[ubuntu/questing-updates] tiff 4.7.0-3ubuntu3.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Mar 23 09:29:06 UTC 2026
tiff (4.7.0-3ubuntu3.1) questing-security; urgency=medium
* SECURITY UPDATE: null-pointer dereference
- debian/patches/CVE-2025-61143.patch: check for null pointer before call
to TIFFFileName in tools/tiffcrop.c.
- CVE-2025-61143
* SECURITY UPDATE: stack buffer overflow
- debian/patches/CVE-2025-61144.patch: update loop condition to also check
samples against MAX_SAMPLES in tools/tiffcrop.c.
- CVE-2025-61144
Date: 2026-03-18 10:12:12.499405+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.7.0-3ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list