP3-2018-2375

CVE-2017-11613

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 26 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-9935

7.3 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected products

Recommended 26 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2018-16335

4.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Affected products

Recommended 26 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-17100

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 26 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-17101

4.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Affected products

Recommended 26 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-17795

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 26 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

31 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1106853	self
https://bugzilla.suse.com/1108627	self
https://bugzilla.suse.com/1108637	self
https://bugzilla.suse.com/1110358	self
https://www.suse.com/security/cve/CVE-2017-11613/	self
https://www.suse.com/security/cve/CVE-2017-9935/	self
https://www.suse.com/security/cve/CVE-2018-16335/	self
https://www.suse.com/security/cve/CVE-2018-17100/	self
https://www.suse.com/security/cve/CVE-2018-17101/	self
https://www.suse.com/security/cve/CVE-2018-17795/	self
https://www.suse.com/security/cve/CVE-2017-11613	external
https://bugzilla.suse.com/1082332	external
https://bugzilla.suse.com/1106853	external
https://www.suse.com/security/cve/CVE-2017-9935	external
https://bugzilla.suse.com/1046077	external
https://bugzilla.suse.com/1074318	external
https://bugzilla.suse.com/1108606	external
https://bugzilla.suse.com/1110358	external
https://www.suse.com/security/cve/CVE-2018-16335	external
https://bugzilla.suse.com/1106853	external
https://www.suse.com/security/cve/CVE-2018-17100	external
https://bugzilla.suse.com/1108637	external
https://www.suse.com/security/cve/CVE-2018-17101	external
https://bugzilla.suse.com/1108627	external
https://www.suse.com/security/cve/CVE-2018-17795	external
https://bugzilla.suse.com/1046077	external
https://bugzilla.suse.com/1110358	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tiff",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tiff fixes the following issues:\n\n- CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637)\n- CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627)\n- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)\n- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-DESKTOP-12-SP3-2018-2375,SUSE-SLE-SDK-12-SP3-2018-2375,SUSE-SLE-SERVER-12-SP3-2018-2375",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3289-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:3289-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183289-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:3289-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004759.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106853",
        "url": "https://bugzilla.suse.com/1106853"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108627",
        "url": "https://bugzilla.suse.com/1108627"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108637",
        "url": "https://bugzilla.suse.com/1108637"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110358",
        "url": "https://bugzilla.suse.com/1110358"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11613 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11613/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9935 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9935/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16335 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16335/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17100 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17100/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17101 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17101/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17795 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17795/"
      }
    ],
    "title": "Security update for tiff",
    "tracking": {
      "current_release_date": "2018-10-22T13:30:31Z",
      "generator": {
        "date": "2018-10-22T13:30:31Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:3289-1",
      "initial_release_date": "2018-10-22T13:30:31Z",
      "revision_history": [
        {
          "date": "2018-10-22T13:30:31Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-4.0.9-44.24.1.aarch64",
                "product": {
                  "name": "libtiff-devel-4.0.9-44.24.1.aarch64",
                  "product_id": "libtiff-devel-4.0.9-44.24.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff5-4.0.9-44.24.1.aarch64",
                "product": {
                  "name": "libtiff5-4.0.9-44.24.1.aarch64",
                  "product_id": "libtiff5-4.0.9-44.24.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-4.0.9-44.24.1.aarch64",
                "product": {
                  "name": "tiff-4.0.9-44.24.1.aarch64",
                  "product_id": "tiff-4.0.9-44.24.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-4.0.9-44.24.1.ppc64le",
                "product": {
                  "name": "libtiff-devel-4.0.9-44.24.1.ppc64le",
                  "product_id": "libtiff-devel-4.0.9-44.24.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff5-4.0.9-44.24.1.ppc64le",
                "product": {
                  "name": "libtiff5-4.0.9-44.24.1.ppc64le",
                  "product_id": "libtiff5-4.0.9-44.24.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-4.0.9-44.24.1.ppc64le",
                "product": {
                  "name": "tiff-4.0.9-44.24.1.ppc64le",
                  "product_id": "tiff-4.0.9-44.24.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-4.0.9-44.24.1.s390x",
                "product": {
                  "name": "libtiff-devel-4.0.9-44.24.1.s390x",
                  "product_id": "libtiff-devel-4.0.9-44.24.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff5-4.0.9-44.24.1.s390x",
                "product": {
                  "name": "libtiff5-4.0.9-44.24.1.s390x",
                  "product_id": "libtiff5-4.0.9-44.24.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff5-32bit-4.0.9-44.24.1.s390x",
                "product": {
                  "name": "libtiff5-32bit-4.0.9-44.24.1.s390x",
                  "product_id": "libtiff5-32bit-4.0.9-44.24.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-4.0.9-44.24.1.s390x",
                "product": {
                  "name": "tiff-4.0.9-44.24.1.s390x",
                  "product_id": "tiff-4.0.9-44.24.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff5-4.0.9-44.24.1.x86_64",
                "product": {
                  "name": "libtiff5-4.0.9-44.24.1.x86_64",
                  "product_id": "libtiff5-4.0.9-44.24.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff5-32bit-4.0.9-44.24.1.x86_64",
