-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: libtiff security update
Advisory ID:       RHSA-2023:3711-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3711
Issue date:        2023-06-21
CVE Names:         CVE-2022-48281 CVE-2023-0795 CVE-2023-0796 
                   CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 
                   CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 
                   CVE-2023-0803 CVE-2023-0804 
====================================================================
1. Summary:

An update for libtiff is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.

Security Fix(es):

* libtiff: heap-based buffer overflow in processCropSelections() in
tools/tiffcrop.c (CVE-2022-48281)

* libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in
tools/tiffcrop.c (CVE-2023-0795)

* libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in
tools/tiffcrop.c (CVE-2023-0796)

* libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when
called by functions in tools/tiffcrop.c (CVE-2023-0797)

* libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in
tools/tiffcrop.c (CVE-2023-0798)

* libtiff: use-after-free in extractContigSamplesShifted32bits() in
tools/tiffcrop.c (CVE-2023-0799)

* libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in
tools/tiffcrop.c (CVE-2023-0800)

* libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when
called by functions in tools/tiffcrop.c (CVE-2023-0801)

* libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in
tools/tiffcrop.c (CVE-2023-0802)

* libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in
tools/tiffcrop.c (CVE-2023-0803)

* libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in
tools/tiffcrop.c (CVE-2023-0804)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running applications linked against libtiff must be restarted for this
update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2163606 - CVE-2022-48281 libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c
2170119 - CVE-2023-0795 libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c
2170146 - CVE-2023-0796 libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c
2170151 - CVE-2023-0797 libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c
2170157 - CVE-2023-0798 libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c
2170162 - CVE-2023-0799 libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c
2170167 - CVE-2023-0800 libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c
2170172 - CVE-2023-0801 libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c
2170178 - CVE-2023-0802 libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c
2170187 - CVE-2023-0803 libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c
2170192 - CVE-2023-0804 libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:
libtiff-4.4.0-8.el9_2.src.rpm

aarch64:
libtiff-4.4.0-8.el9_2.aarch64.rpm
libtiff-debuginfo-4.4.0-8.el9_2.aarch64.rpm
libtiff-debugsource-4.4.0-8.el9_2.aarch64.rpm
libtiff-devel-4.4.0-8.el9_2.aarch64.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.aarch64.rpm

ppc64le:
libtiff-4.4.0-8.el9_2.ppc64le.rpm
libtiff-debuginfo-4.4.0-8.el9_2.ppc64le.rpm
libtiff-debugsource-4.4.0-8.el9_2.ppc64le.rpm
libtiff-devel-4.4.0-8.el9_2.ppc64le.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.ppc64le.rpm

s390x:
libtiff-4.4.0-8.el9_2.s390x.rpm
libtiff-debuginfo-4.4.0-8.el9_2.s390x.rpm
libtiff-debugsource-4.4.0-8.el9_2.s390x.rpm
libtiff-devel-4.4.0-8.el9_2.s390x.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.s390x.rpm

x86_64:
libtiff-4.4.0-8.el9_2.i686.rpm
libtiff-4.4.0-8.el9_2.x86_64.rpm
libtiff-debuginfo-4.4.0-8.el9_2.i686.rpm
libtiff-debuginfo-4.4.0-8.el9_2.x86_64.rpm
libtiff-debugsource-4.4.0-8.el9_2.i686.rpm
libtiff-debugsource-4.4.0-8.el9_2.x86_64.rpm
libtiff-devel-4.4.0-8.el9_2.i686.rpm
libtiff-devel-4.4.0-8.el9_2.x86_64.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.i686.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 9):

aarch64:
libtiff-debuginfo-4.4.0-8.el9_2.aarch64.rpm
libtiff-debugsource-4.4.0-8.el9_2.aarch64.rpm
libtiff-tools-4.4.0-8.el9_2.aarch64.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.aarch64.rpm

ppc64le:
libtiff-debuginfo-4.4.0-8.el9_2.ppc64le.rpm
libtiff-debugsource-4.4.0-8.el9_2.ppc64le.rpm
libtiff-tools-4.4.0-8.el9_2.ppc64le.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.ppc64le.rpm

