File _patchinfo of Package patchinfo.31773

<patchinfo incident="31773">
  <issue tracker="cve" id="2023-2731"/>
  <issue tracker="cve" id="2023-1916"/>
  <issue tracker="cve" id="2023-26965"/>
  <issue tracker="cve" id="2022-1622"/>
  <issue tracker="cve" id="2022-40090"/>
  <issue tracker="bnc" id="1210231">VUL-0: CVE-2023-1916: tiff: libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c</issue>
  <issue tracker="bnc" id="1199483">VUL-0: CVE-2022-1622: tiff: out-of-bounds read in LZWDecode</issue>
  <issue tracker="bnc" id="1212398">VUL-0: CVE-2023-26965: tiff: heap-based use after free via a crafted TIFF imag</issue>
  <issue tracker="bnc" id="1214680">VUL-0: CVE-2022-40090: tiff: infinite loop via a crafted TIFF file</issue>
  <issue tracker="bnc" id="1211478">VUL-0: CVE-2023-2731: tiff: null pointer deference in LZWDecode() in libtiff/tif_lzw.c</issue>
  <packager>mvetter</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for tiff</summary>
  <description>This update for tiff fixes the following issues:

- CVE-2023-2731: Fix null pointer deference in LZWDecode() (bsc#1211478).
- CVE-2023-1916: Fix out-of-bounds read in extractImageSection() (bsc#1210231).
- CVE-2023-26965: Fix heap-based use after free in loadImage() (bsc#1212398).
- CVE-2022-40090: Fix infinite loop in TIFFReadDirectory() (bsc#1214680).
</description>
</patchinfo>