Bug 12937

Summary: Libtiff Security fixed CVEs
Product: [ROSA-based products] ROSA Fresh Reporter: Svyatoslav Matveev <s.matveev>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: critical    
Priority: High CC: a.proklov, e.malashin, v.potapov
Version: AllFlags: v.potapov: qa_verified+
a.proklov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Svyatoslav Matveev 2022-11-30 16:10:43 MSK 
********** QA ADVISORY **********

fixed CVEs:
CVE-2020-19143
CVE-2020-35521
CVE-2020-35522
CVE-2020-35523
CVE-2020-35524
CVE-2022-0561
CVE-2022-0562
CVE-2022-0865
CVE-2022-0891
CVE-2022-0907
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
CVE-2022-1354
CVE-2022-1355
CVE-2022-2056_2057_2058
CVE-2022-22844
CVE-2022-2867_2868_2869
CVE-2022-34526
CVE-2022-3599

*** libtiff
https://abf.io/build_lists/4179594
https://abf.io/build_lists/4179595
https://abf.io/build_lists/4179593
https://abf.io/build_lists/4179598
https://abf.io/build_lists/4179597
Comment 1 e.malashin@rosalinux.ru 2022-12-01 15:20:40 MSK 
The update sent to testings
Comment 2 Vladimir Potapov 2022-12-07 16:39:50 MSK 
libtiff-4.1.0-3
https://abf.io/build_lists/4179594
https://abf.io/build_lists/4179595
https://abf.io/build_lists/4179593
https://abf.io/build_lists/4179598
https://abf.io/build_lists/4179597
************************** Advisory ***********************
fixed CVEs:
CVE-2020-19143
CVE-2020-35521
CVE-2020-35522
CVE-2020-35523
CVE-2020-35524
CVE-2022-0561
CVE-2022-0562
CVE-2022-0865
CVE-2022-0891
CVE-2022-0907
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
CVE-2022-1354
CVE-2022-1355
CVE-2022-2056_2057_2058
CVE-2022-22844
CVE-2022-2867_2868_2869
CVE-2022-34526
CVE-2022-3599
*************************************************************
QA Verified