Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3690

Security update for tiff

Type: security
Severity: important
Issued: 2022-10-21
Description:
This update for tiff fixes the following issues:

- CVE-2022-2519: Fixed a double free in rotateImage() (bsc#1202968).
- CVE-2022-2520: Fixed a assertion failure in rotateImage() (bsc#1202973).
- CVE-2022-2521: Fixed invalid free in TIFFClose() (bsc#1202971).
- CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c (bsc#1202466).
- CVE-2022-2868: Fixed out of bounds read in reverseSamples16bits() (bsc#1202467).
- CVE-2022-2869: Fixed out of bounds read and write in extractContigSamples8bits() (bsc#1202468).
- CVE-2022-34526: Fixed stack overflow in the _TIFFVGetField function of Tiffsplit (bsc#1202026).

References

Packages

  • tiff-4.0.9-150000.45.16.1