Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 103 articles for you...
100

SUSE Linux Micro 6.0 Update: CVE-2024-7006 Moderate tiff Fix

* bsc#1228924 Cross-References: * CVE-2024-7006 . # Security update for tiff Announcement ID: SUSE-SU-2025:20068-1 Release Date: 2025-02-03T09:01:28Z Rating: moderate References: * bsc#1228924 Cross-References: * CVE-2024-7006 CVSS scores: * CVE-2024-7006 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2024-7006: Fix pointer deref in tif_dirinfo.c [bsc#1228924] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-89=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libtiff6-4.6.0-4.1 * libtiff6-debuginfo-4.6.0-4.1 * tiff-debugsource-4.6.0-4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7006.html * https://bugzilla.suse.com/show_bug.cgi?id=1228924 . SUSE Security Patch for libjpeg tackles CVE-2024-7007 to improve performance and resolve security flaws in the environment.. SUSE Linux Micro, tiff security, CVE-2024-7006, security update. . LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 SuSE
100

SUSE Linux Micro: 2025:20068-1 moderate: tiff pointer dereference

* bsc#1228924 Cross-References: * CVE-2024-7006 . # Security update for tiff Announcement ID: SUSE-SU-2025:20068-1 Release Date: 2025-02-03T09:01:28Z Rating: moderate References: * bsc#1228924 Cross-References: * CVE-2024-7006 CVSS scores: * CVE-2024-7006 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2024-7006: Fix pointer deref in tif_dirinfo.c [bsc#1228924] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-89=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libtiff6-debuginfo-4.6.0-4.1 * libtiff6-4.6.0-4.1 * tiff-debugsource-4.6.0-4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7006.html * https://bugzilla.suse.com/show_bug.cgi?id=1228924 . SUSE issues an update for tiff targeting CVE-2024-7006 to resolve a pointer handling vulnerability.. SUSE Security Patch, tiff Update, pointer Security Issue. . LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 SuSE
100

SUSE: 2025:0753-1 Moderate TIFF Heap Overflow, DoS Risk Mitigated

* bsc#1212607 * bsc#1219213 * bsc#1236834 Cross-References: . # Security update for tiff Announcement ID: SUSE-SU-2025:0753-1 Release Date: 2025-02-28T16:30:46Z Rating: moderate References: * bsc#1212607 * bsc#1219213 * bsc#1236834 Cross-References: * CVE-2023-25435 * CVE-2023-52356 CVSS scores: * CVE-2023-25435 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2023-25435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-25435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52356 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c (bsc#1212607). * CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service (bsc#1219213). Other bugfixes: * Fixed tiff build issue on s390x as test 12 test_directory fails (bsc#1236834). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-753=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-753=1 openSUSE-SLE-15.6-2025-753=1 * Basesystem Module 15-SP6 zypperin -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-753=1 ## Package List: * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.7.0-150600.3.8.1 * tiff-4.7.0-150600.3.8.1 * tiff-debuginfo-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * tiff-4.7.0-150600.3.8.1 * tiff-debuginfo-4.7.0-150600.3.8.1 * libtiff6-4.7.0-150600.3.8.1 * libtiff6-debuginfo-4.7.0-150600.3.8.1 * libtiff-devel-4.7.0-150600.3.8.1 * tiff-debugsource-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (noarch) * tiff-docs-4.7.0-150600.3.8.1 * libtiff-devel-docs-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (x86_64) * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1 * libtiff-devel-32bit-4.7.0-150600.3.8.1 * libtiff6-32bit-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libtiff6-64bit-debuginfo-4.7.0-150600.3.8.1 * libtiff6-64bit-4.7.0-150600.3.8.1 * libtiff-devel-64bit-4.7.0-150600.3.8.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.7.0-150600.3.8.1 * libtiff6-4.7.0-150600.3.8.1 * libtiff6-debuginfo-4.7.0-150600.3.8.1 * libtiff-devel-4.7.0-150600.3.8.1 * tiff-debugsource-4.7.0-150600.3.8.1 * Basesystem Module 15-SP6 (x86_64) * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1 * libtiff6-32bit-4.7.0-150600.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-25435.html * https://www.suse.com/security/cve/CVE-2023-52356.html * https://bugzilla.suse.com/show_bug.cgi?id=1212607 * https://bugzilla.suse.com/show_bug.cgi?id=1219213 * https://bugzilla.suse.com/show_bug.cgi?id=1236834 . SUSE's security notice details updates for libjpeg, fixing buffer overflow vulnerabilities and reducing potential Denial-of-Service risks, enhancing system security. tiff security advisory,SUSE update,buffer overflow,DoS threats,security fixes. . LinuxSecurity.com Team