                "product": {
                  "name": "libtiff5-32bit-4.0.9-44.24.1.x86_64",
                  "product_id": "libtiff5-32bit-4.0.9-44.24.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff-devel-4.0.9-44.24.1.x86_64",
                "product": {
                  "name": "libtiff-devel-4.0.9-44.24.1.x86_64",
                  "product_id": "libtiff-devel-4.0.9-44.24.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-4.0.9-44.24.1.x86_64",
                "product": {
                  "name": "tiff-4.0.9-44.24.1.x86_64",
                  "product_id": "tiff-4.0.9-44.24.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Desktop 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_id": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sled:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-32bit-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "libtiff5-32bit-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-4.0.9-44.24.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64"
        },
        "product_reference": "libtiff-devel-4.0.9-44.24.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-4.0.9-44.24.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le"
        },
        "product_reference": "libtiff-devel-4.0.9-44.24.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-4.0.9-44.24.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x"
        },
        "product_reference": "libtiff-devel-4.0.9-44.24.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "libtiff-devel-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-32bit-4.0.9-44.24.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x"
        },
        "product_reference": "libtiff5-32bit-4.0.9-44.24.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-32bit-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "libtiff5-32bit-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64"
        },
        "product_reference": "tiff-4.0.9-44.24.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le"
        },
        "product_reference": "tiff-4.0.9-44.24.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x"
        },
        "product_reference": "tiff-4.0.9-44.24.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "tiff-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "libtiff5-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-32bit-4.0.9-44.24.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x"
        },
        "product_reference": "libtiff5-32bit-4.0.9-44.24.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff5-32bit-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "libtiff5-32bit-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64"
        },
        "product_reference": "tiff-4.0.9-44.24.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le"
        },
        "product_reference": "tiff-4.0.9-44.24.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x"
        },
        "product_reference": "tiff-4.0.9-44.24.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-4.0.9-44.24.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64"
        },
        "product_reference": "tiff-4.0.9-44.24.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-11613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11613",
          "url": "https://www.suse.com/security/cve/CVE-2017-11613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1082332 for CVE-2017-11613",
          "url": "https://bugzilla.suse.com/1082332"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1106853 for CVE-2017-11613",
          "url": "https://bugzilla.suse.com/1106853"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-22T13:30:31Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-11613"
    },
    {
      "cve": "CVE-2017-9935",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9935"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9935",
          "url": "https://www.suse.com/security/cve/CVE-2017-9935"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046077 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1046077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1074318 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1074318"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1108606 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1108606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110358 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1110358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-22T13:30:31Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9935"
    },
    {
      "cve": "CVE-2018-16335",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16335"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16335",
          "url": "https://www.suse.com/security/cve/CVE-2018-16335"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1106853 for CVE-2018-16335",
          "url": "https://bugzilla.suse.com/1106853"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-22T13:30:31Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-16335"
    },
    {
      "cve": "CVE-2018-17100",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17100"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17100",
          "url": "https://www.suse.com/security/cve/CVE-2018-17100"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1108637 for CVE-2018-17100",
          "url": "https://bugzilla.suse.com/1108637"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-22T13:30:31Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-17100"
    },
    {
      "cve": "CVE-2018-17101",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17101"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17101",
          "url": "https://www.suse.com/security/cve/CVE-2018-17101"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1108627 for CVE-2018-17101",
          "url": "https://bugzilla.suse.com/1108627"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-22T13:30:31Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-17101"
    },
    {
      "cve": "CVE-2018-17795",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17795"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17795",
          "url": "https://www.suse.com/security/cve/CVE-2018-17795"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046077 for CVE-2018-17795",
          "url": "https://bugzilla.suse.com/1046077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110358 for CVE-2018-17795",
          "url": "https://bugzilla.suse.com/1110358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-32bit-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libtiff5-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tiff-4.0.9-44.24.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:libtiff-devel-4.0.9-44.24.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-22T13:30:31Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-17795"
    }
  ]
}

