[ALSA-2023:5353] Moderate: libtiff security update
Type:
security
Severity:
moderate
Release date:
2023-09-27
Description:
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800) * libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801) * libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802) * libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803) * libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libtiff-tools-4.0.9-29.el8_8.aarch64.rpm 56e5489cad42bf1dedcc9eb87f04ad3886c8eec218434274e9a11a71601be725
aarch64 libtiff-devel-4.0.9-29.el8_8.aarch64.rpm 8f4fe3e262a4e1cd6b979a64c1165e9fc349a2cd629c798fb39a6e037960c8e0
aarch64 libtiff-4.0.9-29.el8_8.aarch64.rpm e4c78cce740ba12ccf741e41b49005b0ee6b2375bd1f6a51831c0e0142e4eb72
i686 libtiff-devel-4.0.9-29.el8_8.i686.rpm 8fdec09852a3794f89255f49bf9fe03152d479976fd00f078e6d6b0309b71764
i686 libtiff-4.0.9-29.el8_8.i686.rpm a63b633f28a4e11de4b102571abab062e2354216c89d1d4725f530ba1dffc346
ppc64le libtiff-devel-4.0.9-29.el8_8.ppc64le.rpm 2c58f2ed239856db9a2605b13e0a839653e05b9f0d7c4a669c1c6bc32795ba9f
ppc64le libtiff-tools-4.0.9-29.el8_8.ppc64le.rpm 3b8e1967ffb4d595f76bf66863ad4f3185cdbd7917b53aa11f7483418f2855de
ppc64le libtiff-4.0.9-29.el8_8.ppc64le.rpm ba3a48d0ff25efdbd0e03ce55866708f99a72b734f01a0163e26af4563ee1a05
s390x libtiff-devel-4.0.9-29.el8_8.s390x.rpm 4c32a069c01f06c7725d8929e10ae021adba408295893d957638062cdd9ef8cf
s390x libtiff-4.0.9-29.el8_8.s390x.rpm 4d964dbc92d343b6b23a8b7e776cfca2c276332b72b6d2e52c23f69e8ba81dd3
s390x libtiff-tools-4.0.9-29.el8_8.s390x.rpm fd957df3af1eedec3824b0db4a1f205567a59576ea4190dfa512fcb42cd0d254
x86_64 libtiff-devel-4.0.9-29.el8_8.x86_64.rpm 42daa00660138ce00324ae785011c08acb102b83e42059f9c11f17057a8c06e6
x86_64 libtiff-tools-4.0.9-29.el8_8.x86_64.rpm 490b6735ed58202dd52c7a7534a6e6d755379bf81ccdf3b10b11276ae1d9f212
x86_64 libtiff-4.0.9-29.el8_8.x86_64.rpm 754d2142c51b8efb5de569cbce5dd72fe65763dbcd67b0157a44105be0351d4d
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.