-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Mar 2022 16:03:21 +0100
Source: tiff
Binary: libtiff-doc
Architecture: all
Version: 4.1.0+git191117-2~deb10u4
Distribution: buster-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
Changes:
 tiff (4.1.0+git191117-2~deb10u4) buster-security; urgency=high
 .
   [ Thorsten Alteholz <debian@alteholz.de> ]
   * CVE-2022-22844
     out-of-bounds read in _TIFFmemcpy in certain situations involving a
     custom tag and 0x0200 as the second word of the DE field.
   * CVE-2022-0562
     Null source pointer passed as an argument to memcpy() function within
     TIFFReadDirectory(). This could result in a Denial of Service via
     crafted TIFF files.
   * CVE-2022-0561
     Null source pointer passed as an argument to memcpy() function within
     TIFFFetchStripThing(). This could result in a Denial of Service via
     crafted TIFF files.
 .
   [ Laszlo Boszormenyi (GCS) <gcs@debian.org> ]
   * Backport security fix for CVE-2022-0865, crash when reading a file with
     multiple IFD in memory-mapped mode and when bit reversal is needed.
   * Backport security fix for CVE-2022-0908, null source pointer passed as an
     argument to memcpy() function within TIFFFetchNormalTag().
   * Backport security fix for CVE-2022-0907, unchecked return value to null
     pointer dereference in tiffcrop.
   * Backport security fix for CVE-2022-0909, divide by zero error in
     tiffcrop.
   * Backport security fix for CVE-2022-0891, heap buffer overflow in
     ExtractImageSection function in tiffcrop.
   * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp.
Checksums-Sha1:
 f18e97b5449f43b1292b67bc7d8d4103e7f4e4ce 424716 libtiff-doc_4.1.0+git191117-2~deb10u4_all.deb
 133f14f9072ee58929f05b57a68e90f24df5fa2e 8806 tiff_4.1.0+git191117-2~deb10u4_all-buildd.buildinfo
Checksums-Sha256:
 6125b4570f46bd98437d01f50ccc86b77b311bf397c6cade323242229d00d856 424716 libtiff-doc_4.1.0+git191117-2~deb10u4_all.deb
 c25af974265bebc389a19d961e44a345287ab233aa2814cb41edb873c7093943 8806 tiff_4.1.0+git191117-2~deb10u4_all-buildd.buildinfo
Files:
 4f551e42cc197dbe124d796dcbaca97e 424716 doc optional libtiff-doc_4.1.0+git191117-2~deb10u4_all.deb
 d8c32acd1291101ab30fe0d6adec3cc0 8806 libs optional tiff_4.1.0+git191117-2~deb10u4_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEqQcRQHTGP4qt3opGks26TWZ8cfMFAmI7XPwACgkQks26TWZ8
cfO19g/8DuDuav/QztIUrSqUjFbnZC7W3cSI6VQH4TqKLFtAWKCcwKcjgAsJ+Hfk
3Gu6SaBUaKk5JcwJJXFKay4c0lLKNBXrjDL9O2QXlwFg5d2HyaeXkCiqhxnM0xlm
XSkmh4kUzj0UmOGe87sYd/xobMTumlF6kce3BToOnMQpe9U/axdfi/sw2HREnkro
oSq8k++sagaGEFAsecZ2+kulBqO64j9ExJ9HNu11nNCsFkPwhEkjN70ryHAK+1GV
zYnzfqvwfNi0xVx/100hT/Fldv/k6uWKEFzElGVSj9zHOympW1f87dzYbqym9lnL
gif8vus7DjssoAetUE2nlGfIc1gHl9IH1uGwwYA8ZWLoBLOvVWqghWDUJrPlX/S7
6hGFj6i4mru6dDvMuDr3t3HcbRcaSwQ/98zuxvBWrncumvZ6z+SaIy7Vglt+4sRy
zpmuZ7thhlhyn8miIX2lwfh0dMlCUIrhkpb2rbpMhdWv50U3QwtNiwtrLmH4m9pe
bVyprTCg++Ki6EHdesOpxy2V9jZEL9MQXkRU3GZ5lZXuwfuLY2oVXe5GVwOKH9pR
6zu/eVZKQv8sp/bKV06w9M5sFyVKvsKHi4w3AZzCB2w92tLnVXANfd6szDiwD4fT
r++tOXLCx2hlI8fWRJ7ZcKycU78tQDZXsqJuvQLYRiGe70u+bNQ=
=tYAt
-----END PGP SIGNATURE-----