SUSE-SU-2018:3391-1

Vulnerability from csaf_suse - Published: 2018-10-24 13:03 - Updated: 2018-10-24 13:03

Summary

Security update for tiff

Severity

Moderate

Notes

Title of the patch: Security update for tiff

Patchnames: sdksp4-tiff-13834,slessp4-tiff-13834

CVE-2017-11613

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-9935

7.3 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2018-16335

4.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-17100

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-17101

4.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-17795

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

31 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1106853	self
https://bugzilla.suse.com/1108627	self
https://bugzilla.suse.com/1108637	self
https://bugzilla.suse.com/1110358	self
https://www.suse.com/security/cve/CVE-2017-11613/	self
https://www.suse.com/security/cve/CVE-2017-9935/	self
https://www.suse.com/security/cve/CVE-2018-16335/	self
https://www.suse.com/security/cve/CVE-2018-17100/	self
https://www.suse.com/security/cve/CVE-2018-17101/	self
https://www.suse.com/security/cve/CVE-2018-17795/	self
https://www.suse.com/security/cve/CVE-2017-11613	external
https://bugzilla.suse.com/1082332	external
https://bugzilla.suse.com/1106853	external
https://www.suse.com/security/cve/CVE-2017-9935	external
https://bugzilla.suse.com/1046077	external
https://bugzilla.suse.com/1074318	external
https://bugzilla.suse.com/1108606	external
https://bugzilla.suse.com/1110358	external
https://www.suse.com/security/cve/CVE-2018-16335	external
https://bugzilla.suse.com/1106853	external
https://www.suse.com/security/cve/CVE-2018-17100	external
https://bugzilla.suse.com/1108637	external
https://www.suse.com/security/cve/CVE-2018-17101	external
https://bugzilla.suse.com/1108627	external
https://www.suse.com/security/cve/CVE-2018-17795	external
https://bugzilla.suse.com/1046077	external
https://bugzilla.suse.com/1110358	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tiff",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tiff fixes the following issues:\n\n- CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637)\n- CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627)\n- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)\n- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "sdksp4-tiff-13834,slessp4-tiff-13834",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3391-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:3391-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183391-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:3391-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004784.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106853",
        "url": "https://bugzilla.suse.com/1106853"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108627",
        "url": "https://bugzilla.suse.com/1108627"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108637",
        "url": "https://bugzilla.suse.com/1108637"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110358",
        "url": "https://bugzilla.suse.com/1110358"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11613 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11613/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9935 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9935/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16335 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16335/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17100 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17100/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17101 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17101/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-17795 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-17795/"
      }
    ],
    "title": "Security update for tiff",
    "tracking": {
      "current_release_date": "2018-10-24T13:03:36Z",
      "generator": {
        "date": "2018-10-24T13:03:36Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:3391-1",
      "initial_release_date": "2018-10-24T13:03:36Z",
      "revision_history": [
        {
          "date": "2018-10-24T13:03:36Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-3.8.2-141.169.19.1.i586",
                "product": {
                  "name": "libtiff-devel-3.8.2-141.169.19.1.i586",
                  "product_id": "libtiff-devel-3.8.2-141.169.19.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-3.8.2-141.169.19.1.i586",
                "product": {
                  "name": "libtiff3-3.8.2-141.169.19.1.i586",
                  "product_id": "libtiff3-3.8.2-141.169.19.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-3.8.2-141.169.19.1.i586",
                "product": {
                  "name": "tiff-3.8.2-141.169.19.1.i586",
                  "product_id": "tiff-3.8.2-141.169.19.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-3.8.2-141.169.19.1.ia64",
                "product": {
