-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Mar 2022 16:03:21 +0100
Source: tiff
Binary: libtiff-dev libtiff-opengl libtiff-opengl-dbgsym libtiff-tools libtiff-tools-dbgsym libtiff5 libtiff5-dbgsym libtiff5-dev libtiffxx5 libtiffxx5-dbgsym
Architecture: mips64el
Version: 4.1.0+git191117-2~deb10u4
Distribution: buster-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-manda-05) <buildd_mips64el-mipsel-manda-05@buildd.debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-dev - Tag Image File Format library (TIFF), development files
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files (transiti
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
 tiff (4.1.0+git191117-2~deb10u4) buster-security; urgency=high
 .
   [ Thorsten Alteholz <debian@alteholz.de> ]
   * CVE-2022-22844
     out-of-bounds read in _TIFFmemcpy in certain situations involving a
     custom tag and 0x0200 as the second word of the DE field.
   * CVE-2022-0562
     Null source pointer passed as an argument to memcpy() function within
     TIFFReadDirectory(). This could result in a Denial of Service via
     crafted TIFF files.
   * CVE-2022-0561
     Null source pointer passed as an argument to memcpy() function within
     TIFFFetchStripThing(). This could result in a Denial of Service via
     crafted TIFF files.
 .
   [ Laszlo Boszormenyi (GCS) <gcs@debian.org> ]
   * Backport security fix for CVE-2022-0865, crash when reading a file with
     multiple IFD in memory-mapped mode and when bit reversal is needed.
   * Backport security fix for CVE-2022-0908, null source pointer passed as an
     argument to memcpy() function within TIFFFetchNormalTag().
   * Backport security fix for CVE-2022-0907, unchecked return value to null
     pointer dereference in tiffcrop.
   * Backport security fix for CVE-2022-0909, divide by zero error in
     tiffcrop.
   * Backport security fix for CVE-2022-0891, heap buffer overflow in
     ExtractImageSection function in tiffcrop.
   * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp.
Checksums-Sha1:
 1807dafabd85cad925604aec51240fd783a288f4 404496 libtiff-dev_4.1.0+git191117-2~deb10u4_mips64el.deb
 5b07c0bbc7893d03ace810e0ad995303680dad2b 16080 libtiff-opengl-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 358538f041294cd9d38c70250a9852f4bdf64079 122560 libtiff-opengl_4.1.0+git191117-2~deb10u4_mips64el.deb
 ee1c86ca231ff923ec8f1b9430289513bb5b2299 441236 libtiff-tools-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 2c0c1de3f79846fd16ce7056f21b9c8b7389b1b8 296020 libtiff-tools_4.1.0+git191117-2~deb10u4_mips64el.deb
 d35d86ae7bb1a3d2389df2f824d3ce7e1838e9cd 508296 libtiff5-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 daa4281dae0232d90625d853621ee313bc736dbc 114032 libtiff5-dev_4.1.0+git191117-2~deb10u4_mips64el.deb
 d54da5803d8968dca5825ffb5c91b074ee57b4d7 257908 libtiff5_4.1.0+git191117-2~deb10u4_mips64el.deb
 9eda9cc2b17cf13c290cc1ba39bff7a365234375 23900 libtiffxx5-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 73b1ec7d4dd9f22f37cd18de600608b74d25ecfc 118092 libtiffxx5_4.1.0+git191117-2~deb10u4_mips64el.deb
 fec93212e0ffa1c1bf74e329dc20ea16d0f2f6d9 11531 tiff_4.1.0+git191117-2~deb10u4_mips64el-buildd.buildinfo
Checksums-Sha256:
 f0ec474e41539441152f4f22414e7e242fee7522b1d92fa0441a9e85415bc36d 404496 libtiff-dev_4.1.0+git191117-2~deb10u4_mips64el.deb
