Source: tiff Version: 4.5.1-1 Severity: important Tags: security upstream Forwarded: https://gitlab.com/libtiff/libtiff/-/issues/529 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for tiff. CVE-2023-3618[0]: | A flaw was found in libtiff. A specially crafted tiff file can lead | to a segmentation fault due to a buffer overflow in the Fax3Encode | function in libtiff/tif_fax3.c, resulting in a denial of service. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-3618 https://www.cve.org/CVERecord?id=CVE-2023-3618 [1] https://gitlab.com/libtiff/libtiff/-/issues/529 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
