libtiff.so is vulnerable to denial of service (DoS) through heap-based buffer overflow attacks. The vulnerability exists in the t2p_write_pdf
function in tools/tiff2pdf.c
where a malicious TIFF file can cause denial of service (DoS), and possibly other attacks.
bugzilla.maptools.org/show_bug.cgi?id=2704
www.securityfocus.com/bid/99296
bugzilla.suse.com/show_bug.cgi?id=1046077
github.com/vadz/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940
lists.debian.org/debian-lts-announce/2017/12/msg00008.html
usn.ubuntu.com/3606-1/
www.debian.org/security/2018/dsa-4100