Format: 1.8 Date: Mon, 07 Aug 2023 19:14:34 +0200 Source: tiff Binary: libtiff-dev libtiff-opengl libtiff-tools libtiff5 libtiff5-dev libtiffxx5 Architecture: riscv64 Version: 4.1.0+git191117-2ubuntu0.20.04.9 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Fabian Toepfer Description: libtiff-dev - Tag Image File Format library (TIFF), development files libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-dev - Tag Image File Format library (TIFF), development files (transiti libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Changes: tiff (4.1.0+git191117-2ubuntu0.20.04.9) focal-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2022-48281.patch: correct simple copy paste error in tiffcrop.c. - CVE-2022-48281 * SECURITY UPDATE: NULL pointer dereference - d/p/0001-countInkNamesString-fix-UndefinedBehaviorSanitizer-a.patch: Fix undefined behavior in tif_dir.c. - CVE-2023-2908 * SECURITY UPDATE: NULL pointer dereference - d/p/0002-TIFFClose-avoid-NULL-pointer-dereferencing.-fix-515.patch: avoid NULL pointer dereferencing in tif_close.c. - CVE-2023-3316 * SECURITY UPDATE: buffer overflow - d/p/0003-Consider-error-return-of-writeSelections.patch: Consider error return of writeSelections() in tiffcrop.c. - CVE-2023-3618 * SECURITY UPDATE: heap-based buffer overflow - d/p/0004-tiffcrop-correctly-update-buffersize-after-rotateIma.patch: correctly update buffersize after rotateImage() and enlarge buffsize and check integer overflow within rotateImage() in tiffcrop.c. - CVE-2023-25433 * SECURITY UPDATE: Use after free - d/p/0005-tiffcrop-Do-not-reuse-input-buffer-for-subsequent-im.patch: Do not reuse input buffer for subsequent images in tiffcrop.c. - CVE-2023-26965 * SECURITY UPDATE: buffer overflow - d/p/0006-tif_luv-Check-and-correct-for-NaN-data-in-uv_encode.patch: Check and correct for NaN data in uv_encode() in tif_luv.c. - CVE-2023-26966 * SECURITY UPDATE: Integer overflow - d/p/0007-tiffcp-fix-memory-corruption-overflow-on-hostile-ima.patch: fix memory corruption (overflow) in tiffcp.c. - CVE-2023-38288 * SECURITY UPDATE: Integer overflow - d/p/0008-raw2tiff-fix-integer-overflow-and-bypass-of-the-chec.patch: fix integer overflow and bypass of the check in raw2tiff.c. - CVE-2023-38289 Checksums-Sha1: 907c10b9cd6394781decac405094da73087cb166 473648 libtiff-dev_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb c788abb70a7204ec768bb1dbd6a1c90d95dfbf32 15548 libtiff-opengl-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 10172ebbbbc8d00dd7292dc68820ba916dfdc553 9864 libtiff-opengl_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb d3849270b3427557da857146f2002fe10e9d9c26 415540 libtiff-tools-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb e6efa6a85cf7b707646e098f3282f69a5ed84043 183464 libtiff-tools_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb b1844de25c01f61ddc4cdbe3a458e3281d68c1b3 476336 libtiff5-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 0a0e451eac397dcff47d0482e9a5d379d3b69889 2268 libtiff5-dev_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb dc923ea568a336e2810230b11f4322e945c112d9 148348 libtiff5_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb a6618101b9ae1fd65a47e4d0f04a58466ff60f45 23188 libtiffxx5-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 216283722236b49040b8b86605ac94a1a99134c0 5580 libtiffxx5_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb dc8cbf83e31cd6ddf0f182236be26cf310c08f19 11494 tiff_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.buildinfo Checksums-Sha256: 3f19bad34650f211d1b58f61c558f1c64b25c0836909a1847c03fa2920c34b76 473648 libtiff-dev_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb fd59b6da2e2ef05c661589c529b221dbb47ba065a1b71cd3cdf915e5d1b93bd8 15548 libtiff-opengl-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 48e0b4ff962c3bad6d3b24cd3e1ea7a0b5f3302ad1fd320c064f0d7c71a30871 9864 libtiff-opengl_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb 451e774e8ee6cd14d5ac5d0e889cc2e6904c9c1e33ac6584da384712c46032e7 415540 libtiff-tools-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb ec34d40a0e8b076a86acecf30ec410a857d55a7cc177cef96fa74a4221220b65 183464 libtiff-tools_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb 024a313a7d507385c7a796dc3bb3e88327469f264e39fa2e4a92f358ec47a39b 476336 libtiff5-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb dc0533db45fa44ba8dffa7b859ecb787b4759f07b065e94288d3a6828724eeea 2268 libtiff5-dev_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb fbb28f3ee58b504268f9e91b6d915b34aee5fc6217c341950803a4927693f487 148348 libtiff5_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb 71096bcc90fb91fff94450b0a52e6591e52b66885cbb3ba62bf0517b8f963f97 23188 libtiffxx5-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 5efbe85c1b5adb8ae4fca812ca8186dcf18d0f5cfda878c55190ac99956bb77b 5580 libtiffxx5_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb c7de8a9b760e8828f2d868ffa619e772fbacad777934019f36d8624a60f539bc 11494 tiff_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.buildinfo Files: cb8374b1a659b796ffdc5af54f7251f6 473648 libdevel optional libtiff-dev_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb f914cb95f124bb86258de1906e081430 15548 debug optional libtiff-opengl-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 6ab6213e5708e1e7d7f98565253c0b4b 9864 graphics optional libtiff-opengl_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb ab6ee9a47c6c1be7212c3fa0fdc5fcb3 415540 debug optional libtiff-tools-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 888ab3b5367ef1f7a1d08961be46d581 183464 graphics optional libtiff-tools_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb dd8234f4d2db22cbc8f20fa666bda4f2 476336 debug optional libtiff5-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb ba9d853800a5448777d789b5f0a293cf 2268 oldlibs optional libtiff5-dev_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb a6ce73a92b85a7daef36910443d777d8 148348 libs optional libtiff5_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb 4aebce1628baabee35e897550fc589c7 23188 debug optional libtiffxx5-dbgsym_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.ddeb 201732d35c36d9fba323331697255804 5580 libs optional libtiffxx5_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.deb c00784fbc512aaf7d282519ed89e2733 11494 libs optional tiff_4.1.0+git191117-2ubuntu0.20.04.9_riscv64.buildinfo Original-Maintainer: Laszlo Boszormenyi (GCS)