New Debian tiff 4.5.0-6+deb12u3 fixes: This update addresses the following issue: * A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. (CVE-2025-9900)
--- mirror/ftp/pool/main/t/tiff/tiff_4.5.0-6+deb12u2.dsc +++ apt/ucs_5.2-0-errata5.2-3/source/tiff_4.5.0-6+deb12u3.dsc @@ -1,3 +1,7 @@ +4.5.0-6+deb12u3 [Sat, 27 Sep 2025 17:42:42 +0200] Moritz Mühlenhoff <jmm@debian.org>: + + * CVE-2025-9900 + 4.5.0-6+deb12u2 [Fri, 03 Jan 2025 14:39:11 +0100] Moritz Mühlenhoff <jmm@debian.org>: * CVE-2023-2908 <http://piuparts.knut.univention.de/5.2-3/#8249229257130109518>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.2-3] 6ee2f4f0076 Bug #58711: tiff 4.5.0-6+deb12u3 doc/errata/staging/tiff.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.2x254>