Accepted tiff 4.1.0+git191117-2~deb10u8 (source) into oldoldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted tiff 4.1.0+git191117-2~deb10u8 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 31 Jul 2023 19:50:23 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: tiff_4.1.0+git191117-2~deb10u8_source.changes
- Debian-source: tiff
- Debian-suite: oldoldstable
- Debian-version: 4.1.0+git191117-2~deb10u8
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=fd2FrbSbFITX1oTXQXIUkGiSR3HG4xvLbvYSq21+y4Y=; b=GwJWgvopNNWZARWM+7QSHMuI5F fIMQMjjvPkG45PycrlEmhutHoEU90uQMC2BT67VwCEaSRMygmQx80lYbE0wIsOTFJm3XqsLyletif 95eFwpd6EvSDc3p5mpfcilImVJ8td8H6OOgP31OMF8W2kyczTZBSzrhA1tk65ntjd4n38t17/Wv5h OmCP7tAm8PHVzP0bRafhilMV62V7J3t1rdGGSAwIvidZXqyR6UFDIcPPCj0k5YEO0wE3NCDcBEIdN IHhyLTphPfjmL+71uzMpO1/ZS5c+jv7jmQOYl0Xw9d6JmMrsV3zP2/LGYmvUVAjtYHqm16WH7asd0 toxflP0A==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qQYuN-000AJF-C1@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 31 Jul 2023 21:39:33 +0300
Source: tiff
Architecture: source
Version: 4.1.0+git191117-2~deb10u8
Distribution: buster-security
Urgency: medium
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Changes:
tiff (4.1.0+git191117-2~deb10u8) buster-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2023-2908: NULL pointer dereference in tif_dir.c
* CVE-2023-3316: NULL pointer dereference in TIFFClose()
* CVE-2023-3618: Buffer overflow in tiffcrop
* CVE-2023-25433: Buffer overflow in tiffcrop
* CVE-2023-26965: Use after free in tiffcrop
* CVE-2023-26966: Buffer overflow in uv_encode()
* CVE-2023-38288: Integer overflow in tiffcp
* CVE-2023-38289: Integer overflow in raw2tiff
Checksums-Sha1:
f7ad1012f327531de7bd7441db2a9c59224660fd 2274 tiff_4.1.0+git191117-2~deb10u8.dsc
19d0d4f42a336cc73060a9c40c21ac45a23d4d41 1533524 tiff_4.1.0+git191117.orig.tar.xz
570b1f441d0db38b62e04030d9479db086564048 45552 tiff_4.1.0+git191117-2~deb10u8.debian.tar.xz
Checksums-Sha256:
fe9bb494ce22d6a3533dd76560369da547572b28265e234ad91891d7c210f17b 2274 tiff_4.1.0+git191117-2~deb10u8.dsc
67e1d045e994adb7144b0cca228d70dd6d520aaf8c75c342064bc0fd601e6e42 1533524 tiff_4.1.0+git191117.orig.tar.xz
a60b7afdcd7ffc49ca79fa685a473c2cd5ad6677d5443dac9792b1cce88f5ffd 45552 tiff_4.1.0+git191117-2~deb10u8.debian.tar.xz
Files:
7a8a79988cb6b8d33e0e7e78b5ab233a 2274 libs optional tiff_4.1.0+git191117-2~deb10u8.dsc
f51040d3436eedde9d3ba7d166754c3e 1533524 libs optional tiff_4.1.0+git191117.orig.tar.xz
02377c66c264b95c30a4c7dfc57a421c 45552 libs optional tiff_4.1.0+git191117-2~deb10u8.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmTIDNwACgkQiNJCh6LY
mLFSXhAApSEYLiT9WT1JM8kCA9Lq0wWNop1WLFGVBYtBfi1tR+Cq+6J+h0/eUABu
CsvtHwmhZiEMT+y691mYWtBFb+mpwGE90bgJLrpppRk9WukheYWjvO+3w9GX0Qyt
JGi460Sd4mqtBAjqWHsdF+5FgccjRNCi8Ip0DGfx2ssxPN5VApL6BeMI+DptFZmW
8M4Cfpw++DbsXUPe2ouA/B8D/WU/PXoBkLAO+wU7tu+3HmoD751PinL0IHsF9Pp5
VZVvvHwJH3Mg0hXVRv3uZ/OGgNgW33ysBM2F55EClvYt9D8AiovR01zl0l7wgcwM
lhNSZKmnJWjQoBrnQZMmPibVk2r8i3Qn/RvlobPs9a/aCB/g+rYgL86Hi0iQp+tt
x68Gii8Vlot+Q2Z1N8P+ZOwz6zn23MLmtxSEZnprWWzDBiVl5NluVpN1CznOMyNu
IblzBjDQ41w9vJkPsn1ymAQ0qMJjh4yJIFXBMrCglFeIx6zrpu0BGEpbWQifQVFu
WRVPfUMGMx8xiRptmSEXUTyQKZCv1GV7vNiDmd9k7dj2aDPzIQyThXBkJITj1zfq
htPdJ3nWILH3AqItozY+TmztxqpvrQBSvEOuNAQiQ9tx5CClVKA7zz1zBxcPo9eN
q+HhSk/jewmrvSmFGQ5649yXckPWjM1L3PJTwV81J7xjYjZBH5E=
=IjJO
-----END PGP SIGNATURE-----