[ubuntu/bionic-proposed] tiff 4.0.9-4ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Mar 22 15:36:18 UTC 2018
tiff (4.0.9-4ubuntu1) bionic; urgency=medium
* SECURITY UPDATE: DoS in TIFFOpen
- debian/patches/CVE-2017-11613-1.patch: avoid memory exhaustion in
libtiff/tif_dirread.c.
- debian/patches/CVE-2017-11613-2.patch: rework fix in
libtiff/tif_dirread.c.
- CVE-2017-11613
* SECURITY UPDATE: TIFFSetupStrips heap overflow in pal2rgb
- debian/patches/CVE-2017-17095.patch: add workaround to
tools/pal2rgb.c.
- CVE-2017-17095
Date: Thu, 22 Mar 2018 11:18:42 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/tiff/4.0.9-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 22 Mar 2018 11:18:42 -0400
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source
Version: 4.0.9-4ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libtiff-dev - Tag Image File Format library (TIFF), development files, current
libtiff-doc - TIFF manipulation and conversion documentation
libtiff-opengl - TIFF manipulation and conversion tools
libtiff-tools - TIFF manipulation and conversion tools
libtiff5 - Tag Image File Format (TIFF) library
libtiff5-dev - Tag Image File Format library (TIFF), development files
libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
tiff (4.0.9-4ubuntu1) bionic; urgency=medium
.
* SECURITY UPDATE: DoS in TIFFOpen
- debian/patches/CVE-2017-11613-1.patch: avoid memory exhaustion in
libtiff/tif_dirread.c.
- debian/patches/CVE-2017-11613-2.patch: rework fix in
libtiff/tif_dirread.c.
- CVE-2017-11613
* SECURITY UPDATE: TIFFSetupStrips heap overflow in pal2rgb
- debian/patches/CVE-2017-17095.patch: add workaround to
tools/pal2rgb.c.
- CVE-2017-17095
Checksums-Sha1:
193dbe63d7b9451a1d30154e87b3217583599611 2259 tiff_4.0.9-4ubuntu1.dsc
89d22eebdaf47bab855a35f774458f03ec95d487 21024 tiff_4.0.9-4ubuntu1.debian.tar.xz
189ef24f736ddd5c97bf56e86ef0f3702a73c0e1 9576 tiff_4.0.9-4ubuntu1_source.buildinfo
Checksums-Sha256:
6de17042b2622509da0f5999f8e8c0b2bbacd788e2280d41d1e1974ff6ec81f8 2259 tiff_4.0.9-4ubuntu1.dsc
30c3d7530c757fb828bbfc92b8c1958a5b1f020b81b8924a7fef6da0d94e40d3 21024 tiff_4.0.9-4ubuntu1.debian.tar.xz
ff41ac44c4229649b245c2e3d3b6050f11531067c18c5f143058a8270406e0fe 9576 tiff_4.0.9-4ubuntu1_source.buildinfo
Files:
a56fa33e2de1b619373f100af21e1f8a 2259 libs optional tiff_4.0.9-4ubuntu1.dsc
46374bcade4b6e75e3d0ca4b9b8dbc04 21024 libs optional tiff_4.0.9-4ubuntu1.debian.tar.xz
8c9276bd67eae111f2579d68deb77572 9576 libs optional tiff_4.0.9-4ubuntu1_source.buildinfo
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs at debian.org>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJas8z+AAoJEGVp2FWnRL6TGRQQAKFSFYLV0JiF4utTrRbaTe/v
OToAMe+0wb7XZ+k1kTOl6JpadXfuoKn60ZjV4CFN2Emr6rM/KYhEwx+awYko1u52
PeChg1yqI7aJLMV6c8kNLzrERGjaGaceIc2b2LoLGcx7Xy1mILlp/F24+1zPZS1Z
EY2/vTcMBJLqdsXMrXYMxsRVgD8MSKe83DIWhy6Ir0BGobQK8317cZDOQ68BTGUc
9CSm05k3RocATvGawQVemHwVphJIRJ3MVbmxVjdnO7Gn8a0Wb9AztbbxZW4mmmgA
sLh7KHrR6abjC4NldZy23kTwwQ6QSZ8vjSmIDWE1DHhMgghy7tzryghnZrCB/Yca
eZivWN7HvC1Jc4g/d6kf+tw/HkO3Gt5ekv1Fd8QTphO4xFiJs3PxbmrlRN6fmSs2
/BTkAnD2mg2xBT3K9NLndyl9pBimHhl+aZVAE/jk7cRjzQor8x3QSU7KeEvYH4Wk
xh/ZXgQ6uPTuib2VN/QEOqQDIRqbWowz+QX3AmLGW8g1Aodtx5VyBzUIeXaZnXNH
g9TpZBEQY9b6XE/u8w05DMIseffDg9PX4hBx14arsxaEY3r/8GRxDeajh8v+E5rA
NDELCOtm+GGC8NPFRAuzv/DA0JK0hsmLp8XHe15uU9llbU0Qz9zT+NTO9deScP7P
urERPO5EncLKOhSlYTWi
=gr9p
-----END PGP SIGNATURE-----
More information about the Bionic-changes
mailing list