Package Release Info

tiff-4.0.9-150000.45.44.1

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2028
Available in Package Hub : 15 SP5 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

tiff

Change Logs

* Wed May 29 2024 mvetter@suse.com
- security update:
  * CVE-2023-3164 [bsc#1212233]
    Fix heap buffer overflow in tiffcrop
    + tiff-CVE-2023-3164.patch
Version: 4.0.9-150000.45.41.1
* Wed Mar 13 2024 mvetter@suse.com
- security update:
  * CVE-2023-40745[bsc#1214687] CVE-2023-41175[bsc#1214686] [bsc#1221187]
    CVE-2023-38288[bsc#1213590]
    Fix potential int overflow in raw2tiff.c and tiffcp.c
    Rename tiff-CVE-2023-38288.patch into
    tiff-CVE-2023-38288,CVE-2023-40745,CVE-2023-41175.patch
Version: 4.0.9-150000.45.38.1
* Fri Jan 26 2024 mvetter@suse.com
- security update:
  * CVE-2023-52356 [bsc#1219213]
    Fix segfault in TIFFReadRGBATileExt()
    + tiff-CVE-2023-52356.patch
Version: 4.0.9-150000.45.35.1
* Wed Dec 06 2023 mvetter@suse.com
- security update:
  * CVE-2023-2731 [bsc#1211478]
    Fix null pointer deference in LZWDecode()
    This patch also contains a required commit which is marked
    to fix CVE-2022-1622 [bsc#1199483] but we are not vulnerable
    to that CVE because relevant code is not present.
    + tiff-CVE-2023-2731.patch
  * CVE-2023-26965 [bsc#1212398]
    Fix heap-based use after free in loadImage()
    + tiff-CVE-2023-26965.patch
  * CVE-2022-40090 [bsc#1214680]
    Fix infinite loop in TIFFReadDirectory()
    + tiff-CVE-2022-40090.patch
  * CVE-2023-1916 [bsc#1210231]
    Fix out-of-bounds read in extractImageSection()
    + tiff-CVE-2023-1916.patch
Version: 4.0.9-150000.45.32.1
* Mon Oct 30 2023 mvetter@suse.com
- security update:
  * CVE-2023-38289 [bsc#1213589]
    + tiff-CVE-2023-38289.patch
  * CVE-2023-38288 [bsc#1213590]
    + tiff-CVE-2023-38288.patch
  * CVE-2023-3576 [bsc#1213273]
    + tiff-CVE-2023-3576.patch
  * CVE-2020-18768 [bsc#1214574]
    + tiff-CVE-2020-18768.patch
  * CVE-2023-26966 [bsc#1212881]
    + tiff-CVE-2023-26966.patch
  * CVE-2023-3618 [bsc#1213274]
    + tiff-CVE-2023-3618.patch
  * CVE-2023-2908 [bsc#1212888]
    + tiff-CVE-2023-2908.patch
  * CVE-2023-3316 [bsc#1212535]
    + tiff-CVE-2023-3316.patch
Version: 4.0.9-150000.45.28.1
* Fri May 19 2023 mvetter@suse.com
- security update:
  * CVE-2023-0795 [bsc#1208226]
  * CVE-2023-0796 [bsc#1208227]
  * CVE-2023-0797 [bsc#1208228]
  * CVE-2023-0798 [bsc#1208229]
  * CVE-2023-0799 [bsc#1208230]
  * CVE-2023-25433 [bsc#1212883]
    + tiff-CVE-2023-0795,CVE-2023-0796,CVE-2023-0797,CVE-2023-0798,CVE-2023-0799.patch
  * CVE-2023-0800 [bsc#1208231]
  * CVE-2023-0801 [bsc#1208232]
  * CVE-2023-0802 [bsc#1208233]
  * CVE-2023-0803 [bsc#1208234]
  * CVE-2023-0804 [bsc#1208236]
    + tiff-CVE-2023-0800,CVE-2023-0801,CVE-2023-0802,CVE-2023-0803,CVE-2023-0804.patch
Version: 4.0.9-150000.45.25.1
* Thu Jan 26 2023 mvetter@suse.com
- security update:
  * CVE-2022-48281 [bsc#1207413]
    + tiff-CVE-2022-48281.patch
Version: 4.0.9-150000.45.22.1
* Fri Nov 18 2022 fstrba@suse.com
- security update:
  * CVE-2022-3570 [bsc#1205422]
  * CVE-2022-3598 [bsc#1204642]
    + tiff-CVE-2022-3598,3570.patch
Version: 4.0.9-150000.45.19.1
* Sun Nov 13 2022 mvetter@suse.com
- security update:
  * CVE-2022-3597 [bsc#1204641]
  * CVE-2022-3626 [bsc#1204644]
  * CVE-2022-3627 [bsc#1204645]
    + tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch
  * CVE-2022-3599 [bsc#1204643]
    + tiff-CVE-2022-3599.patch
  * CVE-2022-3970 [bsc#1205392]
    + tiff-CVE-2022-3970.patch
Version: 4.0.9-150000.45.16.1
* Mon Oct 17 2022 mvetter@suse.com
- security update:
  * CVE-2022-2519 [bsc#1202968]
  * CVE-2022-2520 [bsc#1202973]
  * CVE-2022-2521 [bsc#1202971]
    + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
  * CVE-2022-2867 [bsc#1202466]
  * CVE-2022-2868 [bsc#1202467]
  * CVE-2022-2869 [bsc#1202468]
    + tiff-CVE-2022-2867,CVE-2022-2868,CVE-2022-2869.patch
* Wed Aug 03 2022 mvetter@suse.com
- CVE-2022-34266 [bsc#1201971] and [bsc#1201723]:
  Rename tiff-CVE-2022-0561.patch to
  tiff-CVE-2022-0561,CVE-2022-34266.patch
  This CVE is actually a duplicate.
* Mon Aug 01 2022 mvetter@suse.com
- security update:
  * CVE-2022-34526 [bsc#1202026]
    + tiff-CVE-2022-34526.patch
Version: 4.0.9-150000.45.11.1
* Wed Jul 06 2022 mvetter@suse.com
- security update
  * CVE-2022-2056 [bsc#1201176]
  * CVE-2022-2057 [bsc#1201175]
  * CVE-2022-2058 [bsc#1201174]
    + tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch