[Git][security-tracker-team/security-tracker][master] CVE-2022-3570/tiff: replace orphan commit with slightly different merged fix
Sylvain Beucler (@beuc)
beuc at debian.org
Tue Jan 17 13:59:32 GMT 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5fd3cc60 by Sylvain Beucler at 2023-01-17T14:59:08+01:00
CVE-2022-3570/tiff: replace orphan commit with slightly different merged fix
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22049,7 +22049,7 @@ CVE-2022-3599 (LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/398
CVE-2022-3598 (LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifte ...)
- tiff 4.4.0-5 (bug #1022555)
- NOTE: https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
+ NOTE: https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff (v4.5.0rc1)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/435
CVE-2022-3597 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif ...)
- tiff 4.4.0-5 (bug #1022555)
@@ -22255,7 +22255,7 @@ CVE-2022-3571
RESERVED
CVE-2022-3570 (Multiple heap buffer overflows in tiffcrop.c utility in libtiff librar ...)
- tiff 4.4.0-5 (bug #1022555)
- NOTE: https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c
+ NOTE: https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff (v4.5.0rc1)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/381
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/386
CVE-2022-3569 (Due to an issue with incorrect sudo permissions, Zimbra Collaboration ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd3cc60d42366d28193ce4bf6aaef0d14c59268
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd3cc60d42366d28193ce4bf6aaef0d14c59268
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230117/2278c0de/attachment.htm>
More information about the debian-security-tracker-commits
mailing list