Описание
ELSA-2023-2340: libtiff security update (MODERATE)
[4.4.0-7]
- Fix CVE-2022-3970
- Resolves: CVE-2022-3970
[4.4.0-6]
- Fix CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627
- Resolves: CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
libtiff
4.4.0-7.el9
libtiff-devel
4.4.0-7.el9
libtiff-tools
4.4.0-7.el9
Oracle Linux x86_64
libtiff
4.4.0-7.el9
libtiff-devel
4.4.0-7.el9
libtiff-tools
4.4.0-7.el9
Ссылки на источники
Связанные уязвимости
CVSS3: 7.7
ubuntu
больше 2 лет назад
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact