[ubuntu/natty-security] tiff 3.9.4-5ubuntu6.2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 5 14:03:40 UTC 2012


tiff (3.9.4-5ubuntu6.2) natty-security; urgency=low

  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    due to type-conversion flaw (LP: #1016324)
    - debian/patches/CVE-2012-2088.patch: check for overflows in
      libtiff/tif_strip.c and libtiff/tif_tile.c.
    - CVE-2012-2088
  * SECURITY UPDATE: possible arbitrary code execution via integer
    overflows in tiff2pdf (LP: #1016324)
    - debian/patches/CVE-2012-2113.patch: check for overflows in
      tools/tiff2pdf.c.
    - CVE-2012-2113

Date: Wed, 04 Jul 2012 10:59:25 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/tiff/3.9.4-5ubuntu6.2
-------------- next part --------------
Format: 1.8
Date: Wed, 04 Jul 2012 10:59:25 -0400
Source: tiff
Binary: libtiff4 libtiffxx0c2 libtiff4-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source
Version: 3.9.4-5ubuntu6.2
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff4   - Tag Image File Format (TIFF) library
 libtiff4-dev - Tag Image File Format library (TIFF), development files
 libtiffxx0c2 - Tag Image File Format (TIFF) library -- C++ interface
Launchpad-Bugs-Fixed: 1016324
Changes: 
 tiff (3.9.4-5ubuntu6.2) natty-security; urgency=low
 .
   * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
     due to type-conversion flaw (LP: #1016324)
     - debian/patches/CVE-2012-2088.patch: check for overflows in
       libtiff/tif_strip.c and libtiff/tif_tile.c.
     - CVE-2012-2088
   * SECURITY UPDATE: possible arbitrary code execution via integer
     overflows in tiff2pdf (LP: #1016324)
     - debian/patches/CVE-2012-2113.patch: check for overflows in
       tools/tiff2pdf.c.
     - CVE-2012-2113
Checksums-Sha1: 
 c3031f0751010c2f1fac3769551e0ef1fba32b78 2002 tiff_3.9.4-5ubuntu6.2.dsc
 1f80232b0058a63d08fc724dbaf09938ffeff67f 23903 tiff_3.9.4-5ubuntu6.2.debian.tar.gz
Checksums-Sha256: 
 82b487cbb6f9d5f74229beb68aad0ff2dc3fe6d1369dbda032dd8f9009dff15d 2002 tiff_3.9.4-5ubuntu6.2.dsc
 f8c3554e0a714f1601bcff42b7ef2e5fdb4a6392e3664ad519cd24a507c60c4c 23903 tiff_3.9.4-5ubuntu6.2.debian.tar.gz
Files: 
 f9c8786b7e17f0796737849826a702e9 2002 libs optional tiff_3.9.4-5ubuntu6.2.dsc
 3f2a4579bfa7d9b1fc55ab4361f5daf3 23903 libs optional tiff_3.9.4-5ubuntu6.2.debian.tar.gz
Original-Maintainer: Jay Berkenbilt <qjb at debian.org>


More information about the Natty-changes mailing list