All Vulnerability Reports

USN-3212-1 LibTIFF vulnerabilities


Severity

Medium

References
Description

CVEs contained in this USN include: CVE-2015-7554, CVE-2015-8668, CVE-2016-10092, CVE-2016-10093, CVE-2016-10094, CVE-2016-3622, CVE-2016-3623, CVE-2016-3624, CVE-2016-3632, CVE-2016-3658, CVE-2016-3945, CVE-2016-3990, CVE-2016-3991, CVE-2016-5314, CVE-2016-5315, CVE-2016-5316, CVE-2016-5317, CVE-2016-5320, CVE-2016-5321, CVE-2016-5322, CVE-2016-5323, CVE-2016-5652, CVE-2016-5875, CVE-2016-6223, CVE-2016-8331, CVE-2016-9273, CVE-2016-9297, CVE-2016-9448, CVE-2016-9453, CVE-2016-9532, CVE-2016-9533, CVE-2016-9534, CVE-2016-9535, CVE-2016-9536, CVE-2016-9537, CVE-2016-9538, CVE-2016-9539, CVE-2016-9540, CVE-2017-5225

Affected Pivotal Products and Versions

Severity is medium unless otherwise noted.

  • Vulnerable Cloud Foundry components individually listed here.
  • Pivotal products using CF components prior to the listed updated versions are vulnerable to this issue. See the Mitigation section below for more information.
Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry team recommends upgrading BOSH stemcells and/or other OSS components listed here if applicable.
  • Releases that have fixed this issue include:
    • PCF Elastic Runtime: 1.6.71, 1.7.56, 1.8.35, 1.9.13, 1.10.1