libtiff-4.4.0-5.el9

エラータID: AXSA:2023-4864:02

Release date: 
Thursday, January 26, 2023 - 07:08
Subject: 
libtiff-4.4.0-5.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* LibTiff: DoS from Divide By Zero Error (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)
* libtiff: Double free or corruption in rotateImage() function at tiffcrop.c (CVE-2022-2519)
* libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c (CVE-2022-2953)
* libtiff: Assertion fail in rotateImage() function at tiffcrop.c (CVE-2022-2520)
* libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c (CVE-2022-2521)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-2056
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVE-2022-2057
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVE-2022-2058
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVE-2022-2519
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
CVE-2022-2520
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
CVE-2022-2953
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8.

Solution: 

Update packages.

CVEs: 
CVE-2022-2056
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVE-2022-2057
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVE-2022-2058
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
CVE-2022-2519
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
CVE-2022-2520
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
CVE-2022-2953
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8.
Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-4.4.0-5.el9.src.rpm
    MD5: e6bffdd3300630d7029482ca82acb45f
    SHA-256: af2ebbae3cfe1b4b43ff01e9bdc858861c28719209404473aedb3102afbf510f
    Size: 2.73 MB

Asianux Server 9 for x86_64
  1. libtiff-4.4.0-5.el9.x86_64.rpm
    MD5: 9c547d26eba25459c5876ce9e5fd13d4
    SHA-256: 6976ca658db22909061db26c3599e665e6ca648904125b5cb05b59ec6bf54ada
    Size: 194.86 kB
  2. libtiff-devel-4.4.0-5.el9.x86_64.rpm
    MD5: 1f4939a8de759a77cd5776f3656d5b15
    SHA-256: 8ad38c320dca15677bf77eded7dd6cab38abfd5c7765f6719e624a73e38b2cd0
    Size: 513.00 kB
  3. libtiff-tools-4.4.0-5.el9.x86_64.rpm
    MD5: f5794631fefe030e26bd64d3120dad2d
    SHA-256: 5849a03aae053c71d54d1d80a6a302835376764f1df7b5ea1341261c4280baf7
    Size: 235.08 kB
  4. libtiff-4.4.0-5.el9.i686.rpm
    MD5: e6e9f4e00d35b830e6cefafa653c5f04
    SHA-256: 80398f76f48fb8b94c6b4e4d35bbd8385a9871b0ac8d4c874c2029f80b728edd
    Size: 212.44 kB
  5. libtiff-devel-4.4.0-5.el9.i686.rpm
    MD5: 4591379d360c31daac59f322e63eadc5
    SHA-256: 4f20bc72c371ebc2093165b211e7370cc2d553af1be99889e367de57269f5867
    Size: 512.95 kB