-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Mar 2022 15:57:56 +0100
Source: tiff
Binary: libtiff-dev libtiff-opengl libtiff-opengl-dbgsym libtiff-tools libtiff-tools-dbgsym libtiff5 libtiff5-dbgsym libtiff5-dev libtiffxx5 libtiffxx5-dbgsym
Architecture: mips64el
Version: 4.2.0-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-manda-05) <buildd_mips64el-mipsel-manda-05@buildd.debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-dev - Tag Image File Format library (TIFF), development files
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files (transiti
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
 tiff (4.2.0-1+deb11u1) bullseye-security; urgency=high
 .
   [ Thorsten Alteholz <debian@alteholz.de> ]
   * CVE-2022-22844
     out-of-bounds read in _TIFFmemcpy in certain situations involving a
     custom tag and 0x0200 as the second word of the DE field.
   * CVE-2022-0562
     Null source pointer passed as an argument to memcpy() function within
     TIFFReadDirectory(). This could result in a Denial of Service via
     crafted TIFF files.
   * CVE-2022-0561
     Null source pointer passed as an argument to memcpy() function within
     TIFFFetchStripThing(). This could result in a Denial of Service via
     crafted TIFF files.
 .
   [ Laszlo Boszormenyi (GCS) <gcs@debian.org> ]
   * Backport security fix for CVE-2022-0865, crash when reading a file with
     multiple IFD in memory-mapped mode and when bit reversal is needed.
   * Backport security fix for CVE-2022-0908, null source pointer passed as an
     argument to memcpy() function within TIFFFetchNormalTag().
   * Backport security fix for CVE-2022-0907, unchecked return value to null
     pointer dereference in tiffcrop.
   * Backport security fix for CVE-2022-0909, divide by zero error in
     tiffcrop.
   * Backport security fix for CVE-2022-0891, heap buffer overflow in
     ExtractImageSection function in tiffcrop.
   * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp.
Checksums-Sha1:
 20d681b3b86c0f7ce4b266b1ef49c7401517953f 425172 libtiff-dev_4.2.0-1+deb11u1_mips64el.deb
 f4fe4096c299a73e9353155915f450b6b02e54a6 15612 libtiff-opengl-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 7e1a1ce20788f1a79c72aed8333cfb1d8cfe8930 133392 libtiff-opengl_4.2.0-1+deb11u1_mips64el.deb
 185155bd84c3629253d766c8270f17a301f63c02 434276 libtiff-tools-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 c63bfc2e51e5a7281d5ec0edf4a79b597bbee3bb 311376 libtiff-tools_4.2.0-1+deb11u1_mips64el.deb
 5fb3af8096ab40f7082b81b92886f6698f6fb052 457848 libtiff5-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 b3a215e2c8b8d305fca47a87e4670a403ac88392 125072 libtiff5-dev_4.2.0-1+deb11u1_mips64el.deb
 61a766174c82ebd90bad670b9a16a9acf2c8937b 273372 libtiff5_4.2.0-1+deb11u1_mips64el.deb
 17c20d1d3cb7ad0c12909d16344a9b2338931a68 22272 libtiffxx5-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 d80ec6202208f4b51df2c036b073e7c03e09203d 128844 libtiffxx5_4.2.0-1+deb11u1_mips64el.deb
 fd504dd86c979f0c963849f5c498ed803996a322 10900 tiff_4.2.0-1+deb11u1_mips64el-buildd.buildinfo
Checksums-Sha256:
 61b2f8344e5d16675a0f5a37f72f375821c53a6b2f907b16f336d307cecf7979 425172 libtiff-dev_4.2.0-1+deb11u1_mips64el.deb
