[SECURITY] [DLA 911-1] tiff security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 911-1] tiff security update
From: Markus Koschany <apo@debian.org>
Date: Mon, 24 Apr 2017 11:30:12 +0200
Message-id: <[🔎] ece53bd3-f119-6a99-134f-756becdbe5a2@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tiff
Version        : 4.0.2-6+deb7u12
CVE ID         : CVE-2017-7592 CVE-2017-7593 CVE-2017-7594
                 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597
                 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600
                 CVE-2017-7601 CVE-2017-7602
Debian Bug     : 859998 860000 860001 860003

Multiple security issues have been found in the tiff image library
that may allow remote attackers to cause a denial of service
(application crash), to obtain sensitive information from process
memory or possibly have unspecified other impact via a crafted image

For Debian 7 "Wheezy", these problems have been fixed in version
4.0.2-6+deb7u12.

We recommend that you upgrade your tiff packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlj9xaRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeRVbQ//ZT13rLFzY44u1eUqzD1k3YT//fc10Raja94mVwl8iMz0atfJR52FOE+l
8jR03R7Q6HblNOPLyD/rx2jEcd+1XrkOFIgY68R5biACMDBMIeIKzPc3bU4CSPFG
qRp3BmJjHWRD/NEp7rXB/wmuti1y4s121H+44Uxw0faVF+x6+jwWE1X37kVwB9lF
Vl+PydCHsxSks/SQFmQrrugXG07ZU7mt7aMCW+apqQvARggbp7Y+3fKnZivT8sKQ
+BkjgL1/MrXDirfKUNyXF1IlJa0ah1piymxDpucL+thgYB2P05JxXZf65WgMsKh0
HcBfR9DQvV4+QFC92dU7znG81y5uPnTkBmKvqlT6bVlh+uVYd4zxrQLgBPnD0R6L
VVAer4biHnUhXoZcVduWOu986s3sBlxKA5TDdFRgG4iwAzCtdcZ/fYcAIKCh6V9v
AmwFVTO6igtz56BI1BqtoCT6ZZLrwO8b1zCGpSTxObYTFn53njmpI1A7ohb41EtB
qvxs8jnyzE/MMQQuNXDXoMCmITB9PFbDdLRORCBpVJ6VEbVVB1v9W5QxH+IoWYpT
l+TB8UobiPp7CboIwMmugUqs7Q02StSLKb8m2E0I7E3nz8rFUDuy+ru3rqh+qSya
UojQOB3MCRgOw1Uko51QlHhXIKrEFKc1rsLt9fVzOPL3PSJfVMA=
=tQI3
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 910-1] libreoffice security update
Next by Date: [SECURITY] [DLA 912-1] tiff3 security update
Previous by thread: [SECURITY] [DLA 910-1] libreoffice security update
Next by thread: [SECURITY] [DLA 912-1] tiff3 security update
Index(es):
- Date
- Thread