Calendar%202 Feb 28, 2025 SuSE
202

openSUSE: 2025:0753-1 Moderate: tiff Heap Overflow DoS Advisory

An update that solves two vulnerabilities and has one security fix can now be installed.. # Security update for tiff Announcement ID: SUSE-SU-2025:0753-1 Release Date: 2025-02-28T16:30:46Z Rating: moderate References: * bsc#1212607 * bsc#1219213 * bsc#1236834 Cross-References: * CVE-2023-25435 * CVE-2023-52356 CVSS scores: * CVE-2023-25435 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2023-25435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-25435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52356 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c (bsc#1212607). * CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service (bsc#1219213). Other bugfixes: * Fixed tiff build issue on s390x as test 12 test_directory fails (bsc#1236834). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-753=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-753=1 openSUSE-SLE-15.6-2025-753=1 *Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-753=1 ## Package List: * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.7.0-150600.3.8.1 * tiff-4.7.0-150600.3.8.1 * tiff-debuginfo-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * tiff-4.7.0-150600.3.8.1 * tiff-debuginfo-4.7.0-150600.3.8.1 * libtiff6-4.7.0-150600.3.8.1 * libtiff6-debuginfo-4.7.0-150600.3.8.1 * libtiff-devel-4.7.0-150600.3.8.1 * tiff-debugsource-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (noarch) * tiff-docs-4.7.0-150600.3.8.1 * libtiff-devel-docs-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (x86_64) * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1 * libtiff-devel-32bit-4.7.0-150600.3.8.1 * libtiff6-32bit-4.7.0-150600.3.8.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libtiff6-64bit-debuginfo-4.7.0-150600.3.8.1 * libtiff6-64bit-4.7.0-150600.3.8.1 * libtiff-devel-64bit-4.7.0-150600.3.8.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.7.0-150600.3.8.1 * libtiff6-4.7.0-150600.3.8.1 * libtiff6-debuginfo-4.7.0-150600.3.8.1 * libtiff-devel-4.7.0-150600.3.8.1 * tiff-debugsource-4.7.0-150600.3.8.1 * Basesystem Module 15-SP6 (x86_64) * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1 * libtiff6-32bit-4.7.0-150600.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-25435.html * https://www.suse.com/security/cve/CVE-2023-52356.html * https://bugzilla.suse.com/show_bug.cgi?id=1212607 * https://bugzilla.suse.com/show_bug.cgi?id=1219213 * https://bugzilla.suse.com/show_bug.cgi?id=1236834 . The recent update for TIFF addresses critical security vulnerabilities, notably a moderate severity heap overflow and potential denial of service risks.. tiff Security, openSUSE Update, SUSE Advisory. . LinuxSecurity.com Team

