| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- security update
* CVE-2022-0561 [bsc#1195964]
+ tiff-CVE-2022-0561.patch
* CVE-2022-0562 [bsc#1195965]
+ tiff-CVE-2022-0562.patch
* CVE-2022-0865 [bsc#1197066]
+ tiff-CVE-2022-0865.patch
* CVE-2022-0909 [bsc#1197072]
+ tiff-CVE-2022-0909.patch
* CVE-2022-0924 [bsc#1197073]
+ tiff-CVE-2022-0924.patch
* CVE-2022-0908 [bsc#1197074]
+ tiff-CVE-2022-0908.patch
- security update
* CVE-2022-1056 [bsc#1197631]
* CVE-2022-0891 [bsc#1197068]
+ tiff-CVE-2022-1056,CVE-2022-0891.patch
- security update:
* CVE-2024-7006 [bsc#1228924]
Fix pointer deref in tif_dirinfo.c
+ tiff-CVE-2024-7006.patch
- security update:
* CVE-2023-3164 [bsc#1212233]
Fix heap buffer overflow in tiffcrop
+ tiff-CVE-2023-3164.patch
- security update:
* CVE-2023-40745[bsc#1214687] CVE-2023-41175[bsc#1214686] [bsc#1221187]
CVE-2023-38288[bsc#1213590]
Fix potential int overflow in raw2tiff.c and tiffcp.c
Rename tiff-CVE-2023-38288.patch into
tiff-CVE-2023-38288,CVE-2023-40745,CVE-2023-41175.patch
- security update:
* CVE-2023-52356 [bsc#1219213]
Fix segfault in TIFFReadRGBATileExt()
+ tiff-CVE-2023-52356.patch
- security update:
* CVE-2023-2731 [bsc#1211478]
Fix null pointer deference in LZWDecode()
This patch also contains a required commit which is marked
to fix CVE-2022-1622 [bsc#1199483] but we are not vulnerable
to that CVE because relevant code is not present.
+ tiff-CVE-2023-2731.patch
* CVE-2023-26965 [bsc#1212398]
Fix heap-based use after free in loadImage()
+ tiff-CVE-2023-26965.patch
* CVE-2022-40090 [bsc#1214680]
Fix infinite loop in TIFFReadDirectory()
+ tiff-CVE-2022-40090.patch
* CVE-2023-1916 [bsc#1210231]
Fix out-of-bounds read in extractImageSection()
+ tiff-CVE-2023-1916.patch
- security update:
* CVE-2023-38289 [bsc#1213589]
+ tiff-CVE-2023-38289.patch
* CVE-2023-38288 [bsc#1213590]
+ tiff-CVE-2023-38288.patch
* CVE-2023-3576 [bsc#1213273]
+ tiff-CVE-2023-3576.patch
* CVE-2020-18768 [bsc#1214574]
+ tiff-CVE-2020-18768.patch
* CVE-2023-26966 [bsc#1212881]
+ tiff-CVE-2023-26966.patch
* CVE-2023-3618 [bsc#1213274]
+ tiff-CVE-2023-3618.patch
* CVE-2023-2908 [bsc#1212888]
+ tiff-CVE-2023-2908.patch
* CVE-2023-3316 [bsc#1212535]
+ tiff-CVE-2023-3316.patch
- security update:
* CVE-2023-0795 [bsc#1208226]
* CVE-2023-0796 [bsc#1208227]
* CVE-2023-0797 [bsc#1208228]
* CVE-2023-0798 [bsc#1208229]
* CVE-2023-0799 [bsc#1208230]
* CVE-2023-25433 [bsc#1212883]
+ tiff-CVE-2023-0795,CVE-2023-0796,CVE-2023-0797,CVE-2023-0798,CVE-2023-0799.patch
* CVE-2023-0800 [bsc#1208231]
* CVE-2023-0801 [bsc#1208232]
* CVE-2023-0802 [bsc#1208233]
* CVE-2023-0803 [bsc#1208234]
* CVE-2023-0804 [bsc#1208236]
+ tiff-CVE-2023-0800,CVE-2023-0801,CVE-2023-0802,CVE-2023-0803,CVE-2023-0804.patch
- security update:
* CVE-2022-48281 [bsc#1207413]
+ tiff-CVE-2022-48281.patch
- security update:
* CVE-2022-3570 [bsc#1205422]
* CVE-2022-3598 [bsc#1204642]
+ tiff-CVE-2022-3598,3570.patch
- security update:
* CVE-2022-3597 [bsc#1204641]
* CVE-2022-3626 [bsc#1204644]
* CVE-2022-3627 [bsc#1204645]
+ tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch
* CVE-2022-3599 [bsc#1204643]
+ tiff-CVE-2022-3599.patch
* CVE-2022-3598 [bsc#1204642]
+ tiff-CVE-2022-3598.patch
- security update:
* CVE-2022-2519 [bsc#1202968]
* CVE-2022-2520 [bsc#1202973]
* CVE-2022-2521 [bsc#1202971]
+ tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
- CVE-2022-34266 [bsc#1201971] and [bsc#1201723]: Rename tiff-CVE-2022-0561.patch to tiff-CVE-2022-0561,CVE-2022-34266.patch This CVE is actually a duplicate.
- security update:
* CVE-2022-34526 [bsc#1202026]
+ tiff-CVE-2022-34526.patch
- security update
* CVE-2022-2056 [bsc#1201176]
* CVE-2022-2057 [bsc#1201175]
* CVE-2022-2058 [bsc#1201174]
+ tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch