Can Ubuntu address CVE-2022-1210 similar to other Linux Distros (RHEL, SUSE, YOCTO,...) with not building tiff with JBIG disabled since the bug is really in libjbig (build with --disable-jbig) . See Fedora Bug Tracker https://bugzilla.redhat.com/show_bug.cgi?id=2072615
** Bug watch added: Red Hat Bugzilla #2072615 https://bugzilla.redhat.com/show_bug.cgi?id=2072615 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1971001 Title: Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal and Jammy Status in tiff package in Ubuntu: In Progress Bug description: The versions in Trusty, Xenial, Bionic, Focal and Jammy may be vulnerable to all CVEs below. Debian released an advisory on March 24. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/1971001/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
