1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5108-1] tiff security update

    From Moritz Muehlenhoff@21:1/5 to All on Thu Mar 24 20:00:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5108-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    March 24, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : tiff
    CVE ID : CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891
    CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924
    CVE-2022-22844

    Multiple vulnerabilities have been discovered in the libtiff library
    and the included tools, which may result in denial of service if
    malformed image files are processed.

    For the oldstable distribution (buster), these problems have been fixed
    in version 4.1.0+git191117-2~deb10u4.

    For the stable distribution (bullseye), these problems have been fixed in version 4.2.0-1+deb11u1.

    We recommend that you upgrade your tiff packages.

    For the detailed security status of tiff please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/tiff

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmI8u+UACgkQEMKTtsN8 TjbZ4hAAhq1KgztKD1uBeIbAyyDvF3AwDmL7pUSji/BSuMNMS86aadD3LF8avd1z xzuT52QkSNOy5PgOa47xP+U0B6iICjj4naf2XqgEumhiBwJuoJCbs9+DO3Vc0dQ4 ZWK+c0sy/BEesdjlv33v+nfDpuijreWFcFz+WytgBRgPa66cSaYKKUJCgpiR2V8Q N3Nd8AjIkwWnTrsEfalTSx0N5o7e4gYKe9/w/bEHglgbDYPXOPUZdGXaewcNCb8f 29ZQtfmicwM5wtSImGzbGueE7a+uMThIOxgRtBWhk4lsGlMVJN5qnWwoJiPxZhgl ph2eybWED8XcTBughRCvQt60dFETMaNNQUGxUwl0L+brlw0ncq+JCA760AunP4IY ZfFmbf5DFuoOOWqWDjzgSHBpPZKeqtcgfGCl2LupH8JFqip4qcGnVZRWwbgWMuN+ VetZXkyO5fswjtGu/08oEHxg+ZTlo+QjhZyHzTUTW/TVIMW6uAcmYufZjwlfezog uFZe2tlVfy7EKmZWgo5XWXKjwbDvzF2tzYCLEHa945gxrM2jEvahLHO4MQhFQ2aR D4KygWqpGCt8p8rBq3od7Zg9wrEruVk9ZlKLagkPQ23TMQhVDYjd51JRkIzuvByO p63HALwBKW5H1451vpdZ0Vc1hiY0nNFi5ZjI10sVXpdrTXC2xyI=
    =APsW
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)