-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 13 Mar 2022 15:57:56 +0100 Source: tiff Binary: libtiff-dev libtiff-opengl libtiff-opengl-dbgsym libtiff-tools libtiff-tools-dbgsym libtiff5 libtiff5-dbgsym libtiff5-dev libtiffxx5 libtiffxx5-dbgsym Architecture: mipsel Version: 4.2.0-1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: mipsel Build Daemon (mipsel-manda-05) Changed-By: Laszlo Boszormenyi (GCS) Description: libtiff-dev - Tag Image File Format library (TIFF), development files libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-dev - Tag Image File Format library (TIFF), development files (transiti libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Changes: tiff (4.2.0-1+deb11u1) bullseye-security; urgency=high . [ Thorsten Alteholz ] * CVE-2022-22844 out-of-bounds read in _TIFFmemcpy in certain situations involving a custom tag and 0x0200 as the second word of the DE field. * CVE-2022-0562 Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory(). This could result in a Denial of Service via crafted TIFF files. * CVE-2022-0561 Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing(). This could result in a Denial of Service via crafted TIFF files. . [ Laszlo Boszormenyi (GCS) ] * Backport security fix for CVE-2022-0865, crash when reading a file with multiple IFD in memory-mapped mode and when bit reversal is needed. * Backport security fix for CVE-2022-0908, null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag(). * Backport security fix for CVE-2022-0907, unchecked return value to null pointer dereference in tiffcrop. * Backport security fix for CVE-2022-0909, divide by zero error in tiffcrop. * Backport security fix for CVE-2022-0891, heap buffer overflow in ExtractImageSection function in tiffcrop. * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp. Checksums-Sha1: 403a45a3d886a55cbc814a3d2460e19c3a3df9b9 424956 libtiff-dev_4.2.0-1+deb11u1_mipsel.deb 4829b573a288ed866b435dd0a4729eb9f2791ae6 14744 libtiff-opengl-dbgsym_4.2.0-1+deb11u1_mipsel.deb 4e7de34c3229f597442f3145b7df6fb2f631e897 133256 libtiff-opengl_4.2.0-1+deb11u1_mipsel.deb 51372221738dd844c2a1d61dfe5ca5bd91be19b1 415684 libtiff-tools-dbgsym_4.2.0-1+deb11u1_mipsel.deb 9ec41966a0e5d25b8926594dcddb74f05bdf5775 312544 libtiff-tools_4.2.0-1+deb11u1_mipsel.deb 49080c07b763e7a49abf4d0b24974081e3f26a31 440496 libtiff5-dbgsym_4.2.0-1+deb11u1_mipsel.deb 192b1777fc7d72c105d9939c9ba6b5856b56c2ac 125072 libtiff5-dev_4.2.0-1+deb11u1_mipsel.deb ac45ef952449e3de6a403af295a6d77fb8ff11fa 273832 libtiff5_4.2.0-1+deb11u1_mipsel.deb 5cf87905675e384ed00a589ab82632f887c33231 21796 libtiffxx5-dbgsym_4.2.0-1+deb11u1_mipsel.deb 10344b84a034dcc67442bbc70c801e84590a5092 129028 libtiffxx5_4.2.0-1+deb11u1_mipsel.deb 8b7e8a97fdb364c21bd8cfa5063176afb066f591 10829 tiff_4.2.0-1+deb11u1_mipsel-buildd.buildinfo Checksums-Sha256: 7abddc09ccb3fb349a7518a6568a94c0ac21bc8fc074ff7f3888adf4ee23596c 424956 libtiff-dev_4.2.0-1+deb11u1_mipsel.deb 633c64158a2a5ee2ef37f4b67c63e5d7cf730c7cb5ec03f4fda62d0a3b151562 