 fec2219bb56a101256571f370b958e5d31916c2b60f70bd519e94345fed7a017 16080 libtiff-opengl-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 f876ff6d64d04d27cbf00ff4ee2939a91e697a33eac1083ec0fcaa05ece3c91e 122560 libtiff-opengl_4.1.0+git191117-2~deb10u4_mips64el.deb
 5c05a465b4be8ba2728ae95af90670a52919343ab938660bf1e02bc6fa663e20 441236 libtiff-tools-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 75ea93921544f42e0e57c2d3879a87c3066491958e44fdd31cdff33d2f1535cb 296020 libtiff-tools_4.1.0+git191117-2~deb10u4_mips64el.deb
 d007338851511fafb48a4e2530f85be6679718b1ad7039ae35a6a2ae48a2eae0 508296 libtiff5-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 62fe39b425434aa47f323d07a4cebcdb6de61e471ca798131aee882c356e64a6 114032 libtiff5-dev_4.1.0+git191117-2~deb10u4_mips64el.deb
 30891605de85ac491923fbd044a7e005a97884514f98af290faac49dc4f7fb3d 257908 libtiff5_4.1.0+git191117-2~deb10u4_mips64el.deb
 25d2cb35e88c931fba542fdc78ba048a1dd146790dc2148f27b71ce37a3c8928 23900 libtiffxx5-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 fb78dbc6cac5daeaefa1f8dd54e4f97a2c1141b45f61538d5bd1994b6a1e320b 118092 libtiffxx5_4.1.0+git191117-2~deb10u4_mips64el.deb
 6ea8404efe140d5574db838d7a60648500b9a86e710a05e4c093fac55bca963e 11531 tiff_4.1.0+git191117-2~deb10u4_mips64el-buildd.buildinfo
Files:
 f341709b65ae318ac3c45c7ed6a580ac 404496 libdevel optional libtiff-dev_4.1.0+git191117-2~deb10u4_mips64el.deb
 1ea0e0473e236ac236e6083821bd640e 16080 debug optional libtiff-opengl-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 492a1f28f5728613d73df4386e40829f 122560 graphics optional libtiff-opengl_4.1.0+git191117-2~deb10u4_mips64el.deb
 02ef32f57a2a10850c6ad81d76b19c97 441236 debug optional libtiff-tools-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 43d24dad3fb45bfbe4b36ef0c1e909b0 296020 graphics optional libtiff-tools_4.1.0+git191117-2~deb10u4_mips64el.deb
 eeaf82964d78b55127d8b4fe226ac644 508296 debug optional libtiff5-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 235454424105baa5a9e0bc73066b03f1 114032 oldlibs optional libtiff5-dev_4.1.0+git191117-2~deb10u4_mips64el.deb
 3dd50ca010143971836d4e871105d769 257908 libs optional libtiff5_4.1.0+git191117-2~deb10u4_mips64el.deb
 089d904d07323e80939e0f1b91843cbb 23900 debug optional libtiffxx5-dbgsym_4.1.0+git191117-2~deb10u4_mips64el.deb
 79914297e853b8f43f49adba3c3e1f0f 118092 libs optional libtiffxx5_4.1.0+git191117-2~deb10u4_mips64el.deb
 2fa17fae91f24a53a65f746605f8b02d 11531 libs optional tiff_4.1.0+git191117-2~deb10u4_mips64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQ5dTuB/7AkreZZfGPYe+ogkxLY8FAmI7iQMACgkQPYe+ogkx
LY8nnA//cDrdjqQd7JHPQiiuWuy0ocHhaXAdUFDePWdXheFqN1kxgpHM/xLgYWIk
9obOXEa++IIfZyBJYkUcifLuyikaeddVv1OVgVYTOq5nkLE2lQOsINpOdzmMoP86
HnNJJZEd8txeGe5foCvS3TvqgBdAEKBzm+Wmy6WTFo9hi1aGfXyqDI400QgdIUcB
iSW7dYMa+EjCG3+/TnlpfIiseKg6HIZIfVHq3BwtRjR7d7CyFfedVR290FIxfcSo
14Ha8JzUVd/XR5sjnLvHdfUfKBTToySmUalMrqohacUcLTDCQ8WgJY4JeQIAyXzR
xH0IezgAyNipuNADMo4gniT3IWrHBzcJeHNIftq0eoKfTy5D8ZhJeFD4btC7Z+Hc
uxIShhG85fTrHIDMa1knngtLXIU1jbIh7/vU3Q0XG2fRI13yYTlDoq9JQHNCrpCa
+Zlh1awcO2PfQh/Vi4skAVRtCIItc0abRbKrb6uf73n7bqDmjOAZ+E6GyOgYbXC+
/vDpusY8bQnp5nPS+ilup+W9pohDOBn4fLj7my1k1SVxqOtSyh1CTWOWnY568j6q
gj7jE+Q1zcypfXD4OMryFpo/N+XrOKz7wrGAWMSgvU75IzeFD6ygXLq7Oy2FQaxJ
tZ3AUwPtbqvGRf37rDF9d1HBBM+GjsZCNlvYyI5B/33DQuuv35M=
=kZRL
-----END PGP SIGNATURE-----