Packages patched for CVE-2020-35522, CVE-2022-0561, CVE-2022-0562, CVE-2022-0865 and CVE-2022-0891 are available for Bionic, Focal and Impish at https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa. (Impish is not affected by CVE-2020-35522.)
Please patch the other CVEs and release a patched version for Jammy. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-35522 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1971001 Title: Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal, Impish and Jammy Status in tiff package in Ubuntu: In Progress Bug description: The versions in Trusty, Xenial, Bionic, Focal and Impish may be vulnerable to all CVEs below. The version in Jammy is vulnerable to CVE-2022-0865. Debian released an advisory on March 24. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/1971001/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
