** Changed in: tiff (Ubuntu)
Status: New => Fix Committed
** Information type changed from Public to Public Security
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2731
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tiff in Ubuntu.
https://bugs.launchpad.net/bugs/2020707
Title:
Merge tiff 4.5.0-6 (main) from Debian unstable (main)
Status in tiff package in Ubuntu:
Fix Committed
Bug description:
Please merge tiff 4.5.0-6 (main) from Debian unstable (main)
Changelog entries since current mantic version 4.5.0-5ubuntu1:
tiff (4.5.0-6) unstable; urgency=high
* Backport security fix for CVE-2023-2731, NULL pointer dereference flaw in
LZWDecode() (closes: #1036282).
-- Laszlo Boszormenyi (GCS) <g...@debian.org> Thu, 18 May 2023
18:20:39 +0200
Remaining changes:
- Don't build with LERC on i386 because it requires numpy
(Closes: #1017958)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/2020707/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