14744 libtiff-opengl-dbgsym_4.2.0-1+deb11u1_mipsel.deb 029f91c367c611b60391126e9a47ba2ae4011af325dd010b0d54ad63b60231cc 133256 libtiff-opengl_4.2.0-1+deb11u1_mipsel.deb 28ab5dcab8daca8ae43c7cfd3145f6604879fe2d46cae8271f63c43e77ec506b 415684 libtiff-tools-dbgsym_4.2.0-1+deb11u1_mipsel.deb 6deeb8ccc1e6f9c5717d568140e8731ea4f875b0dfad3fa0a6189be8c722b84f 312544 libtiff-tools_4.2.0-1+deb11u1_mipsel.deb d0658570ee57154b77ec722a0d614f1e8a2a0b7b28cb9d9c116233e05980ae12 440496 libtiff5-dbgsym_4.2.0-1+deb11u1_mipsel.deb 59d944003e4f27a152b67209824f821dffd0e5cd9d0de33b72a986da0aea2910 125072 libtiff5-dev_4.2.0-1+deb11u1_mipsel.deb 41316d1afc1398926774abff1cfeddef0d5300ee0f4f2adc84361cd8c10457f4 273832 libtiff5_4.2.0-1+deb11u1_mipsel.deb 884a018793ac926ce86b97681534da4beb7ae06cafdc7b7131646084e731a8f1 21796 libtiffxx5-dbgsym_4.2.0-1+deb11u1_mipsel.deb 813625559dee1627265320c2724b626fecac5c8dbd8c82c5ca4e2888d931cbbf 129028 libtiffxx5_4.2.0-1+deb11u1_mipsel.deb 2ac33d93b0c47e1ea2ae1277b71f7114ff78e43b394b09dbbae935872d0ca95d 10829 tiff_4.2.0-1+deb11u1_mipsel-buildd.buildinfo Files: 6649407be0f77f071cdd73da852f23df 424956 libdevel optional libtiff-dev_4.2.0-1+deb11u1_mipsel.deb 928b0b3bb976ebe739d95404636948cc 14744 debug optional libtiff-opengl-dbgsym_4.2.0-1+deb11u1_mipsel.deb ba8056f015b799e56e9bed02de44c0d9 133256 graphics optional libtiff-opengl_4.2.0-1+deb11u1_mipsel.deb 04ad5e5f6119cfe0cb1193b47f94f435 415684 debug optional libtiff-tools-dbgsym_4.2.0-1+deb11u1_mipsel.deb 4c7db193b196ff2cdd8896ef9e443cf2 312544 graphics optional libtiff-tools_4.2.0-1+deb11u1_mipsel.deb 2ebab9dde00ace77adba0a3d3473edda 440496 debug optional libtiff5-dbgsym_4.2.0-1+deb11u1_mipsel.deb 019bdce520103dbe318c824b081856d6 125072 oldlibs optional libtiff5-dev_4.2.0-1+deb11u1_mipsel.deb 7a0f67f299ac63da82f285c93ab4648e 273832 libs optional libtiff5_4.2.0-1+deb11u1_mipsel.deb 6af4b3190d2f195544e5c3a24eac4bc1 21796 debug optional libtiffxx5-dbgsym_4.2.0-1+deb11u1_mipsel.deb 86573d336e1a11ad70e0e6baebd280f5 129028 libs optional libtiffxx5_4.2.0-1+deb11u1_mipsel.deb c67e7de6761b89df9f81894b8e10101d 10829 libs optional tiff_4.2.0-1+deb11u1_mipsel-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEQ5dTuB/7AkreZZfGPYe+ogkxLY8FAmI7ifsACgkQPYe+ogkx LY8fphAAqGm7cgrMO/cbhZm/ws/Ho3nsWJTiXrdiSMiSBIclAZk3Yj7pN1hmtAjb Ta2PdQuwvdyoZLlgUHyVSC5ZwIg2AOzLJplUZ2SJMNHEY/h9HFgg5nmGpeKM2HAn QQvWhKd39eN8rtpacebrTPpGcaUmgvanH2YW40KV+s7UGiwuXaGNnZ3LhcNz8b8F yw3Iw3PGlpLr6l/GrvZkszy53I91TQcaZYzvqnhrIYhM3tdZo+D9pk0+5N/VCOKE rzSmzQO4Lvwg5Ij/q8HiuytAMdSha7OEJKBFmUYLVkztseLSHLdNMKezQNmEe39z /VkCKITb/+oR3rF7SfMTZs0dJ3LCuAwQ4vpdxTu63WsLvMYE6EUMPiN7//v8CkRT fJyxZYzw9BKK1AP1Eqpl5BErv6LmTEM4iKSBepWBXTHgwNv7F1JW3UGVd+XopaLq DhMP2MQJN+yYcLcac16w4e6pGUkjPDlPsGhaImeeLWqUH7bTWYoG7W7ESWbHgN2e 7coRzzfUbP/1q4luj7ScjBB5Xl8Wbo0+EN83/c38sOyc959UUP+Q61eY5OEcfTbF kSk4R2fA5+Bv0+GVtim8KJ43bKXme2g5jYKblUruG7pGUh3KC4q+6QtzMp7v6uHF W08P8jIT0Y7bzJNlmIV4DeuCUh9JDGwFMxr2qsWJiIKogPiCHtI= =e3Eq -----END PGP SIGNATURE-----