s390x:
libtiff-debuginfo-4.4.0-8.el9_2.s390x.rpm
libtiff-debugsource-4.4.0-8.el9_2.s390x.rpm
libtiff-tools-4.4.0-8.el9_2.s390x.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.s390x.rpm

x86_64:
libtiff-debuginfo-4.4.0-8.el9_2.x86_64.rpm
libtiff-debugsource-4.4.0-8.el9_2.x86_64.rpm
libtiff-tools-4.4.0-8.el9_2.x86_64.rpm
libtiff-tools-debuginfo-4.4.0-8.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-48281
https://access.redhat.com/security/cve/CVE-2023-0795
https://access.redhat.com/security/cve/CVE-2023-0796
https://access.redhat.com/security/cve/CVE-2023-0797
https://access.redhat.com/security/cve/CVE-2023-0798
https://access.redhat.com/security/cve/CVE-2023-0799
https://access.redhat.com/security/cve/CVE-2023-0800
https://access.redhat.com/security/cve/CVE-2023-0801
https://access.redhat.com/security/cve/CVE-2023-0802
https://access.redhat.com/security/cve/CVE-2023-0803
https://access.redhat.com/security/cve/CVE-2023-0804
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBZJNw3tzjgjWX9erEAQj0oxAAhzSddta1naIRPjnMycqfY1HI+YaJYdAy
CpH+rSz6Ff+QjgqByMU8t9QaoYmjRsatR7DhIU5CKt0+8bGUFTBQdTqDUJnYL4F9
w2YMdm5Xl9rh9QrxUB3G2P8BnJyOIvKTiRBRYfpw9XpV0iDq+g3cjkF+YuCRyqeU
e0ShOUOYJx7J0xB3WPFFIj76QlmvS58143VC4I6M8NMjUsBpqcTecIzd3iDMOXNO
c/tYqcfZuP/8pSPM4aqx/hYinNH8YD5LJ6cyZo43Wj+foXWJASzRbBTJEzJQyVlZ
vQ/b+uFapC/ueXkI+zPh+53kfZc3zHUCQGMqroHvX3r/f0UaBAa+Un3ehKQMuK40
3iH81CnAIfp2aBQGewI0SOoxFbHeYdhH2bVQn6PSsZZ8IjQz/uEBj00SluEoauVP
WAESoq/dhgT81mxJdU+5tChWzV2gZdOqPSCVo9fYFyR5B0lcmuaDlGgmX+ppCrXn
Kq2CQS6A7t55T9D8dV2R/PzG22b5va461+o5glGkmCCHwn8E5At0Rzp3k2W22YoA
Pq0dQq6TUE0RHXI2zCkE7BKs4OepPTnGH0EiuJRGPdhDOq9qQjfe78/MQyN389sz
GjmnSbMuXMH6XIVhC8+lH9EWNTHLf04SSi5wgIyPuB8k0hD+CowzyH7A95Y4Ndl8
1bWeHjx+RSM=n7mF
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2023-3711:01 Moderate: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 9

Summary

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.
Security Fix(es):
* libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c (CVE-2022-48281)
* libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0795)
* libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0796)
* libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0797)
* libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c (CVE-2023-0798)
* libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0799)
* libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0800)
* libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c (CVE-2023-0801)
* libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c (CVE-2023-0802)
* libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c (CVE-2023-0803)
* libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c (CVE-2023-0804)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Summary

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running applications linked against libtiff must be restarted for this update to take effect.

References

https://access.redhat.com/security/cve/CVE-2022-48281 https://access.redhat.com/security/cve/CVE-2023-0795 https://access.redhat.com/security/cve/CVE-2023-0796 https://access.redhat.com/security/cve/CVE-2023-0797 https://access.redhat.com/security/cve/CVE-2023-0798 https://access.redhat.com/security/cve/CVE-2023-0799 https://access.redhat.com/security/cve/CVE-2023-0800 https://access.redhat.com/security/cve/CVE-2023-0801 https://access.redhat.com/security/cve/CVE-2023-0802 https://access.redhat.com/security/cve/CVE-2023-0803 https://access.redhat.com/security/cve/CVE-2023-0804 https://access.redhat.com/security/updates/classification/#moderate

