libtiff-devel-32bit-4.5.0-3.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12730-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libtiff-devel-32bit-4.5.0-3.1 on GA media These are all security issues fixed in the libtiff-devel-32bit-4.5.0-3.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12730 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2023-0795/ SUSE CVE CVE-2023-0795 page https://www.suse.com/security/cve/CVE-2023-0796/ SUSE CVE CVE-2023-0796 page https://www.suse.com/security/cve/CVE-2023-0797/ SUSE CVE CVE-2023-0797 page https://www.suse.com/security/cve/CVE-2023-0798/ SUSE CVE CVE-2023-0798 page https://www.suse.com/security/cve/CVE-2023-0799/ SUSE CVE CVE-2023-0799 page https://www.suse.com/security/cve/CVE-2023-0800/ SUSE CVE CVE-2023-0800 page https://www.suse.com/security/cve/CVE-2023-0801/ SUSE CVE CVE-2023-0801 page https://www.suse.com/security/cve/CVE-2023-0802/ SUSE CVE CVE-2023-0802 page https://www.suse.com/security/cve/CVE-2023-0803/ SUSE CVE CVE-2023-0803 page https://www.suse.com/security/cve/CVE-2023-0804/ SUSE CVE CVE-2023-0804 page openSUSE Tumbleweed libtiff-devel-4.5.0-3.1 libtiff-devel-32bit-4.5.0-3.1 libtiff6-4.5.0-3.1 libtiff6-32bit-4.5.0-3.1 tiff-4.5.0-3.1 libtiff-devel-4.5.0-3.1 as a component of openSUSE Tumbleweed libtiff-devel-32bit-4.5.0-3.1 as a component of openSUSE Tumbleweed libtiff6-4.5.0-3.1 as a component of openSUSE Tumbleweed libtiff6-32bit-4.5.0-3.1 as a component of openSUSE Tumbleweed tiff-4.5.0-3.1 as a component of openSUSE Tumbleweed LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE-2023-0795 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0795.html CVE-2023-0795 https://bugzilla.suse.com/1208226 SUSE Bug 1208226 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE-2023-0796 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0796.html CVE-2023-0796 https://bugzilla.suse.com/1208227 SUSE Bug 1208227 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE-2023-0797 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0797.html CVE-2023-0797 https://bugzilla.suse.com/1208228 SUSE Bug 1208228 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE-2023-0798 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0798.html CVE-2023-0798 https://bugzilla.suse.com/1208229 SUSE Bug 1208229 LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE-2023-0799 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0799.html CVE-2023-0799 https://bugzilla.suse.com/1208230 SUSE Bug 1208230 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE-2023-0800 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0800.html CVE-2023-0800 https://bugzilla.suse.com/1208231 SUSE Bug 1208231 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE-2023-0801 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0801.html CVE-2023-0801 https://bugzilla.suse.com/1208232 SUSE Bug 1208232 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE-2023-0802 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0802.html CVE-2023-0802 https://bugzilla.suse.com/1208233 SUSE Bug 1208233 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE-2023-0803 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0803.html CVE-2023-0803 https://bugzilla.suse.com/1208234 SUSE Bug 1208234 LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. CVE-2023-0804 openSUSE Tumbleweed:libtiff-devel-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff-devel-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-32bit-4.5.0-3.1 openSUSE Tumbleweed:libtiff6-4.5.0-3.1 openSUSE Tumbleweed:tiff-4.5.0-3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0804.html CVE-2023-0804 https://bugzilla.suse.com/1208236 SUSE Bug 1208236