Univention Bugzilla – Bug 55736
tiff: Multiple issues (5.0)
Last modified: 2023-02-23 16:55:10 CET
New Debian tiff 4.1.0+git191117-2~deb10u7 fixes: This update addresses the following issues: * out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0795) * out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0796) * out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0797) * out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c (CVE-2023-0798) * use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0799) * out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800) * out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801) * out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802) * out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803) * out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804)
--- mirror/ftp/pool/main/t/tiff/tiff_4.1.0+git191117-2~deb10u6.dsc +++ apt/ucs_5.0-0-errata5.0-3/source/tiff_4.1.0+git191117-2~deb10u7.dsc @@ -1,3 +1,11 @@ +4.1.0+git191117-2~deb10u7 [Tue, 21 Feb 2023 20:40:34 +0100] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Several flaws were found in tiffcrop, a program distributed by tiff, + a library and tools providing support for the Tag Image File Format (TIFF). + A specially crafted tiff file can lead to an out-of-bounds write or read + resulting in a denial of service. + 4.1.0+git191117-2~deb10u6 [Sat, 28 Jan 2023 14:22:59 +0530] Utkarsh Gupta <utkarsh@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/5.0-3/#1329525224688055858>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-3] 9ff1387391 Bug #55736: tiff 4.1.0+git191117-2~deb10u7 doc/errata/staging/tiff.yaml | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) [5.0-3] 731c12e1c3 Bug #55736: tiff 4.1.0+git191117-2~deb10u7 doc/errata/staging/tiff.yaml | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x594>