-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : tiff Version : 4.0.3-12.3+deb8u9 CVE ID : CVE-2019-14973
Even Rouault found an issue in tiff, a library providing support for the Tag Image File Format. Wrong handling off integer overflow checks, that are based on undefined compiler behavior, might result in an application crash.
For Debian 8 "Jessie", this problem has been fixed in version 4.0.3-12.3+deb8u9. We recommend that you upgrade your tiff packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl1i8ntfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEetyxAAkLlnTNSb0bFpl9L8LgbqHW+4lps/yifVI5XQq8RZ4fvimk0YwKlhDgZd orhR+l2ZBU+R4/CwPhxF9dnmPIrdoGag2D0HU456B8J6Vu8B4+zRwJrnR9i/jgVA wlI85Yg6jphbhU3bOjYX8UAOOUpz+lcydALLU6nBnUYdJZSq4l4KdDXbl9n/qmqq FhI89iirA4Vl6+bmgq1tWj8QlCwvRcCGf3WKh+JK+mkrBqvlRfOC+H8PrinEQA2I bA6CWRI8d+l6FcuKfD2Hh2hyXzWSpTWa50p/xWgjdOQuOlXq7uexzAO8sIzbe6eT pvkMi5j7jYYOPTbOw8WDdBMAZZOn7IjeoqaGq2HJ0tYIjf0By3JVc1lmo4DkF69e n6vc7nJKxY41ca8yG7gpw8eA2PD/jm6zjeX2ZfqQE/mgmHAV3LauA4vUT+cwsjAZ 4d1X7FPKnf+u3cWM0VUxZBb23u0xD8sLI5mPgqVt58uBUJtQo8rfJObuQzEgL1YF pKMsrcNl4w1f50FGwS5FmzruBobHxutTnhymheDwWJWWoA0pefTNuOgaCd3QjZg6 lHDMbcpnuYHVBX2fNbS8F9xZqUfqHg5KqI+QyIZaJW1r/ftW3MsbX87D4tMqeI+x EIZkE/7M8jS4L7LVNjacCGkVlWv8Rp9V0cokZIhU53stn68g9iU= =u9I7 -----END PGP SIGNATURE-----
