Overview

File _patchinfo of Package patchinfo.37669

<patchinfo incident="37669">
  <issue tracker="bnc" id="1236834">tiff is not building on s390x as test 12 test_directory fails</issue>
  <issue tracker="bnc" id="1219213">VUL-0: CVE-2023-52356: tiff: libtiff: Segment fault in libtiff  in TIFFReadRGBATileExt() leading to denial of service</issue>
  <issue tracker="bnc" id="1212607">VUL-0: CVE-2023-25435: tiff: heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c</issue>
  <issue tracker="cve" id="2023-25435"/>
  <issue tracker="cve" id="2023-52356"/>
  <packager>lkocman</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for tiff</summary>
  <description>This update for tiff fixes the following issues:

- CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c (bsc#1212607).
- CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service (bsc#1219213).


Other bugfixes:

- Fixed tiff build issue on s390x as test 12 test_directory fails (bsc#1236834).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places