[Git][security-tracker-team/security-tracker][master] Add CVE-2026-12912/tiff

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 29 21:48:57 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
04ba9586 by Salvatore Bonaccorso at 2026-06-29T22:48:21+02:00
Add CVE-2026-12912/tiff

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -264,7 +264,15 @@ CVE-2026-13437 (Insertion of sensitive information into sent data in the AI Agen
 CVE-2026-13165 (SzafirHost verifies the downloaded native library archive with one Jar ...)
 	NOT-FOR-US: SzafirHost
 CVE-2026-12912 (A flaw was found in libtiff. A remote attacker could exploit this vuln ...)
-	TODO: check
+	- tiff <unfixed>
+	NOTE: https://gitlab.com/libtiff/libtiff/-/work_items/824
+	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/873
+	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/ba2b04b114c5dd945107ccc613cedfcca3af73bb (v4.7.2rc2)
+	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/51fa6dfe93f20da0d38f079fbc61c7c960bcbc16 (v4.7.2rc2)
+	NOTE: https://gitlab.com/libtiff/libtiff/-/work_items/828
+	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/883
+	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/f9bda11bf2fc819b971517582666d56f18b1bc3f (v4.7.2rc2)
+	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/90601d9a23382d98f3695ec14441145c37a77574 (v4.7.2rc2)
 CVE-2026-12856 (A flaw was found in the vscode-java extension, which provides Java lan ...)
 	NOT-FOR-US: vscode-java
 CVE-2026-12672



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04ba9586dc9c11ffac30bb2c4aa4eebf631bfa76

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04ba9586dc9c11ffac30bb2c4aa4eebf631bfa76
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/c731300b/attachment.htm>


More information about the debian-security-tracker-commits mailing list