Package "libtiffxx5"
Name: |
libtiffxx5
|
Description: |
Tag Image File Format (TIFF) library -- C++ interface
|
Latest version: |
4.3.0-6ubuntu0.10 |
Release: |
jammy (22.04) |
Level: |
security |
Repository: |
main |
Head package: |
tiff |
Homepage: |
https://libtiff.gitlab.io/libtiff/ |
Links
Download "libtiffxx5"
Other versions of "libtiffxx5" in Jammy
Changelog
tiff (4.3.0-6ubuntu0.10) jammy-security; urgency=medium
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2024-7006.patch: adds check for the return value
of _TIFFCreateAnonField() to handle potential NULL pointers in
libtiff/tif_dirinfo.c and libtiff/tif_dirread.c.
- CVE-2024-7006
-- Ian Constantin <email address hidden> Thu, 05 Sep 2024 16:59:39 +0300
|
Source diff to previous version |
CVE-2024-7006 |
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures thro |
|
tiff (4.3.0-6ubuntu0.9) jammy-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in tiffcrop.c
- debian/patches/CVE-2023-3164.patch: heap buffer overflow in tiffcrop.c
- CVE-2023-3164
-- Bruce Cable <email address hidden> Wed, 29 May 2024 12:08:52 +1000
|
Source diff to previous version |
CVE-2023-3164 |
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw all |
|
tiff (4.3.0-6ubuntu0.8) jammy-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow
- debian/patches/CVE-2023-6228.patch: add check for codec configuration
in tools/tiffcp.c.
- CVE-2023-6228
* SECURITY UPDATE: memory exhaustion
- debian/patches/CVE-2023-6277-1.patch: add multiple checks for requested
memory being greater than filesize in libtiff/tif_dirread.c.
- debian/patches/CVE-2023-6277-2.patch: add an extra check for above
condition, to only do it for a defined large request in
libtiff/tif_dirread.c.
- debian/patches/CVE-2023-6277-3.patch: remove one of the checks in
libtiff/tif_dirread.c.
- debian/patches/CVE-2023-6277-4.patch: add the extra check, to only do
it for a defined large request in more methods in libtiff/tif_dirread.c.
- CVE-2023-6277
* SECURITY UPDATE: segmentation fault
- debian/patches/CVE-2023-52356.patch: add row and column check based
on image sizes in libtiff/tif_getimage.c.
- CVE-2023-52356
-- Rodrigo Figueiredo Zaiden <email address hidden> Fri, 09 Feb 2024 18:02:38 -0300
|
Source diff to previous version |
CVE-2023-6228 |
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer ove |
CVE-2023-6277 |
An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service vi |
CVE-2023-52356 |
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw a |
|
tiff (4.3.0-6ubuntu0.7) jammy-security; urgency=medium
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2022-40090.patch: Improved IFD-Loop Handling.
- CVE-2022-40090
* SECURITY UPDATE: memory leak
- debian/patches/CVE-2023-3576.patch: Fix memory leak in tiffcrop.c.
- CVE-2023-3576
-- Fabian Toepfer <email address hidden> Thu, 23 Nov 2023 14:39:56 +0100
|
Source diff to previous version |
CVE-2022-40090 |
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file. |
CVE-2023-3576 |
A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pa |
|
tiff (4.3.0-6ubuntu0.6) jammy-security; urgency=medium
* SECURITY UPDATE: out-of-bound read
- debian/patches/CVE-2023-1916.patch: Fix heap-buffer-overflow in
function extractImageSection
- CVE-2023-1916
-- Nishit Majithia <email address hidden> Tue, 10 Oct 2023 15:57:39 +0530
|
CVE-2023-1916 |
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the ex |
|
About
-
Send Feedback to @ubuntu_updates