Bug 31467 - libtiff new security issue CVE-2022-48281
Summary: libtiff new security issue CVE-2022-48281
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2023-01-28 12:48 CET by David Walser
Modified: 2023-02-07 01:08 CET (History)
5 users (show)

See Also:
Source RPM: libtiff-4.2.0-1.12.mga8.src.rpm
CVE: CVE-2022-48281
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2023-01-28 12:48:04 CET 
SUSE has issued an advisory on January 27:
https://lists.suse.com/pipermail/sle-security-updates/2023-January/013560.html

Mageia 8 is also affected.
David Walser 2023-01-28 12:48:23 CET

Whiteboard: (none) => MGA8TOO

Comment 1 Nicolas Salguero 2023-01-30 09:13:02 CET 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. (CVE-2022-48281)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
https://lists.suse.com/pipermail/sle-security-updates/2023-January/013560.html
========================

Updated packages in core/updates_testing:
========================
lib(64)tiff5-4.2.0-1.13.mga8
lib(64)tiff-devel-4.2.0-1.13.mga8
lib(64)tiff-static-devel-4.2.0-1.13.mga8
libtiff-progs-4.2.0-1.13.mga8

from SRPM:
libtiff-4.2.0-1.13.mga8.src.rpm

Version: Cauldron => 8
CVE: (none) => CVE-2022-48281
CC: (none) => nicolas.salguero
Assignee: nicolas.salguero => qa-bugs
Source RPM: libtiff-4.5.0-3.mga9.src.rpm => libtiff-4.2.0-1.12.mga8.src.rpm
Status: NEW => ASSIGNED
Whiteboard: MGA8TOO => (none)

Comment 2 Herman Viaene 2023-01-31 15:34:45 CET 
MGA8-64 MATE on Acer Aspire 5253
No installation issues
Followed wiki with the remark as in previous updates that the bmp2tiff command does not exist anymore
$ tiff2pdf 1973-024.tif > 1973.pdf
Generated pdf displays the picture OK.

$ tiffinfo 1973-024.tif
TIFF Directory at offset 0x2e9da08 (48880136)
  Subfile Type: (0 = 0x0)
  Image Width: 2904 Image Length: 4208
  Resolution: 3200, 3200 pixels/inch
  Bits/Sample: 8
  Compression Scheme: None
  Photometric Interpretation: RGB color
  Extra Samples: 1<assoc-alpha>
  Orientation: row 0 top, col 0 lhs
  Samples/Pixel: 4
  Rows/Strip: 64
  Planar Configuration: single image plane
  DocumentName: /home/herman/HV/fotos/kleurnegatieven/1973/1973-024.tif
  ImageDescription: Created with GIMP

$ gimp 1973-024.tif 
Warning: Unknown input_id: -1 for input: surfacemap_x
warning repeated some 10 times
bps: 8
Image dimensions: 2904 x 4208.
load_contiguous
bytes_per_pixel: 4, format: 4
Pïcture displays OK in gimp.
OK for me.

Whiteboard: (none) => MGA8-64-OK
CC: (none) => herman.viaene

Comment 3 Thomas Andrews 2023-01-31 16:53:27 CET 
Validating. Advisory in Comment 1.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2023-02-06 22:45:00 CET

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 4 Mageia Robot 2023-02-07 01:08:55 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0038.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.