                  "name": "libtiff-devel-3.8.2-141.169.19.1.ia64",
                  "product_id": "libtiff-devel-3.8.2-141.169.19.1.ia64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-3.8.2-141.169.19.1.ia64",
                "product": {
                  "name": "libtiff3-3.8.2-141.169.19.1.ia64",
                  "product_id": "libtiff3-3.8.2-141.169.19.1.ia64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-x86-3.8.2-141.169.19.1.ia64",
                "product": {
                  "name": "libtiff3-x86-3.8.2-141.169.19.1.ia64",
                  "product_id": "libtiff3-x86-3.8.2-141.169.19.1.ia64"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-3.8.2-141.169.19.1.ia64",
                "product": {
                  "name": "tiff-3.8.2-141.169.19.1.ia64",
                  "product_id": "tiff-3.8.2-141.169.19.1.ia64"
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-3.8.2-141.169.19.1.ppc64",
                "product": {
                  "name": "libtiff-devel-3.8.2-141.169.19.1.ppc64",
                  "product_id": "libtiff-devel-3.8.2-141.169.19.1.ppc64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
                "product": {
                  "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
                  "product_id": "libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-3.8.2-141.169.19.1.ppc64",
                "product": {
                  "name": "libtiff3-3.8.2-141.169.19.1.ppc64",
                  "product_id": "libtiff3-3.8.2-141.169.19.1.ppc64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
                "product": {
                  "name": "libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
                  "product_id": "libtiff3-32bit-3.8.2-141.169.19.1.ppc64"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-3.8.2-141.169.19.1.ppc64",
                "product": {
                  "name": "tiff-3.8.2-141.169.19.1.ppc64",
                  "product_id": "tiff-3.8.2-141.169.19.1.ppc64"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-3.8.2-141.169.19.1.s390x",
                "product": {
                  "name": "libtiff-devel-3.8.2-141.169.19.1.s390x",
                  "product_id": "libtiff-devel-3.8.2-141.169.19.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
                "product": {
                  "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
                  "product_id": "libtiff-devel-32bit-3.8.2-141.169.19.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-3.8.2-141.169.19.1.s390x",
                "product": {
                  "name": "libtiff3-3.8.2-141.169.19.1.s390x",
                  "product_id": "libtiff3-3.8.2-141.169.19.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-32bit-3.8.2-141.169.19.1.s390x",
                "product": {
                  "name": "libtiff3-32bit-3.8.2-141.169.19.1.s390x",
                  "product_id": "libtiff3-32bit-3.8.2-141.169.19.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-3.8.2-141.169.19.1.s390x",
                "product": {
                  "name": "tiff-3.8.2-141.169.19.1.s390x",
                  "product_id": "tiff-3.8.2-141.169.19.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libtiff-devel-3.8.2-141.169.19.1.x86_64",
                "product": {
                  "name": "libtiff-devel-3.8.2-141.169.19.1.x86_64",
                  "product_id": "libtiff-devel-3.8.2-141.169.19.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64",
                "product": {
                  "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64",
                  "product_id": "libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-3.8.2-141.169.19.1.x86_64",
                "product": {
                  "name": "libtiff3-3.8.2-141.169.19.1.x86_64",
                  "product_id": "libtiff3-3.8.2-141.169.19.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
                "product": {
                  "name": "libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
                  "product_id": "libtiff3-32bit-3.8.2-141.169.19.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tiff-3.8.2-141.169.19.1.x86_64",
                "product": {
                  "name": "tiff-3.8.2-141.169.19.1.x86_64",
                  "product_id": "tiff-3.8.2-141.169.19.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:suse:sle-sdk:11:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP4",
                  "product_id": "SUSE Linux Enterprise Server 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles:11:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-3.8.2-141.169.19.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586"
        },
        "product_reference": "libtiff-devel-3.8.2-141.169.19.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-3.8.2-141.169.19.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64"
        },
