-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Mar 2022 15:57:56 +0100
Source: tiff
Binary: libtiff-dev libtiff-opengl libtiff-opengl-dbgsym libtiff-tools libtiff-tools-dbgsym libtiff5 libtiff5-dbgsym libtiff5-dev libtiffxx5 libtiffxx5-dbgsym
Architecture: ppc64el
Version: 4.2.0-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-unicamp-01) <buildd_ppc64el-ppc64el-unicamp-01@buildd.debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-dev - Tag Image File Format library (TIFF), development files
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files (transiti
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
 tiff (4.2.0-1+deb11u1) bullseye-security; urgency=high
 .
   [ Thorsten Alteholz <debian@alteholz.de> ]
   * CVE-2022-22844
     out-of-bounds read in _TIFFmemcpy in certain situations involving a
     custom tag and 0x0200 as the second word of the DE field.
   * CVE-2022-0562
     Null source pointer passed as an argument to memcpy() function within
     TIFFReadDirectory(). This could result in a Denial of Service via
     crafted TIFF files.
   * CVE-2022-0561
     Null source pointer passed as an argument to memcpy() function within
     TIFFFetchStripThing(). This could result in a Denial of Service via
     crafted TIFF files.
 .
   [ Laszlo Boszormenyi (GCS) <gcs@debian.org> ]
   * Backport security fix for CVE-2022-0865, crash when reading a file with
     multiple IFD in memory-mapped mode and when bit reversal is needed.
   * Backport security fix for CVE-2022-0908, null source pointer passed as an
     argument to memcpy() function within TIFFFetchNormalTag().
   * Backport security fix for CVE-2022-0907, unchecked return value to null
     pointer dereference in tiffcrop.
   * Backport security fix for CVE-2022-0909, divide by zero error in
     tiffcrop.
   * Backport security fix for CVE-2022-0891, heap buffer overflow in
     ExtractImageSection function in tiffcrop.
   * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp.
Checksums-Sha1:
 62c8d9aad330c467d872d1b910b65f81368031b6 432964 libtiff-dev_4.2.0-1+deb11u1_ppc64el.deb
 dcfbc34e0bc07f9ba24618d40f6c1d8766087e1a 15292 libtiff-opengl-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 1517954658219d412ebcd95d362511bd28a72b41 134268 libtiff-opengl_4.2.0-1+deb11u1_ppc64el.deb
 735bd0c5294180d0b366879137737c97689f2809 426584 libtiff-tools-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 06af248ee12f2ce55961f51740c0fa07bfea9fd5 331200 libtiff-tools_4.2.0-1+deb11u1_ppc64el.deb
 fa27946ad6906e28f7a904255f512c46700d2da2 445184 libtiff5-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 56bc4603ac7f893b64b23bf32f93a4158615a578 125072 libtiff5-dev_4.2.0-1+deb11u1_ppc64el.deb
 aa9ceb29586c63e1e8551d11fa2abeece2a693cf 301108 libtiff5_4.2.0-1+deb11u1_ppc64el.deb
 8bdbff22d95342c384cf45b743d4c5bdfe378627 22260 libtiffxx5-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 e0c803b4047dbe4772a4d247fe45801f348d08fc 128888 libtiffxx5_4.2.0-1+deb11u1_ppc64el.deb
 b04f79b5ac27c558ed6721598fc0d224e8e72824 11014 tiff_4.2.0-1+deb11u1_ppc64el-buildd.buildinfo
Checksums-Sha256:
 fa7784961c51b582e9f89a240891f654d1105f25f0ecc40fcd6a16a67a10d077 432964 libtiff-dev_4.2.0-1+deb11u1_ppc64el.deb
