UbuntuUpdates.org

Package "tiff"

Name: tiff

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Tag Image File Format library (TIFF), development files, current version
  • TIFF manipulation and conversion documentation
  • Tag Image File Format (TIFF) library
  • Tag Image File Format library (TIFF), development files
Latest version: 4.0.9-5ubuntu0.10
Release: bionic (18.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "tiff" in Bionic

Repository Area Version
base main 4.0.9-5
base universe 4.0.9-5
security universe 4.0.9-5ubuntu0.10
updates main 4.0.9-5ubuntu0.10
updates universe 4.0.9-5ubuntu0.10

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.0.9-5ubuntu0.5 2022-05-16 08:06:16 UTC

  tiff (4.0.9-5ubuntu0.5) bionic-security; urgency=medium

  * SECURITY UPDATE: malloc failure in TIFF2RGBA tool
    - debian/patches/CVE-2020-35522.patch: enforce (configurable) memory
      limit in tools/tiff2rgba.c.
    - CVE-2020-35522
  * SECURITY UPDATE: null pointer in TIFFReadDirectory
    - debian/patches/CVE-2022-0561.patch: add sanity check to ensure
      pointer provided to memcpy is not null in libtiff/tif_dirread.c.
    - CVE-2022-0561
  * SECURITY UPDATE: null pointer in TIFFFetchStripThing
    - debian/patches/CVE-2022-0562.patch: add sanity check to ensure
      pointer provided to memcpy is not null in libtiff/tif_dirread.c.
    - CVE-2022-0562
  * SECURITY UPDATE: denial of service through assertion failure.
    - debian/patches/CVE-2022-0865.patch: reset flags to initial state
      when file has multiple IFD and when bit reversal is needed in
      libtiff/tif_jbig.c.
    - CVE-2022-0865
  * SECURITY UPDATE: heap buffer overflow in ExtractImageSection
    - debian/patches/CVE-2022-0891.patch: correct wrong formula for
      image row size calculation in tools/tiffcrop.c.
    - CVE-2022-0891

 -- David Fernandez Gonzalez <email address hidden> Wed, 11 May 2022 17:09:42 +0200
Source diff to previous version
CVE-2020-35522 In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service
CVE-2022-0561 Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0
CVE-2022-0562 Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 coul
CVE-2022-0865 Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff
CVE-2022-0891 A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bou

Version: 4.0.9-5ubuntu0.4 2021-02-25 20:07:07 UTC

  tiff (4.0.9-5ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer overflow in tif_getimage.c
    - debian/patches/CVE-2020-35523.patch: check Tile width for overflow in
      libtiff/tif_getimage.c.
    - CVE-2020-35523
  * SECURITY UPDATE: Heap-based buffer overflow in TIFF2PDF tool
    - debian/patches/CVE-2020-35524.patch: properly calculate datasize when
      saving to JPEG YCbCr in tools/tiff2pdf.c.
    - CVE-2020-35524

 -- Marc Deslauriers <email address hidden> Thu, 25 Feb 2021 07:37:14 -0500
Source diff to previous version
CVE-2020-35523 Integer overflow in tif_getimage.c
CVE-2020-35524 Heap-based buffer overflow in TIFF2PDF tool

Version: 4.0.9-5ubuntu0.3 2019-10-17 13:07:15 UTC

  tiff (4.0.9-5ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: incorrect integer overflow checks
    - debian/patches/CVE-2019-14973.patch: fix implementation-defined
      behaviour in libtiff/tif_aux.c, libtiff/tif_getimage.c,
      libtiff/tif_luv.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c,
      libtiff/tif_strip.c, libtiff/tif_tile.c, libtiff/tiffiop.h.
    - debian/libtiff5.symbols: added new symbols.
    - CVE-2019-14973
  * SECURITY UPDATE: heap-based buffer overflow via crafted RGBA image
    - debian/patches/CVE-2019-17546.patch: fix integer overflow in
      libtiff/tif_getimage.c.
    - CVE-2019-17546

 -- Marc Deslauriers <email address hidden> Wed, 16 Oct 2019 09:44:21 -0400
Source diff to previous version
CVE-2019-14973 _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavio
CVE-2019-17546 tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-ba

Version: 4.0.9-5ubuntu0.2 2019-03-12 14:06:59 UTC

  tiff (4.0.9-5ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: heap over-read in TIFFWriteScanline
    - debian/patches/CVE-2018-10779.patch: fix overflow in
      libtiff/tif_write.c.
    - CVE-2018-10779
  * SECURITY UPDATE: heap over-read in cpSeparateBufToContigBuf
    - debian/patches/CVE-2018-12900-1.patch: check for overflow in
      tools/tiffcp.c.
    - debian/patches/CVE-2018-12900-2.patch: use INT_MAX in tools/tiffcp.c.
    - CVE-2018-12900
    - CVE-2019-7663
  * SECURITY UPDATE: NULL pointer dereference in _TIFFmemcmp
    - debian/patches/CVE-2018-17000.patch: add NULL check in
      libtiff/tif_dirwrite.c.
    - CVE-2018-17000
  * SECURITY UPDATE: NULL pointer dereference in TIFFWriteDirectorySec
    - debian/patches/CVE-2018-19210-1.patch: unset transferfunction field
      if necessary in libtiff/tif_dir.c.
    - debian/patches/CVE-2018-19210-2.patch: fix warning in
      libtiff/tif_dir.c.
    - CVE-2018-19210
  * SECURITY UPDATE: memory leak in TIFFFdOpen
    - debian/patches/CVE-2019-6128.patch: properly handle errors in
      tools/pal2rgb.c.
    - CVE-2019-6128

 -- Marc Deslauriers <email address hidden> Mon, 11 Mar 2019 11:59:03 -0400
Source diff to previous version
CVE-2018-10779 TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
CVE-2018-12900 Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service
CVE-2019-7663 An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpS
CVE-2018-17000 A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an a
CVE-2018-19210 In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service a
CVE-2019-6128 The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

Version: 4.0.9-5ubuntu0.1 2019-01-22 14:06:59 UTC

  tiff (4.0.9-5ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in LZWDecodeCompat
    - debian/patches/CVE-2018-8905.patch: fix logic in libtiff/tif_lzw.c.
    - CVE-2018-8905
  * SECURITY UPDATE: DoS in TIFFWriteDirectorySec()
    - debian/patches/CVE-2018-10963.patch: avoid assertion in
      libtiff/tif_dirwrite.c.
    - CVE-2018-10963
  * SECURITY UPDATE: multiple overflows
    - debian/patches/CVE-2018-1710x.patch: Avoid overflows in
      tools/pal2rgb.c, tools/tiff2bw.c, tools/ppm2tiff.c.
    - CVE-2018-17100
    - CVE-2018-17101
  * SECURITY UPDATE: JBIGDecode out-of-bounds write
    - debian/patches/CVE-2018-18557.patch: fix issue in libtiff/tif_jbig.c,
      libtiff/tif_read.c.
    - CVE-2018-18557
  * SECURITY UPDATE: NULL pointer dereference in LZWDecode
    - debian/patches/CVE-2018-18661.patch: add checks to tools/tiff2bw.c.
    - CVE-2018-18661

 -- Marc Deslauriers <email address hidden> Thu, 17 Jan 2019 09:13:55 -0500
CVE-2018-8905 In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2p
CVE-2018-10963 The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failu
CVE-2018-1710 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that
CVE-2018-17100 An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) o
CVE-2018-17101 An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a deni
CVE-2018-18557 LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-
CVE-2018-18661 An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.


About   -   Send Feedback to @ubuntu_updates