UbuntuUpdates.org

Package "tiff"

Name: tiff

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • TIFF manipulation and conversion tools
  • TIFF manipulation and conversion tools
Latest version: 4.1.0+git191117-2ubuntu0.20.04.2
Release: focal (20.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "tiff" in Focal

Repository Area Version
base main 4.1.0+git191117-2build1
base universe 4.1.0+git191117-2build1
security main 4.1.0+git191117-2ubuntu0.20.04.2
updates main 4.1.0+git191117-2ubuntu0.20.04.2
updates universe 4.1.0+git191117-2ubuntu0.20.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.1.0+git191117-2ubuntu0.20.04.2 2021-09-21 13:06:19 UTC

  tiff (4.1.0+git191117-2ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: buffer overflow via TIFFTAG_PREDICTOR
    - debian/patches/CVE-2020-19143.patch: TIFFTAG_PREDICTOR is not
      supported for WebP in libtiff/tif_dirinfo.c, tools/tiffcp.c.
    - CVE-2020-19143

 -- Marc Deslauriers <email address hidden> Fri, 17 Sep 2021 09:14:04 -0400
Source diff to previous version
CVE-2020-19143 Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'

Version: 4.1.0+git191117-2ubuntu0.20.04.1 2021-02-25 19:06:18 UTC

  tiff (4.1.0+git191117-2ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: Integer overflow in tif_getimage.c
    - debian/patches/CVE-2020-35523.patch: check Tile width for overflow in
      libtiff/tif_getimage.c.
    - CVE-2020-35523
  * SECURITY UPDATE: Heap-based buffer overflow in TIFF2PDF tool
    - debian/patches/CVE-2020-35524.patch: properly calculate datasize when
      saving to JPEG YCbCr in tools/tiff2pdf.c.
    - CVE-2020-35524

 -- Marc Deslauriers <email address hidden> Thu, 25 Feb 2021 07:36:40 -0500
CVE-2020-35523 Integer overflow in tif_getimage.c
CVE-2020-35524 Heap-based buffer overflow in TIFF2PDF tool


About   -   Send Feedback to @ubuntu_updates