[ubuntu/jammy-security] tiff 4.3.0-6ubuntu0.12 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Mon Sep 29 13:51:54 UTC 2025
tiff (4.3.0-6ubuntu0.12) jammy-security; urgency=medium
* SECURITY UPDATE: Memory corruption.
- debian/patches/CVE-2025-8961.patch: Add _TIFFfree and extra read_buff
check in tools/tiffcrop.c.
- CVE-2025-8961
* SECURITY UPDATE: Memory leak.
- debian/patches/CVE-2025-9165.patch: Add TIFFClose in tools/tiffcmp.c.
- CVE-2025-9165
* SECURITY UPDATE: Out of bounds write when processing specially crafted
TIFF files.
- debian/patches/CVE-2025-9900.patch: Add img->height and img->width
checks in libtiff/tif_getimage.c.
- CVE-2025-9900
Date: 2025-09-26 17:33:12.969814+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.3.0-6ubuntu0.12
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list