        "product_reference": "libtiff-devel-3.8.2-141.169.19.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "libtiff-devel-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "libtiff-devel-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "libtiff-devel-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-32bit-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-32bit-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "libtiff3-32bit-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-32bit-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-x86-3.8.2-141.169.19.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64"
        },
        "product_reference": "libtiff3-x86-3.8.2-141.169.19.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "libtiff3-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-32bit-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-32bit-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "libtiff3-32bit-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-32bit-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libtiff3-x86-3.8.2-141.169.19.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64"
        },
        "product_reference": "libtiff3-x86-3.8.2-141.169.19.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tiff-3.8.2-141.169.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64"
        },
        "product_reference": "tiff-3.8.2-141.169.19.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-11613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11613",
          "url": "https://www.suse.com/security/cve/CVE-2017-11613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1082332 for CVE-2017-11613",
          "url": "https://bugzilla.suse.com/1082332"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1106853 for CVE-2017-11613",
          "url": "https://bugzilla.suse.com/1106853"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-24T13:03:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-11613"
    },
    {
      "cve": "CVE-2017-9935",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9935"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9935",
          "url": "https://www.suse.com/security/cve/CVE-2017-9935"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046077 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1046077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1074318 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1074318"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1108606 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1108606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110358 for CVE-2017-9935",
          "url": "https://bugzilla.suse.com/1110358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-24T13:03:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9935"
    },
    {
      "cve": "CVE-2018-16335",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16335"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16335",
          "url": "https://www.suse.com/security/cve/CVE-2018-16335"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1106853 for CVE-2018-16335",
          "url": "https://bugzilla.suse.com/1106853"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-24T13:03:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-16335"
    },
    {
      "cve": "CVE-2018-17100",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17100"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17100",
          "url": "https://www.suse.com/security/cve/CVE-2018-17100"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1108637 for CVE-2018-17100",
          "url": "https://bugzilla.suse.com/1108637"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-24T13:03:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-17100"
    },
    {
      "cve": "CVE-2018-17101",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17101"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17101",
          "url": "https://www.suse.com/security/cve/CVE-2018-17101"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1108627 for CVE-2018-17101",
          "url": "https://bugzilla.suse.com/1108627"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-24T13:03:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-17101"
    },
    {
      "cve": "CVE-2018-17795",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-17795"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-17795",
          "url": "https://www.suse.com/security/cve/CVE-2018-17795"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046077 for CVE-2018-17795",
          "url": "https://bugzilla.suse.com/1046077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1110358 for CVE-2018-17795",
          "url": "https://bugzilla.suse.com/1110358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.19.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.19.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-24T13:03:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-17795"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-11613 (GCVE-0-2017-11613)

SUSE-SU-2018:3289-1

SUSE-SU-2018:3391-1

Tags

Sightings

Nomenclature