[Git][security-tracker-team/security-tracker][master] CVE-2022-3570/tiff: replace orphan commit with slightly different merged fix

Tue, 17 Jan 2023 05:59:39 -0800 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5fd3cc60 by Sylvain Beucler at 2023-01-17T14:59:08+01:00
CVE-2022-3570/tiff: replace orphan commit with slightly different merged fix

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22049,7 +22049,7 @@ CVE-2022-3599 (LibTIFF 4.4.0 has an out-of-bounds read 
in writeSingleSection in
        NOTE: https://gitlab.com/libtiff/libtiff/-/issues/398
 CVE-2022-3598 (LibTIFF 4.4.0 has an out-of-bounds write in 
extractContigSamplesShifte ...)
        - tiff 4.4.0-5 (bug #1022555)
-       NOTE: 
https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
+       NOTE: 
https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
 (v4.5.0rc1)
        NOTE: https://gitlab.com/libtiff/libtiff/-/issues/435
 CVE-2022-3597 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in 
libtiff/tif ...)
        - tiff 4.4.0-5 (bug #1022555)
@@ -22255,7 +22255,7 @@ CVE-2022-3571
        RESERVED
 CVE-2022-3570 (Multiple heap buffer overflows in tiffcrop.c utility in libtiff 
librar ...)
        - tiff 4.4.0-5 (bug #1022555)
-       NOTE: 
https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c
+       NOTE: 
https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
 (v4.5.0rc1)
        NOTE: https://gitlab.com/libtiff/libtiff/-/issues/381
        NOTE: https://gitlab.com/libtiff/libtiff/-/issues/386
 CVE-2022-3569 (Due to an issue with incorrect sudo permissions, Zimbra 
Collaboration  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd3cc60d42366d28193ce4bf6aaef0d14c59268

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fd3cc60d42366d28193ce4bf6aaef0d14c59268
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to