Overview

File _patchinfo of Package patchinfo.26866

<patchinfo incident="26866">
  <issue tracker="cve" id="2022-3970"/>
  <issue tracker="cve" id="2022-3599"/>
  <issue tracker="cve" id="2022-3626"/>
  <issue tracker="cve" id="2022-3627"/>
  <issue tracker="cve" id="2022-3597"/>
  <issue tracker="bnc" id="1204643">VUL-0: CVE-2022-3599: tiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c</issue>
  <issue tracker="bnc" id="1205392">VUL-0: CVE-2022-3970: tiff: unsigned integer overflow in TIFFReadRGBATileExt()</issue>
  <issue tracker="bnc" id="1204644">VUL-0: CVE-2022-3626: tiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c</issue>
  <issue tracker="bnc" id="1204645">VUL-0: CVE-2022-3627: tiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c</issue>
  <issue tracker="bnc" id="1204641">VUL-0: CVE-2022-3597: tiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c</issue>
  <packager>mvetter</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for tiff</summary>
  <description>This update for tiff fixes the following issues:

- CVE-2022-3597: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (bnc#1204641).
- CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in tools/tiffcrop.c (bnc#1204643).
- CVE-2022-3626: Fixed out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c (bnc#1204644)
- CVE-2022-3627: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c (bnc#1204645).
- CVE-2022-3970: Fixed unsigned integer overflow in TIFFReadRGBATileExt() (bnc#1205392).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places