UbuntuUpdates.org

Package "libtiff5-dev"

Name: libtiff5-dev

Description:

Tag Image File Format library (TIFF), development files (transitional package)

Latest version: 4.5.1+git230720-4ubuntu2.2
Release: noble (24.04)
Level: security
Repository: main
Head package: tiff
Homepage: https://libtiff.gitlab.io/libtiff/

Links


Download "libtiff5-dev"


Other versions of "libtiff5-dev" in Noble

Repository Area Version
base main 4.5.1+git230720-4ubuntu2
updates main 4.5.1+git230720-4ubuntu2.2

Changelog

Version: 4.5.1+git230720-4ubuntu2.2 2024-09-09 13:07:10 UTC

  tiff (4.5.1+git230720-4ubuntu2.2) noble-security; urgency=medium

  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2024-7006.patch: adds check for the return value
      of _TIFFCreateAnonField() to handle potential NULL pointers in
      libtiff/tif_dirinfo.c and libtiff/tif_dirread.c.
    - CVE-2024-7006

 -- Ian Constantin <email address hidden> Thu, 05 Sep 2024 16:59:36 +0300

Source diff to previous version
CVE-2024-7006 A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures thro

Version: 4.5.1+git230720-4ubuntu2.1 2024-06-11 07:07:10 UTC

  tiff (4.5.1+git230720-4ubuntu2.1) noble-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow in tiffcrop.c
    - debian/patches/CVE-2023-3164.patch: heap buffer overflow in tiffcrop.c
    - CVE-2023-3164

 -- Bruce Cable <email address hidden> Wed, 29 May 2024 15:09:58 +1000

CVE-2023-3164 A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw all



About   -   Send Feedback to @ubuntu_updates