[ubuntu/cosmic-security] tiff 4.0.9-6ubuntu0.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Mar 12 12:50:54 UTC 2019
tiff (4.0.9-6ubuntu0.2) cosmic-security; urgency=medium
* SECURITY UPDATE: heap over-read in TIFFWriteScanline
- debian/patches/CVE-2018-10779.patch: fix overflow in
libtiff/tif_write.c.
- CVE-2018-10779
* SECURITY UPDATE: heap over-read in cpSeparateBufToContigBuf
- debian/patches/CVE-2018-12900-1.patch: check for overflow in
tools/tiffcp.c.
- debian/patches/CVE-2018-12900-2.patch: use INT_MAX in tools/tiffcp.c.
- CVE-2018-12900
- CVE-2019-7663
* SECURITY UPDATE: NULL pointer dereference in _TIFFmemcmp
- debian/patches/CVE-2018-17000.patch: add NULL check in
libtiff/tif_dirwrite.c.
- CVE-2018-17000
* SECURITY UPDATE: NULL pointer dereference in TIFFWriteDirectorySec
- debian/patches/CVE-2018-19210-1.patch: unset transferfunction field
if necessary in libtiff/tif_dir.c.
- debian/patches/CVE-2018-19210-2.patch: fix warning in
libtiff/tif_dir.c.
- CVE-2018-19210
* SECURITY UPDATE: memory leak in TIFFFdOpen
- debian/patches/CVE-2019-6128.patch: properly handle errors in
tools/pal2rgb.c.
- CVE-2019-6128
Date: 2019-03-11 19:08:21.951635+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.0.9-6ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list