 51b015859f46d0193273e36d5df42130106af9a8e373295eb85a3c6a66d68966 15612 libtiff-opengl-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 8e751ea392bac234d47f196cb6c1544dc7368b08bf6d9f3038664e13b06a53be 133392 libtiff-opengl_4.2.0-1+deb11u1_mips64el.deb
 cc73b153ffc7b246c46c7d9841a6e9918999c18e7c1b5d13f9a84ba9abf6b9b6 434276 libtiff-tools-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 12c52bd7cef4670a11cdd38d80f67909434052828e377146a7ce536e8033d577 311376 libtiff-tools_4.2.0-1+deb11u1_mips64el.deb
 c530272de13f75bcfbf05cef21f198b25dbf9e26b571404532bb1695ed679406 457848 libtiff5-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 d0e4c8aeadb39c3b4dabcc39456a88ad3a7e758a53c421fdbccc1180c42c1f0b 125072 libtiff5-dev_4.2.0-1+deb11u1_mips64el.deb
 76b33e787e645731886d27c78c43d9994c75f91a935fbc6aa8aef275c917a10a 273372 libtiff5_4.2.0-1+deb11u1_mips64el.deb
 d1c185225ddb7347003bacff6509d6f2ce3d4a37131e7efc0acf044d048d4cff 22272 libtiffxx5-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 452aa0eded5b580a393a44f1db66c3ef77a20a0116e6e0f0c09263e7af680fd1 128844 libtiffxx5_4.2.0-1+deb11u1_mips64el.deb
 4c8ca45cd345f43f33d69e4b81ac6b54d5e84cb857c5eb52d397ad695967f5c1 10900 tiff_4.2.0-1+deb11u1_mips64el-buildd.buildinfo
Files:
 2253b96e3f395f09e6092f982d599a69 425172 libdevel optional libtiff-dev_4.2.0-1+deb11u1_mips64el.deb
 200d1ec5aff141c246a9876a2ab27c69 15612 debug optional libtiff-opengl-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 a26cbc8a7dccc68855cfd81c1ba807f1 133392 graphics optional libtiff-opengl_4.2.0-1+deb11u1_mips64el.deb
 8475d290fef54913e09271a8fb5f2dc3 434276 debug optional libtiff-tools-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 1d09c14867de84e034e3d7ff7383c7b4 311376 graphics optional libtiff-tools_4.2.0-1+deb11u1_mips64el.deb
 d902a4934b3f88525c347ff44be1d23c 457848 debug optional libtiff5-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 98b93ef25a66cbb29277fa7a38210cac 125072 oldlibs optional libtiff5-dev_4.2.0-1+deb11u1_mips64el.deb
 c984186b91761ecd732b612fd641c5a8 273372 libs optional libtiff5_4.2.0-1+deb11u1_mips64el.deb
 289c4afec37fb46a9e458fbc2cfcf23e 22272 debug optional libtiffxx5-dbgsym_4.2.0-1+deb11u1_mips64el.deb
 4c76f95d2b5acfd6fb6e54758ed0a2f7 128844 libs optional libtiffxx5_4.2.0-1+deb11u1_mips64el.deb
 07023bb4eb2d2c081089b2d817f8dbba 10900 libs optional tiff_4.2.0-1+deb11u1_mips64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQ5dTuB/7AkreZZfGPYe+ogkxLY8FAmI7itEACgkQPYe+ogkx
LY8rvhAAs97dRzZRYlfZNb3CYEYg3Bh7mqZKZiPZjRzOVeIBzfHY/K5Qbt9wxO42
HJLV9gcn8EyqwOTonCnwU46meBa0UoZj1fyK2mLDCk5Z6lVhE9zM3YtCpLza7JK/
WHns9d6Uq6ARMNB+peuB4hqdoT0MBLYCDunfZwUNVkUf23Dl22n1wCfMwP+go39M
jPgStMGTwrSrpWSs8782Zx6pXVy51lDjEFHMapFmtV00PKZe2kiygIH0rzky3X6q
3PHN64KUu59wj8HmA2pQ44vCy52f635Ic7aSl0WRhyNKGbkoWz0aYGkxA+lt92P3
hjWf43nZEmmHqopjcKTVcJQuNrBpMRAldDXgTdr7G/POCihChMnvwjicBd/2a0+E
aGBkJijCxg/tRc0eCCHEoiLU+GlUqVPrlStXKncBLJY0UqXJsGOJFJ6nckrmhyWw
2ohDSQGesBR2cF3/LDhMon+TIBttMKDrNvFa6goQgYecrQB1QfUScoAQtpI66shc
4bpBYY2UTe31KOWnEa1Lou6BZOm0VZ3nzDnuaJln1EKsWYjWHcHOjxjDnVYjdC9y
w3rWeBgmrursztrGF1WOXBwBC84CzEJkuMvGwzU52W2OOdWqqQY6X03aC6/uCkDV
tgH8MuwBTJCry9hjJUMhtkvCLmOrP2UuIZdNjAHc4ALv245DAJ4=
=4AZs
-----END PGP SIGNATURE-----