Hi Salvatore, On Wed, Jul 12, 2023 at 9:39 PM Salvatore Bonaccorso <car...@debian.org> wrote: > Source: tiff > Version: 4.5.1-1 > CVE-2023-3618[0]: > | A flaw was found in libtiff. A specially crafted tiff file can lead > | to a segmentation fault due to a buffer overflow in the Fax3Encode > | function in libtiff/tif_fax3.c, resulting in a denial of service. [...] > Please adjust the affected versions in the BTS as needed. Done my quick testing. My experience is the following. 1) libtiff6 and libtiff-tools are both 4.5.1-1 (ie, Trixie): the tool reports several warnings, exists with 1 (non-zero) but doesn't segfault. Even tried with valgrind, still no segfault. 2) libtiff6 is 4.5.1-1 backported to Bookworm and libtiff-tools are not, ie it's 4.5.0-6 : the tool reports the same warnings like above, but this time it _does_ segfault. 3) If libtiff-tools also updated to 4.5.1-1 on Bookworm: it's like the first case, several warnings, non-zero exit code without a segfault.
In short, it seems: - it's a non-dsa as only a crash in a CLI tool (which has end of life now), - doesn't affect the library, - while 4.5.0-6 (and in fact, at least from 4.5.0-1) is vulnerable, 4.5.1-1 fixed this issue. But you may find it otherwise, I do not alter this report in the BTS. Regards, Laszlo/GCS
