Packages patched for CVE-2020-35522, CVE-2022-0561, CVE-2022-0562, CVE-2022-0865 and CVE-2022-0891 are now released and available. (https://ubuntu.com/security/notices/USN-5421-1).
Jammy is currently at version 4.3.0-6 which includes the patch for CVE-2022-0865 as it was introduced in 4.3.0-5. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1971001 Title: Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal, Impish and Jammy Status in tiff package in Ubuntu: In Progress Bug description: The versions in Trusty, Xenial, Bionic, Focal and Impish may be vulnerable to all CVEs below. The version in Jammy is vulnerable to CVE-2022-0865. Debian released an advisory on March 24. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/1971001/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
