IBM Security Bulletin: Libtiff vulnerabilities affect IBM SmartClound Entry

“IBM SmartCloud Entry is vulnerable to vulnerabilities in libtiff. An attacker could exploit these vulnerabilities to write data, cause a denial of service, execute arbitrary codes, or cause crashes. CVE-2014-8127 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2014-9655 CVE-2015-1547 CVE-2015-7554 CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2016-3632 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2015-8668 CVE-2016-5320

CVE(s): CVE-2014-8127, CVE-2014-8129, CVE-2014-8130, CVE-2014-9330, CVE-2014-9655, CVE-2015-1547, CVE-2015-7554, CVE-2015-8665, CVE-2015-8668, CVE-2015-8683, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2015-8784, CVE-2016-3632, CVE-2016-3945, CVE-2016-3990, CVE-2016-3991, CVE-2016-5320

Affected product(s) and affected version(s):

IBM SmartCloud Entry 2.2.0 through 2.2.0.4 Appliance fix pack 6
IBM SmartCloud Entry 2.3.0 through 2.3.0.4 Appliance fix pack 6
IBM SmartCloud Entry 2.4.0 through 2.4.0.4 Appliance fix pack 6
IBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 21
IBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 21

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2coCsSE
X-Force Database: http://ift.tt/2ciMeIW
X-Force Database: http://ift.tt/2coBVjE
X-Force Database: http://ift.tt/2ciNImB
X-Force Database: http://ift.tt/2coBXI9
X-Force Database: http://ift.tt/2ciNI65
X-Force Database: http://ift.tt/2coCude
X-Force Database: http://ift.tt/1TXkkef
X-Force Database: http://ift.tt/2coBXIi
X-Force Database: http://ift.tt/2ciMEPR
X-Force Database: http://ift.tt/2coBTrF
X-Force Database: http://ift.tt/1saMdcn
X-Force Database: http://ift.tt/1TXjVbO
X-Force Database: http://ift.tt/1saLNma
X-Force Database: http://ift.tt/2coCFVZ
X-Force Database: http://ift.tt/2ciMyaK
X-Force Database: http://ift.tt/2coBAgy
X-Force Database: http://ift.tt/2ciNk7G
X-Force Database: http://ift.tt/2coD4aI
X-Force Database: http://ift.tt/2ciMwzE



from IBM Product Security Incident Response Team http://ift.tt/2coBp50