There are 8 open security issues in bullseye.
8 issues left for the package maintainer to handle:
- CVE-2022-1210:
(needs triaging)
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.
- CVE-2022-1354:
(needs triaging)
- CVE-2022-1355:
(needs triaging)
- CVE-2022-1622:
(needs triaging)
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
- CVE-2022-1623:
(needs triaging)
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
- CVE-2022-2056:
(needs triaging)
- CVE-2022-2057:
(needs triaging)
- CVE-2022-2058:
(needs triaging)
You can find information about how to handle these issues in the security team's documentation.