Package List

Red Hat Enterprise Linux AppStream (v. 9):
Source: libtiff-4.4.0-8.el9_2.src.rpm
aarch64: libtiff-4.4.0-8.el9_2.aarch64.rpm libtiff-debuginfo-4.4.0-8.el9_2.aarch64.rpm libtiff-debugsource-4.4.0-8.el9_2.aarch64.rpm libtiff-devel-4.4.0-8.el9_2.aarch64.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.aarch64.rpm
ppc64le: libtiff-4.4.0-8.el9_2.ppc64le.rpm libtiff-debuginfo-4.4.0-8.el9_2.ppc64le.rpm libtiff-debugsource-4.4.0-8.el9_2.ppc64le.rpm libtiff-devel-4.4.0-8.el9_2.ppc64le.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.ppc64le.rpm
s390x: libtiff-4.4.0-8.el9_2.s390x.rpm libtiff-debuginfo-4.4.0-8.el9_2.s390x.rpm libtiff-debugsource-4.4.0-8.el9_2.s390x.rpm libtiff-devel-4.4.0-8.el9_2.s390x.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.s390x.rpm
x86_64: libtiff-4.4.0-8.el9_2.i686.rpm libtiff-4.4.0-8.el9_2.x86_64.rpm libtiff-debuginfo-4.4.0-8.el9_2.i686.rpm libtiff-debuginfo-4.4.0-8.el9_2.x86_64.rpm libtiff-debugsource-4.4.0-8.el9_2.i686.rpm libtiff-debugsource-4.4.0-8.el9_2.x86_64.rpm libtiff-devel-4.4.0-8.el9_2.i686.rpm libtiff-devel-4.4.0-8.el9_2.x86_64.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.i686.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.x86_64.rpm
Red Hat Enterprise Linux CRB (v. 9):
aarch64: libtiff-debuginfo-4.4.0-8.el9_2.aarch64.rpm libtiff-debugsource-4.4.0-8.el9_2.aarch64.rpm libtiff-tools-4.4.0-8.el9_2.aarch64.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.aarch64.rpm
ppc64le: libtiff-debuginfo-4.4.0-8.el9_2.ppc64le.rpm libtiff-debugsource-4.4.0-8.el9_2.ppc64le.rpm libtiff-tools-4.4.0-8.el9_2.ppc64le.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.ppc64le.rpm
s390x: libtiff-debuginfo-4.4.0-8.el9_2.s390x.rpm libtiff-debugsource-4.4.0-8.el9_2.s390x.rpm libtiff-tools-4.4.0-8.el9_2.s390x.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.s390x.rpm
x86_64: libtiff-debuginfo-4.4.0-8.el9_2.x86_64.rpm libtiff-debugsource-4.4.0-8.el9_2.x86_64.rpm libtiff-tools-4.4.0-8.el9_2.x86_64.rpm libtiff-tools-debuginfo-4.4.0-8.el9_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity

Advisory ID: RHSA-2023:3711-01

Product: Red Hat Enterprise Linux

Advisory URL: https://access.redhat.com/errata/RHSA-2023:3711

Issued Date: : 2023-06-21

CVE Names: CVE-2022-48281 CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804

Topic

An update for libtiff is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64

Bugs Fixed

2163606 - CVE-2022-48281 libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c

2170119 - CVE-2023-0795 libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c

2170146 - CVE-2023-0796 libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c

2170151 - CVE-2023-0797 libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c

2170157 - CVE-2023-0798 libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c

2170162 - CVE-2023-0799 libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c

2170167 - CVE-2023-0800 libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c

2170172 - CVE-2023-0801 libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c

2170178 - CVE-2023-0802 libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c

2170187 - CVE-2023-0803 libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c

2170192 - CVE-2023-0804 libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c

Get the Latest News & Insights

RedHat: RHSA-2023-3711:01 Moderate: libtiff security update

Summary

Summary

Solution

References

Package List

Topic

Topic

Relevant Releases Architectures

Bugs Fixed

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By