[ubuntu/plucky-security] tiff 4.5.1+git230720-4ubuntu4.2 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Mon Sep 29 13:51:52 UTC 2025
tiff (4.5.1+git230720-4ubuntu4.2) plucky-security; urgency=medium
* SECURITY UPDATE: Memory corruption.
- debian/patches/CVE-2025-8961.patch: Add _TIFFfree and extra read_buff
check in tools/tiffcrop.c.
- CVE-2025-8961
* SECURITY UPDATE: Memory leak.
- debian/patches/CVE-2025-9165.patch: Add TIFFClose in tools/tiffcmp.c.
- CVE-2025-9165
* SECURITY UPDATE: Out of bounds write when processing specially crafted
TIFF files.
- debian/patches/CVE-2025-9900.patch: Add img->height and img->width
checks in libtiff/tif_getimage.c.
- CVE-2025-9900
Date: 2025-09-24 15:38:13.644712+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.5.1+git230720-4ubuntu4.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list