[ubuntu/questing-security] tiff 4.7.0-3ubuntu3.1 (Accepted)
Ian Constantin
ian.constantin at canonical.com
Mon Mar 23 08:04:17 UTC 2026
tiff (4.7.0-3ubuntu3.1) questing-security; urgency=medium
* SECURITY UPDATE: null-pointer dereference
- debian/patches/CVE-2025-61143.patch: check for null pointer before call
to TIFFFileName in tools/tiffcrop.c.
- CVE-2025-61143
* SECURITY UPDATE: stack buffer overflow
- debian/patches/CVE-2025-61144.patch: update loop condition to also check
samples against MAX_SAMPLES in tools/tiffcrop.c.
- CVE-2025-61144
Date: 2026-03-18 10:12:12.499405+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.7.0-3ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list