Package Release Info

tiff-4.0.9-45.5.1

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-480
Available in Package Hub : 15 SP4 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libtiff5-32bit
tiff

Change Logs

* Mon Jan 17 2022 mvetter@suse.com 
- security update: Fix buffer overwrite
  * CVE-2019-17546[bsc#1154365]
    + tiff-CVE-2019-17546.patch
- security update: Fix heap based buffer overflow in pal2rgb
  * CVE-2017-17095[bsc#1071031]
    + tiff-CVE-2017-17095.patch
- security update: Fix OOB in _TIFFmemcpy
  * CVE-2022-22844[bsc#1194539]
    + tiff-CVE-2022-22844.patch
- security update: Fix memory allocation failure in tif_read.c
  * CVE-2020-35521[bsc#1182808] CVE-2020-35522[bsc#1182809]
    + tiff-CVE-2020-35521,CVE-2020-35522.patch
- security update: Fix DOS via invertImage()
  * CVE-2020-19131[bsc#1190312]
    + tiff-CVE-2020-19131.patch
- security update: Fix heap-based buffer overflow in TIFF2PDF tool
  * CVE-2020-35524[bsc#1182812]
    + tiff-CVE-2020-35524.patch
- security update: Fix integer overflow in tif_getimage
  * CVE-2020-35523 [bsc#1182811]
    + tiff-CVE-2020-35523.patch
Version: 4.0.9-45.2.1
Version: 4.0.9-150000.45.8.1
* Fri May 06 2022 mvetter@suse.com 
- security update
  * CVE-2022-0561 [bsc#1195964]
    + tiff-CVE-2022-0561.patch
  * CVE-2022-0562 [bsc#1195965]
    + tiff-CVE-2022-0562.patch
  * CVE-2022-0865 [bsc#1197066]
    + tiff-CVE-2022-0865.patch
  * CVE-2022-0909 [bsc#1197072]
    + tiff-CVE-2022-0909.patch
  * CVE-2022-0924 [bsc#1197073]
    + tiff-CVE-2022-0924.patch
  * CVE-2022-0908 [bsc#1197074]
    + tiff-CVE-2022-0908.patch
* Fri May 06 2022 mvetter@suse.com 
- security update
  * CVE-2022-1056 [bsc#1197631]
  * CVE-2022-0891 [bsc#1197068]
    + tiff-CVE-2022-1056,CVE-2022-0891.patch
Version: 4.0.9-150000.45.25.1
* Thu Jan 26 2023 mvetter@suse.com 
- security update:
  * CVE-2022-48281 [bsc#1207413]
    + tiff-CVE-2022-48281.patch
Version: 4.0.9-150000.45.22.1
* Fri Nov 18 2022 fstrba@suse.com 
- security update:
  * CVE-2022-3570 [bsc#1205422]
  * CVE-2022-3598 [bsc#1204642]
    + tiff-CVE-2022-3598,3570.patch
Version: 4.0.9-150000.45.19.1
* Sun Nov 13 2022 mvetter@suse.com 
- security update:
  * CVE-2022-3597 [bsc#1204641]
  * CVE-2022-3626 [bsc#1204644]
  * CVE-2022-3627 [bsc#1204645]
    + tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch
  * CVE-2022-3599 [bsc#1204643]
    + tiff-CVE-2022-3599.patch
  * CVE-2022-3970 [bsc#1205392]
    + tiff-CVE-2022-3970.patch
Version: 4.0.9-150000.45.16.1
* Mon Oct 17 2022 mvetter@suse.com 
- security update:
  * CVE-2022-2519 [bsc#1202968]
  * CVE-2022-2520 [bsc#1202973]
  * CVE-2022-2521 [bsc#1202971]
    + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
  * CVE-2022-2867 [bsc#1202466]
  * CVE-2022-2868 [bsc#1202467]
  * CVE-2022-2869 [bsc#1202468]
    + tiff-CVE-2022-2867,CVE-2022-2868,CVE-2022-2869.patch
* Wed Aug 03 2022 mvetter@suse.com 
- CVE-2022-34266 [bsc#1201971] and [bsc#1201723]:
  Rename tiff-CVE-2022-0561.patch to
  tiff-CVE-2022-0561,CVE-2022-34266.patch
  This CVE is actually a duplicate.
* Mon Aug 01 2022 mvetter@suse.com 
- security update:
  * CVE-2022-34526 [bsc#1202026]
    + tiff-CVE-2022-34526.patch
Version: 4.0.9-150000.45.11.1
* Wed Jul 06 2022 mvetter@suse.com 
- security update
  * CVE-2022-2056 [bsc#1201176]
  * CVE-2022-2057 [bsc#1201175]
  * CVE-2022-2058 [bsc#1201174]
    + tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch