MGASA-2022-0240

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0240.html

Import Source

https://advisories.mageia.org/MGASA-2022-0240.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0240

Related

CVE-2022-1354
CVE-2022-1355
CVE-2022-1622
CVE-2022-1623

Published

2022-06-24T20:50:43Z

Modified

2022-06-24T19:59:59Z

Summary

Updated libtiff packages fix security vulnerability

Details

Heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c. (CVE-2022-1354) Stack-buffer-overflow in tiffcp.c in main(). (CVE-2022-1355) Out-of-bounds read in LZWDecode. (CVE-2022-1622, CVE-2022-1623)

References

https://advisories.mageia.org/MGASA-2022-0240.html
https://bugs.mageia.org/show_bug.cgi?id=30571
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UXAFOP6QQRNZD3HPZ6BMCEZZOM4YIZMK/

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2022-0240

Affected packages