UbuntuUpdates.org

Package "libtiff6"

Name: libtiff6

Description:

Tag Image File Format (TIFF) library

Latest version: 4.5.1+git230720-4ubuntu2.2
Release: noble (24.04)
Level: updates
Repository: main
Head package: tiff
Homepage: https://libtiff.gitlab.io/libtiff/

Links


Download "libtiff6"


Other versions of "libtiff6" in Noble

Repository Area Version
base main 4.5.1+git230720-4ubuntu2
security main 4.5.1+git230720-4ubuntu2.2

Changelog

Version: 4.5.1+git230720-4ubuntu2.2 2024-09-09 14:07:07 UTC

  tiff (4.5.1+git230720-4ubuntu2.2) noble-security; urgency=medium

  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2024-7006.patch: adds check for the return value
      of _TIFFCreateAnonField() to handle potential NULL pointers in
      libtiff/tif_dirinfo.c and libtiff/tif_dirread.c.
    - CVE-2024-7006

 -- Ian Constantin <email address hidden> Thu, 05 Sep 2024 16:59:36 +0300

Source diff to previous version
CVE-2024-7006 A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures thro

Version: 4.5.1+git230720-4ubuntu2.1 2024-06-11 08:10:34 UTC

  tiff (4.5.1+git230720-4ubuntu2.1) noble-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow in tiffcrop.c
    - debian/patches/CVE-2023-3164.patch: heap buffer overflow in tiffcrop.c
    - CVE-2023-3164

 -- Bruce Cable <email address hidden> Wed, 29 May 2024 15:09:58 +1000

CVE-2023-3164 A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw all



About   -   Send Feedback to @ubuntu_updates