Ubuntu CVE Tracker

Merge ~bruce-cable/ubuntu-cve-tracker:CVE-2023-3164 into ubuntu-cve-tracker:master

  1. Git
  2. lp:~bruce-cable/ubuntu-cve-tracker
  3. CVE-2023-3164
  4. Merge into master
Proposed by Bruce Cable
Status: Merged
Merged at revision: 8d81e20164a667e04cecd39c79d3deb549e1ad13
Proposed branch: ~bruce-cable/ubuntu-cve-tracker:CVE-2023-3164
Merge into: ubuntu-cve-tracker:master
Diff against target: 38 lines (+9/-7)
1 file modified
active/CVE-2023-3164 (+9/-7)
Reviewer Review Type Date Requested Status
Evan Caville Approve
Review via email: mp+467249@code.launchpad.net

Commit message

Retires CVE-2023-3164

To post a comment you must log in.
Revision history for this message
Evan Caville (evancaville) :
review: Approve
Revision history for this message
Evan Caville (evancaville) wrote :

just needs to stay in active until devel is patched too

review: Needs Fixing
Revision history for this message
Evan Caville (evancaville) wrote :

LGTM now!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/active/CVE-2023-3164 b/active/CVE-2023-3164
2index e088869..b291f86 100644
3--- a/active/CVE-2023-3164
4+++ b/active/CVE-2023-3164
5@@ -1,8 +1,10 @@
6+PublicDateAtUSN: 2023-11-02 12:15:00 UTC
7 Candidate: CVE-2023-3164
8 PublicDate: 2023-11-02 12:15:00 UTC
9 References:
10 https://www.cve.org/CVERecord?id=CVE-2023-3164
11 https://gitlab.com/libtiff/libtiff/-/merge_requests/595
12+ https://ubuntu.com/security/notices/USN-6827-1
13 Description:
14 A heap-buffer-overflow vulnerability was found in LibTIFF, in
15 extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801.
16@@ -29,15 +31,15 @@ Patches_tiff:
17 upstream: https://gitlab.com/libtiff/libtiff/-/commit/f7a8d3b61846da2fa59fee78afb4639385378c76
18 upstream_tiff: needs-triage
19 trusty_tiff: ignored (end of standard support)
20-trusty/esm_tiff: needed
21+trusty/esm_tiff: released (4.0.3-7ubuntu0.11+esm13)
22 xenial_tiff: ignored (end of standard support)
23-esm-infra/xenial_tiff: needed
24+esm-infra/xenial_tiff: released (4.0.6-1ubuntu0.8+esm16)
25 bionic_tiff: ignored (end of standard support)
26-esm-infra/bionic_tiff: needed
27-focal_tiff: needed
28-jammy_tiff: needed
29+esm-infra/bionic_tiff: released (4.0.9-5ubuntu0.10+esm6)
30+focal_tiff: released (4.1.0+git191117-2ubuntu0.20.04.13)
31+jammy_tiff: released (4.3.0-6ubuntu0.9)
32 kinetic_tiff: ignored (end of life, was needs-triage)
33 lunar_tiff: ignored (end of life, was deferred)
34-mantic_tiff: needed
35-noble_tiff: needed
36+mantic_tiff: released (4.5.1+git230720-1ubuntu1.2)
37+noble_tiff: released (4.5.1+git230720-4ubuntu2.1)
38 devel_tiff: deferred

Subscribers

People subscribed via source and target branches