File _patchinfo of Package patchinfo.24138

<patchinfo incident="24138">
  <issue tracker="cve" id="2022-0924"/>
  <issue tracker="cve" id="2022-1056"/>
  <issue tracker="cve" id="2022-0865"/>
  <issue tracker="cve" id="2022-0891"/>
  <issue tracker="cve" id="2022-0561"/>
  <issue tracker="cve" id="2022-0562"/>
  <issue tracker="cve" id="2022-0908"/>
  <issue tracker="cve" id="2022-0909"/>
  <issue tracker="bnc" id="1197072">VUL-0: CVE-2022-0909: tiff: Divide By Zero error in tiffcrop in</issue>
  <issue tracker="bnc" id="1195965">VUL-0: CVE-2022-0562: tiff: Null source pointer passed as an argument to memcpy() within TIFFReadDirectory() in tif_dirread.c</issue>
  <issue tracker="bnc" id="1197074">VUL-0: CVE-2022-0908: tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag()</issue>
  <issue tracker="bnc" id="1197068">VUL-0: CVE-2022-0891: tiff: heap buffer overflow in extractImageSection</issue>
  <issue tracker="bnc" id="1197073">VUL-0: CVE-2022-0924: tiff: Out-of-bounds Read error in tiffcp</issue>
  <issue tracker="bnc" id="1197631">VUL-0: CVE-2022-1056: tiff: Out-of-bounds Read error in tiffcrop</issue>
  <issue tracker="bnc" id="1197066">VUL-0: CVE-2022-0865: tiff: assertion failed in TIFFReadAndRealloc</issue>
  <issue tracker="bnc" id="1195964">VUL-0: CVE-2022-0561: tiff: Null source pointer passed as an argument to memcpy() within TIFFFetchStripThing() in tif_dirread.c</issue>
  <packager>mvetter</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for tiff</summary>
  <description>This update for tiff fixes the following issues:

- CVE-2022-0561: Fixed null source pointer passed as an argument to memcpy() within TIFFFetchStripThing() in tif_dirread.c (bsc#1195964).
- CVE-2022-0562: Fixed null source pointer passed as an argument to memcpy() within TIFFReadDirectory() in tif_dirread.c (bsc#1195965).
- CVE-2022-0865: Fixed assertion failure in TIFFReadAndRealloc (bsc#1197066).
- CVE-2022-0909: Fixed divide by zero error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197072).
- CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have led to a denial-of-service via a crafted tiff file (bsc#1197073).
- CVE-2022-0908: Fixed null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() (bsc#1197074).
- CVE-2022-1056: Fixed out-of-bounds read error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197631).
- CVE-2022-0891: Fixed heap buffer overflow in extractImageSection (bsc#1197068).
</description>
</patchinfo>