 24d36db3540310e292e63c4c5b4d24bd4f691c06be75632ce16424310c27d40a 15292 libtiff-opengl-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 8246c2c284f31dec7a0282c91bde5b979c59f70711460e42b271d723010316b7 134268 libtiff-opengl_4.2.0-1+deb11u1_ppc64el.deb
 0dccf6f3eff3289c3e90ca76b005b604382c6458312dad47d060846658ed5f54 426584 libtiff-tools-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 864a6eea26a1ed58e5b1a6cf67ea7761c3489b71b8fa2f32f200c2122915a0fa 331200 libtiff-tools_4.2.0-1+deb11u1_ppc64el.deb
 c52c383eb5ee1f5d0ec3ac0774e77fdc16cd6e166631d829ba525c491e7a24e1 445184 libtiff5-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 1cebccf897fa9a803f9a18e0a6a124a90cb231646c8a0bf809a2bd72a747b80e 125072 libtiff5-dev_4.2.0-1+deb11u1_ppc64el.deb
 3e78bd2b8467ca17d2b8dcb834e6ea692b26f8ea51341ac0eba56eb3e4021232 301108 libtiff5_4.2.0-1+deb11u1_ppc64el.deb
 4602667e90b695827cd9a98a3c53c439619f9b6dcf19e37027527131ca7595e3 22260 libtiffxx5-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 03d109b44b97b81879e29c5e7569c8f50d19083d35a8055580fa57e3f682f268 128888 libtiffxx5_4.2.0-1+deb11u1_ppc64el.deb
 25d5418dd3132f31436b65e6a0ba875fd00aa6d224751bcdb7a328c172e2f5c1 11014 tiff_4.2.0-1+deb11u1_ppc64el-buildd.buildinfo
Files:
 e86c6520355d7404fde5281634288c0a 432964 libdevel optional libtiff-dev_4.2.0-1+deb11u1_ppc64el.deb
 0cd691c5d36f5d38296104661b18d7f5 15292 debug optional libtiff-opengl-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 6ff45d0913eacf9febf136cc7a9c6ac8 134268 graphics optional libtiff-opengl_4.2.0-1+deb11u1_ppc64el.deb
 c0f5a4d29a54c9a1b8b78a356510def0 426584 debug optional libtiff-tools-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 5279be6e23e210d1f282536cb2b61a07 331200 graphics optional libtiff-tools_4.2.0-1+deb11u1_ppc64el.deb
 af26ef7504c46491697aa7ef8d50207a 445184 debug optional libtiff5-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 621c6d5f1b472dd9ffd2792bda19abac 125072 oldlibs optional libtiff5-dev_4.2.0-1+deb11u1_ppc64el.deb
 27c8933d3dc4fc8bbd65f9c0e7f2c1d8 301108 libs optional libtiff5_4.2.0-1+deb11u1_ppc64el.deb
 7641ff25b37eb61f6f9d9c14363ae523 22260 debug optional libtiffxx5-dbgsym_4.2.0-1+deb11u1_ppc64el.deb
 a3fac00ad16568e2deb14c6f65104342 128888 libs optional libtiffxx5_4.2.0-1+deb11u1_ppc64el.deb
 a14a3f2ef79999c79683e54ce8d7bdc2 11014 libs optional tiff_4.2.0-1+deb11u1_ppc64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEM6ceAMELlsCX7atTQTdFj1F/eVQFAmI7XccACgkQQTdFj1F/
eVQSeBAAmIU3Qv77aTm1T579RJ65eblqDMcnHH44/f0TBSaE6L3U8ATa7jiSLj5+
2P342eSZyTH6lVC4zqoeyA4Ula6Jivm8xPqHi8dNHVg8Jk78xZDRTZg87E4f83tY
Apxe7laQxVK2HMJM1yYauj8V0PJ2wmoMEUrnflo4u3dtGJ5rgLJ14sk90R4gMQSq
Qx1CjeDjGaFq36V8pIbxIdDdVr9B7V0pOxUg6VtZ06D7JJUwbNq7Meb9/mOOhkJ1
rwFnXxprAZj2aJ6cWerNUd0L+1W1g3gHPC7YYEay+BzDPpXV7RPnbl9lC/sM6Sxr
gD0RlzptZY1OsxPvT4tgg7h3D/eiYudgQxqDQLOTG2gBnw72O4KJs2oj5I8xbOdd
ZfAXeB4NZOnP0141b+ZEiDB7ptRXHPbiE1BKXq7lf6Z+OfbOn2dE/O5bSh5frMJX
hA5QUWp4QN1e9RAvcoVWrTj2a/WiQeDIxamXpqSHUjLnPwvXPrizoX+XTzBNFs/N
7YY5Wow8IhhNmFacPVQYvNe8iVct8WhupPEnNB2q/3SwoSKjiS7SLimzblZV9h0U
YE1CO+HWXYFk8EKS4NAk0Nw5a63Sok/Bk48YLzFsl1zcxVmPcqAxtf7dnqCUoVDC
6vrHNKrVgsNO2Ex6TqVUvTig7m35O0mDTOV4c0RJKHpYtmUc5e8=
=jJ8N
-----END PGP SIGNATURE-----