| Package | tiff |
|---|---|
| Version | 4.0.3-12.3+deb8u14 (jessie), 4.0.8-2+deb9u9 (stretch) |
| Related CVEs | CVE-2022-0865 CVE-2022-0891 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-1355 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-3570 CVE-2022-3597 CVE-2022-3598 CVE-2022-3599 CVE-2022-3626 CVE-2022-3627 CVE-2022-3970 CVE-2022-34526 CVE-2022-48281 |
Multiple vulnerabilities were found in tiff, a library and tools providing support for the Tag Image File Format (TIFF), leading to denial of service (DoS) and possibly local code execution.
For Debian 8 jessie, these problems have been fixed in version 4.0.3-12.3+deb8u14.
For Debian 9 stretch, these problems have been fixed in version 4.0.8-2+deb9u9.
We recommend that you upgrade your tiff packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.