Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4259

Security update for tiff

Type: security
Severity: important
Issued: 2022-11-28
Description:
This update for tiff fixes the following issues:

- CVE-2022-3597: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (bnc#1204641).
- CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in tools/tiffcrop.c (bnc#1204643).
- CVE-2022-3626: Fixed out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c (bnc#1204644)
- CVE-2022-3627: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (bnc#1204645).
- CVE-2022-3970: Fixed unsigned integer overflow in TIFFReadRGBATileExt() (bnc#1205392).

References

Packages

  • tiff-4.0.9-150000.45.19.1