[ubuntu/quantal] tiff 3.9.5-2ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 5 13:35:23 UTC 2012 

tiff (3.9.5-2ubuntu2) quantal; urgency=low

  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    due to type-conversion flaw (LP: #1016324)
    - debian/patches/CVE-2012-2088.patch: check for overflows in
      libtiff/tif_strip.c and libtiff/tif_tile.c.
    - CVE-2012-2088
  * SECURITY UPDATE: possible arbitrary code execution via integer
    overflows in tiff2pdf (LP: #1016324)
    - debian/patches/CVE-2012-2113.patch: check for overflows in
      tools/tiff2pdf.c.
    - CVE-2012-2113

Date: Thu, 05 Jul 2012 09:13:37 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/quantal/+source/tiff/3.9.5-2ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 Jul 2012 09:13:37 -0400
Source: tiff
Binary: libtiff4 libtiffxx0c2 libtiff4-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source
Version: 3.9.5-2ubuntu2
Distribution: quantal
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff4   - Tag Image File Format (TIFF) library
 libtiff4-dev - Tag Image File Format library (TIFF), development files
 libtiffxx0c2 - Tag Image File Format (TIFF) library -- C++ interface
Launchpad-Bugs-Fixed: 1016324
Changes: 
 tiff (3.9.5-2ubuntu2) quantal; urgency=low
 .
   * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
     due to type-conversion flaw (LP: #1016324)
     - debian/patches/CVE-2012-2088.patch: check for overflows in
       libtiff/tif_strip.c and libtiff/tif_tile.c.
     - CVE-2012-2088
   * SECURITY UPDATE: possible arbitrary code execution via integer
     overflows in tiff2pdf (LP: #1016324)
     - debian/patches/CVE-2012-2113.patch: check for overflows in
       tools/tiff2pdf.c.
     - CVE-2012-2113
Checksums-Sha1: 
 3279d298b36eca6d804d450d790fe09bf42d4f44 2214 tiff_3.9.5-2ubuntu2.dsc
 87886aad45867b884b361e5c1d8498130a468516 17460 tiff_3.9.5-2ubuntu2.debian.tar.gz
Checksums-Sha256: 
 55db89fd8c57c743e0d22f9ea0cab356f956eeb7cb628bc24f6c903fd0f0e4ca 2214 tiff_3.9.5-2ubuntu2.dsc
 8bf8e87cb4d8c5046981e5ece0ad2339e889630bd4328ec9a32e32f87e339c14 17460 tiff_3.9.5-2ubuntu2.debian.tar.gz
Files: 
 37ed92dd1757801e9a1c4e414c8d5940 2214 libs optional tiff_3.9.5-2ubuntu2.dsc
 b6225177ad43987b9c5b27e5e29bd02b 17460 libs optional tiff_3.9.5-2ubuntu2.debian.tar.gz
Original-Maintainer: Jay Berkenbilt <qjb at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJP9ZcGAAoJEGVp2FWnRL6ThqEP/2EVO4JzRsNY6/myqhz69r/c
NwfWng5jXaKC5lMyHKEsj8cTNayR6VKI5mk9GnMIc+2mc91dHCBXdOksPjRaidrx
41bAcIyDzFpnWZiskCWDmRrMSUNSaksE+r7E+F3zZ9U+O4eteN4FM+cRiegsr1Wq
EEzQEGbJjo9an1Esujbaw4IcjUrPUjomh7gU+mwtcwL7JCZaLEOHLbejwKZ0YbRa
2ADkv3ROa82gyxWrg3/IyV4HJJfIp3/d7XftObvx3o8aWxq8NEsrs2kfIf+UJiqw
r6H2V4mBT40CreLCypj7LOSHUimj+zutKLsRlnjjER84pKhtZdNKCAPiCZGzlMyT
bpZd8HSu7FX6bwXEGbNcFNQ/rbABnAr746pnTHF20ve2DNtK3NOLxoBdlgU0ItAM
BhPdLuaBjcSAZsUYG/E17iIe/yRnayBC0jwppq40qPiPQ1vQYWM8tNjGlKo2z+7B
wdaMDT/Jgd3aK1zy/x21CM6bdr4ilC6ROXe3ZQoaz2c5xGlZERBqEFt3s2F3AFNb
H9x0g0uO3FVk31FtEDGPKXlIevBc2fg1O3jhMhdh8xmAZVq6WhQDFfxjG8dGTyk4
RiqUUdkleDC/cEDDpPNEf5LoeYpQDiU5XQR7r6D2PyMhzPQq2W3a4mD9YBRYcbIS
OXnVUYy300unY5Xga6ss
=pGL5
-----END PGP SIGNATURE-----

More information about the Quantal-changes mailing list