Calendar%202 Feb 28, 2025 OpenSUSE
197

Debian 11: DLA-4026-1 Critical tiff Buffer Overflow & Dereference Issues

Multiple vulnerabilities were fixed in tiff, a library and tools providing support for the Tag Image File Format (TIFF). . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4026-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk January 20, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : tiff Version : 4.2.0-1+deb11u6 CVE ID : CVE-2023-2908 CVE-2023-3316 CVE-2023-3618 CVE-2023-25433 CVE-2023-26965 CVE-2023-26966 CVE-2023-52356 CVE-2024-7006 Debian Bug : Multiple vulnerabilities were fixed in tiff, a library and tools providing support for the Tag Image File Format (TIFF). CVE-2023-2908 NULL pointer dereference in tif_dir.c CVE-2023-3316 NULL pointer dereference in TIFFClose() CVE-2023-3618 Buffer overflow in tiffcrop CVE-2023-25433 Buffer overflow in tiffcrop CVE-2023-26965 Use after free in tiffcrop CVE-2023-26966 Buffer overflow in uv_encode() CVE-2023-52356 segfault in TIFFReadRGBAStrip()/TIFFReadRGBATile() CVE-2024-7006 NULL pointer dereference in TIFFReadDirectory()/TIFFReadCustomDirectory() For Debian 11 bullseye, these problems have been fixed in version 4.2.0-1+deb11u6. We recommend that you upgrade your tiff packages. For the detailed security status of tiff please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/tiff Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Several vulnerabilities addressed in the tiff utility; users of Debian LTS are advised to upgrade for improved security measures.. Debian LTS, tiff library, security updates, image file format, threat resolution. . Severity: Critical.LinuxSecurity.com Team

Calendar%202 Jan 20, 2025 Critical Debian LTS
100

SUSE: 2024:3115-1 Moderate: TIFF Null Pointer Dereference

* bsc#1228924 Cross-References: * CVE-2024-7006 . # Security update for tiff Announcement ID: SUSE-SU-2024:3115-1 Rating: moderate References: * bsc#1228924 Cross-References: * CVE-2024-7006 CVSS scores: * CVE-2024-7006 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2024-7006: Fixed null pointer dereference in tif_dirinfo.c (bsc#1228924) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3115=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3115=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patchSUSE-SLE-Micro-5.3-2024-3115=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3115=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3115=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3115=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3115=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3115=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3115=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3115=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3115=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3115=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * openSUSE Leap 15.5 (x86_64) * libtiff-devel-32bit-4.0.9-150000.45.47.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.47.1 * libtiff5-32bit-4.0.9-150000.45.47.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * tiff-debuginfo-4.0.9-150000.45.47.1 * libtiff-devel-4.0.9-150000.45.47.1 * tiff-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 *libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * tiff-debuginfo-4.0.9-150000.45.47.1 * libtiff-devel-4.0.9-150000.45.47.1 * Basesystem Module 15-SP5 (x86_64) * libtiff5-32bit-debuginfo-4.0.9-150000.45.47.1 * libtiff5-32bit-4.0.9-150000.45.47.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * Basesystem Module 15-SP6 (x86_64) * libtiff5-32bit-debuginfo-4.0.9-150000.45.47.1 * libtiff5-32bit-4.0.9-150000.45.47.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * tiff-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) *tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7006.html * https://bugzilla.suse.com/show_bug.cgi?id=1228924 . SUSE has released a balanced update for tiff concerning CVE-2024-7006, complete with guidelines for installation and applying patches.. TIFF Security Update, SUSE Fix, Software Patch, Linux Security Advisory. . LinuxSecurity.com Team

