UbuntuUpdates.org

Package "libtiff-dev"

Name: libtiff-dev

Description:

Tag Image File Format library (TIFF), development files, current version

Latest version: 4.0.9-5ubuntu0.10
Release: bionic (18.04)
Level: security
Repository: main
Head package: tiff
Homepage: http://libtiff.maptools.org

Links


Download "libtiff-dev"


Other versions of "libtiff-dev" in Bionic

Repository Area Version
updates main 4.0.9-5ubuntu0.10

Changelog

Version: 4.0.9-5ubuntu0.10 2023-03-06 17:06:52 UTC

  tiff (4.0.9-5ubuntu0.10) bionic-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds reads
    - debian/patches/CVE-2023-0795.patch: Amend rotateImage() not to toggle the
      input image width and length parameters when only cropped image sections
      are rotated in tiffcrop.c.
    - CVE-2023-0795
    - CVE-2023-0796
    - CVE-2023-0797
    - CVE-2023-0798
    - CVE-2023-0799
  * SECURITY UPDATE: out-of-bounds writes
    - debian/patches/CVE-2023-0800.patch: added check for assumption on
      composite images in tiffcrop.c.
    - CVE-2023-0800
    - CVE-2023-0801
    - CVE-2023-0802
    - CVE-2023-0803
    - CVE-2023-0804

 -- Fabian Toepfer <email address hidden> Fri, 03 Mar 2023 17:24:30 +0100

Source diff to previous version
CVE-2023-0795 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file
CVE-2023-0796 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file
CVE-2023-0797 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing a
CVE-2023-0798 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file
CVE-2023-0799 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file
CVE-2023-0800 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff fil
CVE-2023-0801 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing
CVE-2023-0802 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff fil
CVE-2023-0803 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff fil
CVE-2023-0804 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff fil

Version: 4.0.9-5ubuntu0.9 2022-12-01 18:12:29 UTC

  tiff (4.0.9-5ubuntu0.9) bionic-security; urgency=medium

  * SECURITY UPDATE: unsigned integer overflow
    - debian/patches/CVE-2022-3970.patch: adds size_t type casts in the
      TIFFReadRGBATile function in libtiff/tif_getimage.c.
    - CVE-2022-3970

 -- David Fernandez Gonzalez <email address hidden> Thu, 01 Dec 2022 10:22:37 +0100

Source diff to previous version
CVE-2022-3970 A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getim

Version: 4.0.9-5ubuntu0.8 2022-11-08 06:07:24 UTC

  tiff (4.0.9-5ubuntu0.8) bionic-security; urgency=medium

  * SECURITY UPDATE: out-of-bound read/write in tiffcrop
    - debian/patches/CVE-2022-2867_2868_2869.patch: Fix heap-buffer-overflow by
      correcting uint32_t underflow
    - CVE-2022-2867
    - CVE-2022-2868
    - CVE-2022-2869
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2022-3570_3598.patch: increases buffer sizes for
      subroutines in tools/tiffcrop.c.
    - CVE-2022-3570
    - CVE-2022-3598
  * SECURITY UPDATE: out-of-bound write in tiffcrop
    - debian/patches/CVE-2022-3599.patch: Revised handling of TIFFTAG_INKNAMES
      and related TIFFTAG_NUMBEROFINKS value
    - CVE-2022-3599
  * SECURITY UPDATE: stack overflow in _TIFFVGetField
    - debian/patches/CVE-2022-34526.patch: Add _TIFFCheckFieldIsValidForCodec()
      return FALSE when passed a codec-specific tag and the codec is not
      configured
    - CVE-2022-34526

 -- Nishit Majithia <email address hidden> Tue, 01 Nov 2022 20:45:49 +0530

Source diff to previous version
CVE-2022-2867 libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcro
CVE-2022-2868 libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is ab
CVE-2022-2869 libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker wh
CVE-2022-3570 Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory acces
CVE-2022-3598 LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-servi
CVE-2022-3599 LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted
CVE-2022-34526 A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service

Version: 4.0.9-5ubuntu0.7 2022-09-20 10:07:06 UTC

  tiff (4.0.9-5ubuntu0.7) bionic-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read error in tiffcrop
    - debian/patches/CVE-2020-19131.patch: fix invertImage() for bps 2 and 4.
    - CVE-2020-19131
  * SECURITY UPDATE: out-of-bounds read error when executing LogLuv
    compression routines
    - debian/patches/CVE-2020-19144.patch: LogLuvSetupEncode() error must
      return 0.
    - CVE-2020-19144
  * SECURITY UPDATE: buffer overflow issue in tiffcp tool
    - debian/patches/CVE-2022-1355.patch: tiffcp: avoid buffer overflow in
      "mode" string.
    - CVE-2022-1355
  * SECURITY UPDATE: Divide By Zero error in tiffcrop
    - debian/patches/CVE-2022-2056_2057_2058.patch: fix the FPE in tiffcrop
    - CVE-2022-2056
    - CVE-2022-2057
    - CVE-2022-2058

 -- Nishit Majithia <email address hidden> Fri, 16 Sep 2022 19:12:06 +0530

Source diff to previous version
CVE-2020-19131 Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
CVE-2020-19144 Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
CVE-2022-1355 A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiff
CVE-2022-2056 Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libti
CVE-2022-2057 Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libti
CVE-2022-2058 Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libti

Version: 4.0.9-5ubuntu0.6 2022-09-12 09:07:04 UTC

  tiff (4.0.9-5ubuntu0.6) bionic-security; urgency=medium

  * SECURITY UPDATE: NULL Pointer Dereference
    - debian/patches/CVE-2022-0907.patch: add checks for return value of
    limitMalloc in tools/tiffcrop.c.
    - debian/patches/CVE-2022-0908.patch: avoid
    calling memcpy() with a null source pointer and size of zero in
    libtiff/tif_dirread.c.
    - CVE-2022-0907
    - CVE-2022-0908
  * SECURITY UPPDATE: floating point exception
    - debian/patches/CVE-2022-0909.patch: fix the FPE in tiffcrop by
    checking if variable is Nan in libtiff/tif_dir.c.
    - CVE-2022-0909
  * SECURITY UPDATE: heap buffer overflow in cpContigBufToSeparateBuf
    - debian/patches/CVE-2022-0924.patch: fix heap buffer overflow in
    tools/tiffcp.c.
    - CVE-2022-0924
  * SECURITY UPDATE: out-of-bounds with custom tag
    - debian/patches/CVE-2022-22844.patch: fix global-buffer-overflow
    for ASCII tags where count is required in tools/tiffset.c.
    - CVE-2022-22844

 -- David Fernandez Gonzalez <email address hidden> Thu, 08 Sep 2022 17:07:14 +0200

CVE-2022-0907 Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file
CVE-2022-0908 Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could le
CVE-2022-0909 Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libti
CVE-2022-0924 Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile lib
CVE-2022-22844 LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of th



About   -   Send Feedback to @ubuntu_updates