Back to tiff PTS page

Accepted tiff 4.2.0-1+deb11u2 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted tiff 4.2.0-1+deb11u2 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 31 Jan 2023 17:48:07 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: tiff_4.2.0-1+deb11u2_source.changes
Debian-source: tiff
Debian-suite: proposed-updates
Debian-version: 4.2.0-1+deb11u2
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=5tFVWzTQ6SRIDgauIchD/Ylu6UltZJJbxsy20q8cbuQ=; b=fJ6np97VrLNYyLpFJylRollwLC CWpTA9ZSRvQgwsM9N+CBRPfHweFhUu4C+1D7IvPuhSPqHw05oX2Tvu97MNHZre+vDDvmA4OzbyzIq K0Q3ZI5XacNBDEus3pXQH7TN/J5PAhHNS08wx91laW4ksRjL0a97dLKZ3l9wKX99j9uRNQXGq6sq9 jFxiX1kbQTAkC2bIBmn4w4353uHryQNuKE/bQwlw4ce9XM5sVR6MbJ+JDAwZEsjoLinSvXMJALDU3 mWFOQzJaw4bPMmBBLJcVxdYIjQCQKYi0eep/NNWbgcgetwhUk8Zz3KUdP4CbqQd5qO6Xp6yz1tYLi pD5czFXQ==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1pMujn-002rnt-TI@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 17 Jan 2023 16:17:33 +0800
Source: tiff
Architecture: source
Version: 4.2.0-1+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Aron Xu <aron@debian.org>
Changes:
 tiff (4.2.0-1+deb11u2) bullseye-security; urgency=high
 .
   [ Laszlo Boszormenyi (GCS) ]
   * Backport security fix for CVE-2022-1354, heap buffer overflow in
     TIFFReadRawDataStriped() .
   * Backport security fix for CVE-2022-1355, tiffcp stack buffer overflow in
     "mode" string.
   * Backport security fix for CVE-2022-1622 and CVE-2022-1623, out of bounds
     read in LZWDecode() .
   * Backport security fix for CVE-2022-34526, stack overflow in
     _TIFFVGetField() .
 .
   [ Aron Xu ]
   * Non-maintainer upload by the Security Team.
   * Backport security fix for CVE-2022-2056, CVE-2022-2057 and CVE-2022-2058,
     divide by zero in computeInputPixelOffsets().
   * Backport security fix for CVE-2022-2867, CVE-2022-2868 and CVE-2022-2869,
     out of bounds read/write caused by uint32_t underflow.
   * Backport security fix for CVE-2022-3570 and CVE=2022-3598, buffer overflow
     in tiffcrop subroutines.
   * Backport security fix for CVE-2022-2519, CVE-2022-2520, CVE-2022-2521,
     CVE-2022-2953, CVE-2022-3597, CVE-2022-3636 and CVE-2022-3627, disable
     the combination of incompatible options to avoid out-of-bounds writes.
   * Backport security fix for CVE-2022-3599, out-of-bounds read in
     writeSingleSection().
Checksums-Sha1:
 3bdc9aff160e180c6559a9daaec09f95204703b4 2116 tiff_4.2.0-1+deb11u2.dsc
 f2e4fdca91dc0a08bb436ec3b19d1b7614987022 38116 tiff_4.2.0-1+deb11u2.debian.tar.xz
 aa2760fdf78042256afe6123a72b2a7c1dc721c6 7857 tiff_4.2.0-1+deb11u2_source.buildinfo
Checksums-Sha256:
 ae32d3e12ad770e1e27781534ee1dfc1a35f9f0cb930ff8e03cc910fb9efaa89 2116 tiff_4.2.0-1+deb11u2.dsc
 bc4e408c242558f4a828d257a5b97e1bc42f7339ef26fa4a17e7a17f2d1d2622 38116 tiff_4.2.0-1+deb11u2.debian.tar.xz
 e91c0348dbd3ba5b40610c4a60457611577fded3be3ca345764692d5436ce60c 7857 tiff_4.2.0-1+deb11u2_source.buildinfo
Files:
 04c6f3715161b3c27e0e4bf9701d6567 2116 libs optional tiff_4.2.0-1+deb11u2.dsc
 0fd99c3fb86a74ab95ca4d0736ab2c62 38116 libs optional tiff_4.2.0-1+deb11u2.debian.tar.xz
 f85f16bd9dce4973a41e950b4e80eacc 7857 libs optional tiff_4.2.0-1+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmPWDvoACgkQO1LKKgqv
2VSOGQf/UnvbM/4IY41Z1aVtd/X+cLVenoLPhQkD3moFH2mK1cved0vQSVG7DQxH
aFY3UAI0ZDzB2VPYnE7CHDNP4ZJedm888MclZUqmFDKnWBN4Lkb7KKfUmvVdOivQ
llCWFZtCPI9VPzS3K3YgSW4x93ckcxH5TlEok2ATU505CXE/GWnohYutQkoZ6C5a
q7O0FwH8TUcFk3vj0a0Le0FH0X+oATuIJ75BOP14E1oO0QQZQ5/vkIFoXz6ACITB
b05q2vXhIclJHCOrgEmZk/9vEX5ctYxUjJUfbBwFtMR0xGNjPOBsP+ukpzYowgXu
BfmiK6PzAdDMAeiUv1+6PIlcJVTfFQ==
=hUx/
-----END PGP SIGNATURE-----