[ubuntu/quantal] tiff3 3.9.6-9ubuntu1 (Accepted)

Sun Oct 7 13:34:46 UTC 2012

tiff3 (3.9.6-9ubuntu1) quantal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/control:
      + Stop Providing libtiff-dev, which will be provided by tiff now.
        This will make libtiff5 the default libtiff.

tiff3 (3.9.6-9) unstable; urgency=high

  * Previous change was uploaded with the wrong CVE number.  I updated the
    last changelog entry.  The correct CVE number is CVE-2012-4447.

tiff3 (3.9.6-8) unstable; urgency=high

  * Add fix for CVE-2012-4447, a buffer overrun.

tiff3 (3.9.6-7) unstable; urgency=high

  * SECURITY UPDATE: possible arbitrary code execution via heap overflow
    in tiff2pdf.  (Closes: #682195)
    - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
      tools/tiff2pdf.c.
    - CVE-2012-3401
    Changes prepared by Marc Deslauriers for Ubuntu.  Thanks!

Date: Sun, 07 Oct 2012 14:38:31 +0200
Changed-By: Michael Bienia <geser at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/quantal/+source/tiff3/3.9.6-9ubuntu1
-------------- next part --------------
Format: 1.8
Date: Sun, 07 Oct 2012 14:38:31 +0200
Source: tiff3
Binary: libtiff4 libtiffxx0c2 libtiff4-dev
Architecture: source
Version: 3.9.6-9ubuntu1
Distribution: quantal
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Michael Bienia <geser at ubuntu.com>
Description: 
 libtiff4   - Tag Image File Format (TIFF) library (old version)
 libtiff4-dev - Tag Image File Format (TIFF) library (old version), development f
 libtiffxx0c2 - Tag Image File Format (TIFF) library (old version) -- C++ interfa
Closes: 682195
Changes: 
 tiff3 (3.9.6-9ubuntu1) quantal; urgency=low
 .
   * Merge from Debian unstable.  Remaining changes:
     - debian/control:
       + Stop Providing libtiff-dev, which will be provided by tiff now.
         This will make libtiff5 the default libtiff.
 .
 tiff3 (3.9.6-9) unstable; urgency=high
 .
   * Previous change was uploaded with the wrong CVE number.  I updated the
     last changelog entry.  The correct CVE number is CVE-2012-4447.
 .
 tiff3 (3.9.6-8) unstable; urgency=high
 .
   * Add fix for CVE-2012-4447, a buffer overrun.
 .
 tiff3 (3.9.6-7) unstable; urgency=high
 .
   * SECURITY UPDATE: possible arbitrary code execution via heap overflow
     in tiff2pdf.  (Closes: #682195)
     - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
       tools/tiff2pdf.c.
     - CVE-2012-3401
     Changes prepared by Marc Deslauriers for Ubuntu.  Thanks!
Checksums-Sha1: 
 6cbff0e85d0905dd6dd6b95fea57400fd8db70a5 1867 tiff3_3.9.6-9ubuntu1.dsc
 08afb0240220c731d65334432f105ceecfec2126 16073 tiff3_3.9.6-9ubuntu1.debian.tar.gz
Checksums-Sha256: 
 34e3cf920a279f193714ef5571f6784913e18b4cf1a73a042825a5530f1962db 1867 tiff3_3.9.6-9ubuntu1.dsc
 cf0cf26751b3332998806f80056413996071fd98650083feb58fac9ddacbaf11 16073 tiff3_3.9.6-9ubuntu1.debian.tar.gz
Files: 
 e667bf587dbe05a20afbfbf153d84867 1867 oldlibs optional tiff3_3.9.6-9ubuntu1.dsc
 3a3bbdf19de9fc50f2ff507812fe791e 16073 oldlibs optional tiff3_3.9.6-9ubuntu1.debian.tar.gz
Original-Maintainer: Jay Berkenbilt <qjb at debian.org>