Overview

File _patchinfo of Package patchinfo.26370

<patchinfo incident="26370">
  <issue tracker="cve" id="2022-0561"/>
  <issue tracker="cve" id="2022-34526"/>
  <issue tracker="cve" id="2022-34266"/>
  <issue tracker="bnc" id="1201971">CVE-2022-34266 on SLES 12 SP2 Reactive LTSS: tiff</issue>
  <issue tracker="bnc" id="1201723">VUL-0: CVE-2022-34266: tiff: invalid range may be passed as an argument to the memset() function</issue>
  <issue tracker="bnc" id="1202026">VUL-0: CVE-2022-34526: tiff: stack overflow in the _TIFFVGetField function of Tiffsplit</issue>
  <issue tracker="cve" id="2022-2519"/>
  <issue tracker="cve" id="2022-2520"/>
  <issue tracker="cve" id="2022-2521"/>
  <issue tracker="cve" id="2022-2867"/>
  <issue tracker="cve" id="2022-2868"/>
  <issue tracker="cve" id="2022-2869"/>
  <issue tracker="bnc" id="1202968">VUL-0: CVE-2022-2519: tiff:  double free or corruption in rotateImage() function at tiffcrop.c</issue>
  <issue tracker="bnc" id="1202973">VUL-0: CVE-2022-2520: tiff: assertion fail in rotateImage() function at tiffcrop.c</issue>
  <issue tracker="bnc" id="1202971">VUL-0: CVE-2022-2521: tiff: Invalid pointer free operation in TIFFClose() at tif_close.c</issue>
  <issue tracker="bnc" id="1202466">VUL-0: CVE-2022-2867: tiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c</issue>
  <issue tracker="bnc" id="1202467">VUL-0: CVE-2022-2868: tiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits()</issue>
  <issue tracker="bnc" id="1202468">VUL-0: CVE-2022-2869: tiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits()</issue>
  <packager>mvetter</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for tiff</summary>
  <description>This update for tiff fixes the following issues:

- CVE-2022-2519: Fixed a double free in rotateImage() (bsc#1202968).
- CVE-2022-2520: Fixed a assertion failure in rotateImage() (bsc#1202973).
- CVE-2022-2521: Fixed invalid free in TIFFClose() (bsc#1202971).
- CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c (bsc#1202466).
- CVE-2022-2868: Fixed out of bounds read in reverseSamples16bits() (bsc#1202467).
- CVE-2022-2869: Fixed out of bounds read and write in extractContigSamples8bits() (bsc#1202468).
- CVE-2022-34526: Fixed stack overflow in the _TIFFVGetField function of Tiffsplit (bsc#1202026).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places