Package "tiff"
Name: |
tiff
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Tag Image File Format library (TIFF), development files
- TIFF manipulation and conversion documentation
- Tag Image File Format library (TIFF), development files (transitional package)
- Tag Image File Format (TIFF) library
|
Latest version: |
4.5.1+git230720-4ubuntu2.4 |
Release: |
noble (24.04) |
Level: |
security |
Repository: |
main |
Links
Other versions of "tiff" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
tiff (4.5.1+git230720-4ubuntu2.4) noble-security; urgency=medium
* SECURITY UPDATE: Memory corruption.
- debian/patches/CVE-2025-8961.patch: Add _TIFFfree and extra read_buff
check in tools/tiffcrop.c.
- CVE-2025-8961
* SECURITY UPDATE: Memory leak.
- debian/patches/CVE-2025-9165.patch: Add TIFFClose in tools/tiffcmp.c.
- CVE-2025-9165
* SECURITY UPDATE: Out of bounds write when processing specially crafted
TIFF files.
- debian/patches/CVE-2025-9900.patch: Add img->height and img->width
checks in libtiff/tif_getimage.c.
- CVE-2025-9900
-- Hlib Korzhynskyy <email address hidden> Wed, 24 Sep 2025 15:26:31 -0230
|
Source diff to previous version |
CVE-2025-8961 |
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulat |
CVE-2025-9165 |
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tif |
CVE-2025-9900 |
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF imag |
|
tiff (4.5.1+git230720-4ubuntu2.3) noble-security; urgency=medium
* SECURITY UPDATE: null-pointer dereference
- d/p/CVE-2025-8534.patch: tiff2ps: check return of TIFFGetFiled() to
fix
- CVE-2025-8534
* SECURITY UPDATE: use-after-free issue
- d/p/CVE-2025-8176.patch: fix heap use-after-free in tiffmedian
- CVE-2025-8176
* SECURITY UPDATE: stack-based buffer overflow
- d/p/CVE-2025-8851.patch: address tiffcrop buffer overflow issues
- CVE-2025-8851
-- Nishit Majithia <email address hidden> Wed, 20 Aug 2025 15:54:11 +0530
|
Source diff to previous version |
CVE-2025-8534 |
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c |
CVE-2025-8176 |
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file |
CVE-2025-8851 |
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop. |
|
tiff (4.5.1+git230720-4ubuntu2.2) noble-security; urgency=medium
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2024-7006.patch: adds check for the return value
of _TIFFCreateAnonField() to handle potential NULL pointers in
libtiff/tif_dirinfo.c and libtiff/tif_dirread.c.
- CVE-2024-7006
-- Ian Constantin <email address hidden> Thu, 05 Sep 2024 16:59:36 +0300
|
Source diff to previous version |
CVE-2024-7006 |
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures thro |
|
tiff (4.5.1+git230720-4ubuntu2.1) noble-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in tiffcrop.c
- debian/patches/CVE-2023-3164.patch: heap buffer overflow in tiffcrop.c
- CVE-2023-3164
-- Bruce Cable <email address hidden> Wed, 29 May 2024 15:09:58 +1000
|
CVE-2023-3164 |
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw all |
|
About
-
Send Feedback to @ubuntu_updates