Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5108-1] tiff security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5108-1] tiff security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5108-1] tiff security update
  • Date: Thu, 24 Mar 2022 18:55:21 +0000
  • List-archive: https://lists.debian.org/msgid-search/20220324185521.GA13431 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=4yCxvNacbzn5Xu+MpjYaGkPRKZDETZy0aVxLZeDx2jo=; b=gi lAKDAPqPww0rB18LToz18h3snRuj6kBVDbORa/YuV0lgUoAkMoCAubKCjBB40Hy6tE0mAx96YDjhW U8ZzkCSuSli2HCQY187Ec+cOCmqhl4u5acigAkGJTLIrTNw28CstmXq+b6udzaQGgimi79xVz1K/P vkTdqhXfWSd8yt6yfLAukO9OKXaFyQfbctG0a6VD5rv9iDJgOhotS22wJL4wA1oIwiWCZswrqFqyk X855jtCmdElJ/rq7jgBm4T4LZ6MqCLuXCJfV18kYwG2+oHV0dBvGX0fCGmOzahbACqdtMR5jEwKlt Zd5bZQIjaJfPcLHqlaTb0SMWEPG0NvsQ==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Thu, 24 Mar 2022 18:55:44 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <z81nRLUMwZE.A.HSD.w6LPiB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5108-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 24, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : tiff
CVE ID : CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891
CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924
CVE-2022-22844

Multiple vulnerabilities have been discovered in the libtiff library
and the included tools, which may result in denial of service if
malformed image files are processed.

For the oldstable distribution (buster), these problems have been fixed
in version 4.1.0+git191117-2~deb10u4.

For the stable distribution (bullseye), these problems have been fixed in
version 4.2.0-1+deb11u1.

We recommend that you upgrade your tiff packages.

For the detailed security status of tiff please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tiff

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmI8u+UACgkQEMKTtsN8
TjbZ4hAAhq1KgztKD1uBeIbAyyDvF3AwDmL7pUSji/BSuMNMS86aadD3LF8avd1z
xzuT52QkSNOy5PgOa47xP+U0B6iICjj4naf2XqgEumhiBwJuoJCbs9+DO3Vc0dQ4
ZWK+c0sy/BEesdjlv33v+nfDpuijreWFcFz+WytgBRgPa66cSaYKKUJCgpiR2V8Q
N3Nd8AjIkwWnTrsEfalTSx0N5o7e4gYKe9/w/bEHglgbDYPXOPUZdGXaewcNCb8f
29ZQtfmicwM5wtSImGzbGueE7a+uMThIOxgRtBWhk4lsGlMVJN5qnWwoJiPxZhgl
ph2eybWED8XcTBughRCvQt60dFETMaNNQUGxUwl0L+brlw0ncq+JCA760AunP4IY
ZfFmbf5DFuoOOWqWDjzgSHBpPZKeqtcgfGCl2LupH8JFqip4qcGnVZRWwbgWMuN+
VetZXkyO5fswjtGu/08oEHxg+ZTlo+QjhZyHzTUTW/TVIMW6uAcmYufZjwlfezog
uFZe2tlVfy7EKmZWgo5XWXKjwbDvzF2tzYCLEHa945gxrM2jEvahLHO4MQhFQ2aR
D4KygWqpGCt8p8rBq3od7Zg9wrEruVk9ZlKLagkPQ23TMQhVDYjd51JRkIzuvByO
p63HALwBKW5H1451vpdZ0Vc1hiY0nNFi5ZjI10sVXpdrTXC2xyI=
=APsW
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5108-1] tiff security update, Moritz Muehlenhoff, 24.03.2022

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang