Package "tiff"
Name: |
tiff
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- TIFF manipulation and conversion tools
- TIFF manipulation and conversion tools
|
Latest version: |
4.5.1+git230720-1ubuntu1.1 |
Release: |
mantic (23.10) |
Level: |
security |
Repository: |
universe |
Links
Other versions of "tiff" in Mantic
Packages in group
Deleted packages are displayed in grey.
Changelog
tiff (4.5.1+git230720-1ubuntu1.1) mantic-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow
- debian/patches/CVE-2023-6228.patch: add check for codec configuration
in tools/tiffcp.c.
- CVE-2023-6228
* SECURITY UPDATE: memory exhaustion
- debian/patches/CVE-2023-6277-1.patch: add multiple checks for requested
memory being greater than filesize in libtiff/tif_dirread.c.
- debian/patches/CVE-2023-6277-2.patch: add an extra check for above
condition, to only do it for a defined large request in
libtiff/tif_dirread.c.
- debian/patches/CVE-2023-6277-3.patch: remove one of the checks in
libtiff/tif_dirread.c.
- debian/patches/CVE-2023-6277-4.patch: add the extra check, to only do
it for a defined large request in more methods in libtiff/tif_dirread.c.
- CVE-2023-6277
* SECURITY UPDATE: segmentation fault
- debian/patches/CVE-2023-52356.patch: add row and column check based
on image sizes in libtiff/tif_getimage.c.
- CVE-2023-52356
-- Rodrigo Figueiredo Zaiden <email address hidden> Fri, 09 Feb 2024 18:47:50 -0300
|
CVE-2023-6228 |
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer ove |
CVE-2023-6277 |
An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service vi |
CVE-2023-52356 |
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw a |
|
About
-
Send Feedback to @ubuntu_updates