RedHat has issued an advisory today (May 9): https://access.redhat.com/errata/RHSA-2023:2340 Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOO
Hi, Those CVEs were fixed in version 4.5.0rc1 so Cauldron is not affected. Best regards, Nico.
Version: Cauldron => 8CC: (none) => nicolas.salgueroWhiteboard: MGA8TOO => (none)Source RPM: libtiff-4.5.0-5.mga9.src.rpm => libtiff-4.2.0-1.15.mga8.src.rpm
Hi, After checking, I found that: - CVE-2023-30774 was already fixed by the patch for CVE-2022-3599 (bug 31091). - CVE-2023-30775 was already fixed by the patch for CVE-2022-3570 and CVE-2022-3598 (bug 30999). Best regards, Nico.
Status: NEW => RESOLVEDResolution: (none) => FIXED
Thanks, marking as a duplicate of the later bug. *** This bug has been marked as a duplicate of bug 31091 ***
Resolution: FIXED => DUPLICATE