[Git][security-tracker-team/security-tracker][master] two more tiff non issues fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Sep 22 08:52:14 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4848639a by Moritz Muehlenhoff at 2025-09-22T09:51:38+02:00
two more tiff non issues fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -194713,9 +194713,9 @@ CVE-2023-6238 (A buffer overflow vulnerability was found in the NVM Express (NVM
CVE-2023-6235 (An uncontrolled search path element vulnerability has been found in th ...)
NOT-FOR-US: Duet Display for Windows
CVE-2023-6228 (An issue was found in the tiffcp utility distributed by the libtiff pa ...)
- - tiff <unfixed> (unimportant)
+ - tiff 4.7.0-1 (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/606
- NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a
+ NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a (v4.7.0rc1)
NOTE: Crash in CLI tool, no security impact
CVE-2023-6213 (Memory safety bugs present in Firefox 119. Some of these bugs showed e ...)
- firefox 120.0-1
@@ -219112,8 +219112,10 @@ CVE-2023-2414 (The Online Booking & Scheduling Calendar for WordPress by vcita p
CVE-2023-2402 (The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPre ...)
NOT-FOR-US: WordPress plugin
CVE-2023-3164 (A heap-buffer-overflow vulnerability was found in LibTIFF, in extractI ...)
- - tiff <unfixed> (unimportant)
+ - tiff 4.7.0-1 (unimportant)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/542
+ NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/595
+ NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/a20298c4785c369469510613dfbc5bf230164fed (v4.7.0rc1)
NOTE: Crash in CLI tool, no security impact
CVE-2023-3165 (A vulnerability was found in SourceCodester Life Insurance Management ...)
NOT-FOR-US: SourceCodester Life Insurance Management System
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4848639ad13b2eab2ee1d581c5aa17682b81db23
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4848639ad13b2eab2ee1d581c5aa17682b81db23
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250922/97b34c1d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list