Debian Bug report logs -
#1040945
tiff: CVE-2023-3618
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, Laszlo Boszormenyi (GCS) <gcs@debian.org>:
Bug#1040945; Package src:tiff.
(Wed, 12 Jul 2023 19:39:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, Laszlo Boszormenyi (GCS) <gcs@debian.org>.
(Wed, 12 Jul 2023 19:39:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: tiff
Version: 4.5.1-1
Severity: important
Tags: security upstream
Forwarded: https://gitlab.com/libtiff/libtiff/-/issues/529
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Hi,
The following vulnerability was published for tiff.
CVE-2023-3618[0]:
| A flaw was found in libtiff. A specially crafted tiff file can lead
| to a segmentation fault due to a buffer overflow in the Fax3Encode
| function in libtiff/tif_fax3.c, resulting in a denial of service.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-3618
https://www.cve.org/CVERecord?id=CVE-2023-3618
[1] https://gitlab.com/libtiff/libtiff/-/issues/529
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Information forwarded
to debian-bugs-dist@lists.debian.org, Laszlo Boszormenyi (GCS) <gcs@debian.org>:
Bug#1040945; Package src:tiff.
(Wed, 12 Jul 2023 20:15:02 GMT) (full text, mbox, link).
Acknowledgement sent
to László Böszörményi (GCS) <gcs@debian.org>:
Extra info received and forwarded to list. Copy sent to Laszlo Boszormenyi (GCS) <gcs@debian.org>.
(Wed, 12 Jul 2023 20:15:02 GMT) (full text, mbox, link).
Message #10 received at 1040945@bugs.debian.org (full text, mbox, reply):
Hi Salvatore,
On Wed, Jul 12, 2023 at 9:39 PM Salvatore Bonaccorso <carnil@debian.org> wrote:
> Source: tiff
> Version: 4.5.1-1
> CVE-2023-3618[0]:
> | A flaw was found in libtiff. A specially crafted tiff file can lead
> | to a segmentation fault due to a buffer overflow in the Fax3Encode
> | function in libtiff/tif_fax3.c, resulting in a denial of service.
[...]
> Please adjust the affected versions in the BTS as needed.
Done my quick testing. My experience is the following.
1) libtiff6 and libtiff-tools are both 4.5.1-1 (ie, Trixie): the tool
reports several warnings, exists with 1 (non-zero) but doesn't
segfault. Even tried with valgrind, still no segfault.
2) libtiff6 is 4.5.1-1 backported to Bookworm and libtiff-tools are
not, ie it's 4.5.0-6 : the tool reports the same warnings like above,
but this time it _does_ segfault.
3) If libtiff-tools also updated to 4.5.1-1 on Bookworm: it's like the
first case, several warnings, non-zero exit code without a segfault.
In short, it seems:
- it's a non-dsa as only a crash in a CLI tool (which has end of life now),
- doesn't affect the library,
- while 4.5.0-6 (and in fact, at least from 4.5.0-1) is vulnerable,
4.5.1-1 fixed this issue.
But you may find it otherwise, I do not alter this report in the BTS.
Regards,
Laszlo/GCS
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Thu Jul 13 11:58:15 2023;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon