-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Mar 2022 15:57:56 +0100
Source: tiff
Binary: libtiff-doc
Architecture: all
Version: 4.2.0-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
Changes:
 tiff (4.2.0-1+deb11u1) bullseye-security; urgency=high
 .
   [ Thorsten Alteholz <debian@alteholz.de> ]
   * CVE-2022-22844
     out-of-bounds read in _TIFFmemcpy in certain situations involving a
     custom tag and 0x0200 as the second word of the DE field.
   * CVE-2022-0562
     Null source pointer passed as an argument to memcpy() function within
     TIFFReadDirectory(). This could result in a Denial of Service via
     crafted TIFF files.
   * CVE-2022-0561
     Null source pointer passed as an argument to memcpy() function within
     TIFFFetchStripThing(). This could result in a Denial of Service via
     crafted TIFF files.
 .
   [ Laszlo Boszormenyi (GCS) <gcs@debian.org> ]
   * Backport security fix for CVE-2022-0865, crash when reading a file with
     multiple IFD in memory-mapped mode and when bit reversal is needed.
   * Backport security fix for CVE-2022-0908, null source pointer passed as an
     argument to memcpy() function within TIFFFetchNormalTag().
   * Backport security fix for CVE-2022-0907, unchecked return value to null
     pointer dereference in tiffcrop.
   * Backport security fix for CVE-2022-0909, divide by zero error in
     tiffcrop.
   * Backport security fix for CVE-2022-0891, heap buffer overflow in
     ExtractImageSection function in tiffcrop.
   * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp.
Checksums-Sha1:
 28984ec3922db293b844d8b8979c706d8f092fc3 436708 libtiff-doc_4.2.0-1+deb11u1_all.deb
 6e5d972918b09491a9b44fe0593c69813835b952 8294 tiff_4.2.0-1+deb11u1_all-buildd.buildinfo
Checksums-Sha256:
 02a36c6e87203644119e6890a02957be07c4915477457cc7f8f3702ae284776f 436708 libtiff-doc_4.2.0-1+deb11u1_all.deb
 f87a43ba0312f7fcc9db2825f3fca8273a1b968f474ae3d0e4a7990580c7c223 8294 tiff_4.2.0-1+deb11u1_all-buildd.buildinfo
Files:
 cc6c1ed44845f7a2f23f431820c6e9a1 436708 doc optional libtiff-doc_4.2.0-1+deb11u1_all.deb
 0dee1f9e26862fb1c8ca08cf58f5c988 8294 libs optional tiff_4.2.0-1+deb11u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEqQcRQHTGP4qt3opGks26TWZ8cfMFAmI7XUoACgkQks26TWZ8
cfNkgBAAqhhWwOEmOxslCf5m8T7AsnSKAulpoCJFVQZg1xfrfdx0MLr4gWmrmMaf
X97pgy/kB5zLUPLZInofaEHpHLpauLcqralZbUw239UZXXTbM6cDK1fW/1pjoRxT
WDde1Ph0YaWzM+LgwVLzPnLY9UN0LOzjUF3N/15jL+T7y86N0VDFQaNlHBHd7VYv
B8o8X77SZIs5BgQpRHRepBO9ORHbqdlFBUTe41oQlW3mAUZEg5Ua+a0YOzrEgjfs
iogafjO4u5DZ5sfexW++NdL6ED/1dRAJj568khM48COo65+eAYp0AFEic618M7F9
3Q+8zBVywK4SWWfPKrGPc1dJ7eo5NKcSYTdCrzPti1QCP0rubQDZIp95ACpyqC3Q
21/aE0DwFL7KvWXzHq0BVd3V3sjlIEfcrf16KYG+k9Nq48P0Yr7+qrmFrIEQIqYx
jrExo/+NpilY9grTMj1p/tZIgJdv/dRMPwPk5d8cE9sgBY54NnYkvR6EwHt5n5N0
cj9+mysPLp/1Zt64AH+uqj7EhlbmXfAz3j4e54SKwC6YugImMXTA+QydhGd5xmxE
EytwxStEQsg3Bb2yyiK02h9HiS3oClnpe2wK1Y8ud7ihI/s+qtqPw6oy9RBux31P
XfLdNbi9zHQl6cX8DLr3O0KL94X2u0Z9+9glW59t/tTiLUO7u7g=
=2ZTj
-----END PGP SIGNATURE-----