[ubuntu/karmic-security] tiff (delayed), tiff 3.8.2-13ubuntu0.4 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Mar 7 15:08:10 UTC 2011
tiff (3.8.2-13ubuntu0.4) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
values
- debian/patches/CVE-2010-2595.patch: validate values in
libtiff/tif_color.c.
- CVE-2010-2595
* SECURITY UPDATE: denial of service via devide-by-zero (LP: #593067)
- debian/patches/CVE-2010-2597.patch: properly initialize fields in
libtiff/tif_strip.c.
- CVE-2010-2597
- CVE-2010-2598
* SECURITY UPDATE: denial of service via out-of-order tags
- debian/patches/CVE-2010-2630.patch: correctly handle order in
libtiff/tif_dirread.c.
- CVE-2010-2630
* SECURITY UPDATE: denial of service and possible code exection via
YCBCRSUBSAMPLING tag
- debian/patches/CVE-2011-0191.patch: validate td_ycbcrsubsampling in
libtiff/tif_dir.c.
- CVE-2011-0191
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in Fax4Decode
- debian/patches/CVE-2011-0192.patch: check length in
libtiff/tif_fax3.h.
- CVE-2011-0192
Date: Fri, 04 Mar 2011 10:07:56 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/tiff/3.8.2-13ubuntu0.4
-------------- next part --------------
Format: 1.8
Date: Fri, 04 Mar 2011 10:07:56 -0500
Source: tiff
Binary: libtiff4 libtiffxx0c2 libtiff4-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source
Version: 3.8.2-13ubuntu0.4
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libtiff-doc - TIFF manipulation and conversion documentation
libtiff-opengl - TIFF manipulation and conversion tools
libtiff-tools - TIFF manipulation and conversion tools
libtiff4 - Tag Image File Format (TIFF) library
libtiff4-dev - Tag Image File Format library (TIFF), development files
libtiffxx0c2 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
tiff (3.8.2-13ubuntu0.4) karmic-security; urgency=low
.
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
values
- debian/patches/CVE-2010-2595.patch: validate values in
libtiff/tif_color.c.
- CVE-2010-2595
* SECURITY UPDATE: denial of service via devide-by-zero (LP: #593067)
- debian/patches/CVE-2010-2597.patch: properly initialize fields in
libtiff/tif_strip.c.
- CVE-2010-2597
- CVE-2010-2598
* SECURITY UPDATE: denial of service via out-of-order tags
- debian/patches/CVE-2010-2630.patch: correctly handle order in
libtiff/tif_dirread.c.
- CVE-2010-2630
* SECURITY UPDATE: denial of service and possible code exection via
YCBCRSUBSAMPLING tag
- debian/patches/CVE-2011-0191.patch: validate td_ycbcrsubsampling in
libtiff/tif_dir.c.
- CVE-2011-0191
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in Fax4Decode
- debian/patches/CVE-2011-0192.patch: check length in
libtiff/tif_fax3.h.
- CVE-2011-0192
Checksums-Sha1:
f740068cb5c9dce0432099cf0387ae4936f86a76 1940 tiff_3.8.2-13ubuntu0.4.dsc
a647025b100f6ccbca16652858b837603e89f1b3 42777 tiff_3.8.2-13ubuntu0.4.diff.gz
Checksums-Sha256:
aced7756b585f1acb40a2bcfed8c3a2b23c41ee604f156751aa2ee7860e820ab 1940 tiff_3.8.2-13ubuntu0.4.dsc
2fefe055d5e4112f65d655b00ae2bc6bdcc2a8bc433145191f27c004ad816793 42777 tiff_3.8.2-13ubuntu0.4.diff.gz
Files:
8a581866d181276aff6a4008b8f3cedd 1940 libs optional tiff_3.8.2-13ubuntu0.4.dsc
cc2e665d2bd883b94440b317611f54ec 42777 libs optional tiff_3.8.2-13ubuntu0.4.diff.gz
Launchpad-Bugs-Fixed: 593067
Original-Maintainer: Jay Berkenbilt <qjb at debian.org>
More information about the Karmic-changes
mailing list