Debian 10225 Published by

The following update is available for both Debian GNU/Linux 8 (Jessie) and 9 (Stretch) Extended LTS:

ELA-1160-1 tiff security update




ELA-1160-1 tiff security update

Package : tiff
Version : 4.0.3-12.3+deb8u17 (jessie), 4.0.8-2+deb9u12 (stretch)

Related CVEs :
CVE-2023-3576
CVE-2023-52356

Two issues have been found in tiff, a Tag Image File Format (TIFF) library with tools.
Using crafted TIFF files an attacker would be able to cause a segmentation fault or
a memory leak, which may result in an application crash and denial of service.

ELA-1160-1 tiff security update