tiff 4.1.0+git191117-2ubuntu0.20.04.9 source package in Ubuntu
Changelog
tiff (4.1.0+git191117-2ubuntu0.20.04.9) focal-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-48281.patch: correct simple copy paste error in
tiffcrop.c.
- CVE-2022-48281
* SECURITY UPDATE: NULL pointer dereference
- d/p/0001-countInkNamesString-fix-UndefinedBehaviorSanitizer-a.patch: Fix
undefined behavior in tif_dir.c.
- CVE-2023-2908
* SECURITY UPDATE: NULL pointer dereference
- d/p/0002-TIFFClose-avoid-NULL-pointer-dereferencing.-fix-515.patch: avoid
NULL pointer dereferencing in tif_close.c.
- CVE-2023-3316
* SECURITY UPDATE: buffer overflow
- d/p/0003-Consider-error-return-of-writeSelections.patch: Consider error
return of writeSelections() in tiffcrop.c.
- CVE-2023-3618
* SECURITY UPDATE: heap-based buffer overflow
- d/p/0004-tiffcrop-correctly-update-buffersize-after-rotateIma.patch:
correctly update buffersize after rotateImage() and enlarge buffsize and
check integer overflow within rotateImage() in tiffcrop.c.
- CVE-2023-25433
* SECURITY UPDATE: Use after free
- d/p/0005-tiffcrop-Do-not-reuse-input-buffer-for-subsequent-im.patch: Do
not reuse input buffer for subsequent images in tiffcrop.c.
- CVE-2023-26965
* SECURITY UPDATE: buffer overflow
- d/p/0006-tif_luv-Check-and-correct-for-NaN-data-in-uv_encode.patch: Check
and correct for NaN data in uv_encode() in tif_luv.c.
- CVE-2023-26966
* SECURITY UPDATE: Integer overflow
- d/p/0007-tiffcp-fix-memory-corruption-overflow-on-hostile-ima.patch: fix
memory corruption (overflow) in tiffcp.c.
- CVE-2023-38288
* SECURITY UPDATE: Integer overflow
- d/p/0008-raw2tiff-fix-integer-overflow-and-bypass-of-the-chec.patch: fix
integer overflow and bypass of the check in raw2tiff.c.
- CVE-2023-38289
-- Fabian Toepfer <email address hidden> Mon, 07 Aug 2023 19:14:34 +0200
Upload details
- Uploaded by:
- Fabian Toepfer
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| tiff_4.1.0+git191117.orig.tar.xz | 1.5 MiB | 67e1d045e994adb7144b0cca228d70dd6d520aaf8c75c342064bc0fd601e6e42 |
| tiff_4.1.0+git191117-2ubuntu0.20.04.9.debian.tar.xz | 43.0 KiB | 3e5931a598bcdbe183b8ba6a3cd53a08cb360936d3862432888674dd2f09e86a |
| tiff_4.1.0+git191117-2ubuntu0.20.04.9.dsc | 2.4 KiB | d66eb8b4c3a63de49a35e3887031d0a9a39f75d6d589977e2896ee8c438239da |
Available diffs
Binary packages built by this source
- libtiff-dev: Tag Image File Format library (TIFF), development files
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the development files, static library, and header files.
- libtiff-doc: TIFF manipulation and conversion documentation
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
contains documentation.
- libtiff-opengl: TIFF manipulation and conversion tools
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
contains libtiff tools that depend upon opengl. It complements the
libtiff-tools package, which contains the libtiff tools that don't
depend upon opengl.
- libtiff-opengl-dbgsym: debug symbols for libtiff-opengl
- libtiff-tools: TIFF manipulation and conversion tools
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes tools for converting TIFF images to and from other formats
and tools for doing simple manipulations of TIFF images. See also
libtiff-opengl.
- libtiff-tools-dbgsym: debug symbols for libtiff-tools
- libtiff5: Tag Image File Format (TIFF) library
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the shared library.
- libtiff5-dbgsym: debug symbols for libtiff5
- libtiff5-dev: Tag Image File Format library (TIFF), development files (transitional package)
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the development files, static library, and header files.
.
This is a transitional package. It can safely be removed.
- libtiffxx5: Tag Image File Format (TIFF) library -- C++ interface
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the shared library for the experimental C++ interfaces.
- libtiffxx5-dbgsym: debug symbols for libtiffxx5
