[Bug 262763] [NEW] Please sync tiff 3.8.2-11 (main) from Debian unstable (main).
Kees Cook
kees at ubuntu.com
Fri Aug 29 19:56:35 BST 2008
Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects ubuntu/tiff
status confirmed
importance wishlist
subscribe ubuntu-archive
Please sync tiff 3.8.2-11 (main) from Debian unstable (main).
This includes a security fix.
Changelog since current intrepid version 3.8.2-10:
tiff (3.8.2-11) unstable; urgency=high
* Apply security patches (CVE-2008-2327)
* Convert patch system to quilt
* Create README.source
* Set standards version to 3.8.0
-- Jay Berkenbilt <qjb at debian.org> Sun, 17 Aug 2008 13:16:37 -0400
tiff (3.8.2-10+lenny1) testing-security; urgency=high
* Apply patches from Drew Yao of Apple Product Security to fix
CVE-2008-2327, a potential buffer underflow in the LZW decoder
(tif_lzw.c).
-- Jay Berkenbilt <qjb at debian.org> Sun, 17 Aug 2008 11:56:01 -0400
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Kees Cook <kees at outflux.net>
iEYEARECAAYFAki4RmEACgkQH/9LqRcGPm1w9wCfaPkX0wacDjony6aDOptCtuGE
X7UAoINEm9o1vcy5LTD8R2mwIwxRn755
=x/0Z
-----END PGP SIGNATURE-----
** Affects: tiff (Ubuntu)
Importance: Wishlist
Status: Confirmed
--
Please sync tiff 3.8.2-11 (main) from Debian unstable (main).
https://bugs.launchpad.net/bugs/262763
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list