[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1897-1] tiff security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tiff
Version        : 4.0.3-12.3+deb8u9
CVE ID         : CVE-2019-14973


Even Rouault found an issue in tiff, a library providing support for the Tag Image File Format. Wrong handling off integer overflow checks, that are based on undefined compiler behavior, might result in an application crash.


For Debian 8 "Jessie", this problem has been fixed in version
4.0.3-12.3+deb8u9.

We recommend that you upgrade your tiff packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl1i8ntfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEetyxAAkLlnTNSb0bFpl9L8LgbqHW+4lps/yifVI5XQq8RZ4fvimk0YwKlhDgZd
orhR+l2ZBU+R4/CwPhxF9dnmPIrdoGag2D0HU456B8J6Vu8B4+zRwJrnR9i/jgVA
wlI85Yg6jphbhU3bOjYX8UAOOUpz+lcydALLU6nBnUYdJZSq4l4KdDXbl9n/qmqq
FhI89iirA4Vl6+bmgq1tWj8QlCwvRcCGf3WKh+JK+mkrBqvlRfOC+H8PrinEQA2I
bA6CWRI8d+l6FcuKfD2Hh2hyXzWSpTWa50p/xWgjdOQuOlXq7uexzAO8sIzbe6eT
pvkMi5j7jYYOPTbOw8WDdBMAZZOn7IjeoqaGq2HJ0tYIjf0By3JVc1lmo4DkF69e
n6vc7nJKxY41ca8yG7gpw8eA2PD/jm6zjeX2ZfqQE/mgmHAV3LauA4vUT+cwsjAZ
4d1X7FPKnf+u3cWM0VUxZBb23u0xD8sLI5mPgqVt58uBUJtQo8rfJObuQzEgL1YF
pKMsrcNl4w1f50FGwS5FmzruBobHxutTnhymheDwWJWWoA0pefTNuOgaCd3QjZg6
lHDMbcpnuYHVBX2fNbS8F9xZqUfqHg5KqI+QyIZaJW1r/ftW3MsbX87D4tMqeI+x
EIZkE/7M8jS4L7LVNjacCGkVlWv8Rp9V0cokZIhU53stn68g9iU=
=u9I7
-----END PGP SIGNATURE-----


Reply to: