-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4536-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 17, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : tiff Version : 4.2.0-1+deb11u8 CVE ID : CVE-2026-4775 Quang Luong discovered a heap overflow in the libtiff library, which may result in denial of service or the execution of arbitrary code if malformed image files are processed. For Debian 11 bullseye, this problem has been fixed in version 4.2.0-1+deb11u8. We recommend that you upgrade your tiff packages. For the detailed security status of tiff please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tiff Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmniTAoACgkQnUbEiOQ2 gwKt7Q//QQExx+K3+TQ+ebFw+4ucauw3Wt7a/XNPdS8E5HoJjRLHp+ZdS4m9XivU arJVJbeStolQgg2G3sUUlrXEDMiDLWN0VW9NejPbpGd4I7BaN01DyarFTC1nUx14 kj1F5yaCPo43MREEtOXulVC56yIbiseWeEpNS5Hk2sYUMMDShMVWTD1DWmV8fCll bGfqu14sdbL+pt/9jYRlyI5KLlJmjjXsxbhyqtXs/w4Csu7xnD5mFu6+zzvtGTHy l5l5l8kG0xezceo1i4utyPi0EvdZU9XM62NBrM7dZB7zKVj+sgqpEVNhLjB6J5Ic AiQiAIBp4/Jn5DcLLfVLgf0pN6ersZRHlckZ7tGht0DMyNz2bq1o0kXfdahFO6/o 51voFIJen8UeZw/vFqNNqMnOuJkOuZJViaqrc7di9UIbNpPdKvl2i3FUJb9uFJ/8 M5LN+xgnz6F0w89yV0zaTgnl/MAE0gwQEb+3iDO1/GuD7VjzIvnqDqUui9DkpS3P 1OGxmgNXiploaDmBbPMQCjXo+y3RmMdIZpBrTkyOjooadVb2P+3Ls6ywW7DqE4h+ 9LpzaIRzxidUc6pv2CrfkegXeY8vtythu98nM59fSpJr+fuBBUez7y9INEmAP3Xj OBjv52GwTLTcGkuIBE0GqOMwQUM1eZS5vFfBj3qdHqHUG8xdhww= =gPv3 -----END PGP SIGNATURE-----
