[ubuntu/precise-security] tiff 3.9.5-2ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 5 14:03:20 UTC 2012


tiff (3.9.5-2ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    due to type-conversion flaw (LP: #1016324)
    - debian/patches/CVE-2012-2088.patch: check for overflows in
      libtiff/tif_strip.c and libtiff/tif_tile.c.
    - CVE-2012-2088
  * SECURITY UPDATE: possible arbitrary code execution via integer
    overflows in tiff2pdf (LP: #1016324)
    - debian/patches/CVE-2012-2113.patch: check for overflows in
      tools/tiff2pdf.c.
    - CVE-2012-2113

Date: Wed, 04 Jul 2012 10:14:32 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/tiff/3.9.5-2ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Wed, 04 Jul 2012 10:14:32 -0400
Source: tiff
Binary: libtiff4 libtiffxx0c2 libtiff4-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source
Version: 3.9.5-2ubuntu1.1
Distribution: precise-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff4   - Tag Image File Format (TIFF) library
 libtiff4-dev - Tag Image File Format library (TIFF), development files
 libtiffxx0c2 - Tag Image File Format (TIFF) library -- C++ interface
Launchpad-Bugs-Fixed: 1016324
Changes: 
 tiff (3.9.5-2ubuntu1.1) precise-security; urgency=low
 .
   * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
     due to type-conversion flaw (LP: #1016324)
     - debian/patches/CVE-2012-2088.patch: check for overflows in
       libtiff/tif_strip.c and libtiff/tif_tile.c.
     - CVE-2012-2088
   * SECURITY UPDATE: possible arbitrary code execution via integer
     overflows in tiff2pdf (LP: #1016324)
     - debian/patches/CVE-2012-2113.patch: check for overflows in
       tools/tiff2pdf.c.
     - CVE-2012-2113
Checksums-Sha1: 
 2bb4e9a459bdc7daacbb19d8d303301e21248ba3 2222 tiff_3.9.5-2ubuntu1.1.dsc
 2f65a33c01c17bf46a9f8bcd2e03215f5181fffa 17466 tiff_3.9.5-2ubuntu1.1.debian.tar.gz
Checksums-Sha256: 
 1153520e8ccde9eb15a0670ffac01250c851bc45c7f2c5e74c4edec09c9bc3be 2222 tiff_3.9.5-2ubuntu1.1.dsc
 4fcce1f0ce3b6638fb3510929c171c7f6fe513753ac9e63f0408425d11e9dc83 17466 tiff_3.9.5-2ubuntu1.1.debian.tar.gz
Files: 
 bc3b35abe56116f32dec38f1ba980c85 2222 libs optional tiff_3.9.5-2ubuntu1.1.dsc
 dae49963c8ec2fcaf4e0dc564718cb2c 17466 libs optional tiff_3.9.5-2ubuntu1.1.debian.tar.gz
Original-Maintainer: Jay Berkenbilt <qjb at debian.org>


More information about the Precise-changes mailing list