Calendar%202 Sep 03, 2024 SuSE
100

SUSE: 2024:3117-1 Moderate: Fix for Null Pointer Issue in tiff Library

* bsc#1228924 Cross-References: * CVE-2024-7006 . # Security update for tiff Announcement ID: SUSE-SU-2024:3117-1 Rating: moderate References: * bsc#1228924 Cross-References: * CVE-2024-7006 CVSS scores: * CVE-2024-7006 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2024-7006: Fixed null pointer dereference in tif_dirinfo.c (bsc#1228924) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3117=1 openSUSE-SLE-15.6-2024-3117=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3117=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3117=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * libtiff-devel-32bit-4.6.0-150600.3.3.1 * libtiff6-32bit-4.6.0-150600.3.3.1 * libtiff6-32bit-debuginfo-4.6.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libtiff-devel-4.6.0-150600.3.3.1 * libtiff6-4.6.0-150600.3.3.1 * tiff-4.6.0-150600.3.3.1 * tiff-debuginfo-4.6.0-150600.3.3.1 * libtiff6-debuginfo-4.6.0-150600.3.3.1 * tiff-debugsource-4.6.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) *libtiff-devel-64bit-4.6.0-150600.3.3.1 * libtiff6-64bit-4.6.0-150600.3.3.1 * libtiff6-64bit-debuginfo-4.6.0-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libtiff-devel-4.6.0-150600.3.3.1 * libtiff6-4.6.0-150600.3.3.1 * tiff-debuginfo-4.6.0-150600.3.3.1 * libtiff6-debuginfo-4.6.0-150600.3.3.1 * tiff-debugsource-4.6.0-150600.3.3.1 * Basesystem Module 15-SP6 (x86_64) * libtiff6-32bit-4.6.0-150600.3.3.1 * libtiff6-32bit-debuginfo-4.6.0-150600.3.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.6.0-150600.3.3.1 * tiff-4.6.0-150600.3.3.1 * tiff-debuginfo-4.6.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7006.html * https://bugzilla.suse.com/show_bug.cgi?id=1228924 . SUSE 2024:3117-1 advisory for tiff addresses null pointer issues. Install patches promptly for system security.. tiff security, SUSE updates, patch advice, null pointer fix. . LinuxSecurity.com Team

Calendar%202 Sep 03, 2024 SuSE
100

SUSE: 2024:2979-1 Moderate: Fix for TIFF Null Pointer Issue

* bsc#1228924 Cross-References: * CVE-2024-7006 . # Security update for tiff Announcement ID: SUSE-SU-2024:2979-1 Rating: moderate References: * bsc#1228924 Cross-References: * CVE-2024-7006 CVSS scores: * CVE-2024-7006 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2024-7006: Fixed null pointer dereference in tif_dirinfo.c (bsc#1228924) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2979=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2979=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2979=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2979=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libtiff-devel-4.0.9-44.86.1 * tiff-debugsource-4.0.9-44.86.1 * tiff-debuginfo-4.0.9-44.86.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libtiff5-4.0.9-44.86.1 * libtiff5-debuginfo-4.0.9-44.86.1 * tiff-debugsource-4.0.9-44.86.1 * tiff-debuginfo-4.0.9-44.86.1 * tiff-4.0.9-44.86.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libtiff5-debuginfo-32bit-4.0.9-44.86.1 * libtiff5-32bit-4.0.9-44.86.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libtiff5-4.0.9-44.86.1 * libtiff5-debuginfo-4.0.9-44.86.1 * tiff-debugsource-4.0.9-44.86.1 * tiff-debuginfo-4.0.9-44.86.1 * tiff-4.0.9-44.86.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libtiff5-debuginfo-32bit-4.0.9-44.86.1 * libtiff5-32bit-4.0.9-44.86.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libtiff5-4.0.9-44.86.1 * libtiff5-debuginfo-4.0.9-44.86.1 * tiff-debugsource-4.0.9-44.86.1 * tiff-debuginfo-4.0.9-44.86.1 * tiff-4.0.9-44.86.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libtiff5-debuginfo-32bit-4.0.9-44.86.1 * libtiff5-32bit-4.0.9-44.86.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7006.html * https://bugzilla.suse.com/show_bug.cgi?id=1228924 . openSUSE Security Alert for ImageMagick addresses CVE-2024-8006 with a high severity rating. Detailed patch instructions included.. tiff security, SUSE updates, Linux patch management, CVE-2024-7006. . LinuxSecurity.com Team

Calendar%202 Aug 20, 2024 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200