1
Candidate: CVE-2017-9937
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
6
In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted
7
TIFF document can lead to an abort resulting in a remote denial of service
11
mdeslaur> reported in libtiff, but issue lies in jbigkit
12
mdeslaur> as of 2018-03-22, no fix available
14
mdeslaur> this is a DoS only and is caused by the fact that jbigkit
15
mdeslaur> handles failed memory allocations with abort(). (See
16
mdeslaur> checked_malloc()). Fixing this properly would likely require
17
mdeslaur> changing the library ABI.
19
http://bugzilla.maptools.org/show_bug.cgi?id=2707
20
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869708
26
upstream_jbigkit: needs-triage
27
precise/esm_jbigkit: DNE
28
trusty_jbigkit: deferred (2018-03-22)
29
vivid/ubuntu-core_jbigkit: DNE
30
xenial_jbigkit: deferred (2018-03-22)
31
yakkety_jbigkit: ignored (reached end-of-life)
32
zesty_jbigkit: ignored (reached end-of-life)
33
artful_jbigkit: deferred (2018-03-22)
34
bionic_jbigkit: deferred (2018-03-22)
35
devel_jbigkit: deferred (2018-03-22)