Bug#836570: marked as done (CVE-2016-3990: tiff: out-of-bounds write in horizontalDifference8() in tiffcp tool)

[Debian Bug Tracking System]

Your message dated Sun, 15 Jan 2017 23:02:56 +0000
with message-id <e1cstpa-000eaw...@fasolo.debian.org>
and subject line Bug#836570: fixed in tiff 4.0.3-12.3+deb8u2
has caused the Debian Bug report #836570,
regarding CVE-2016-3990: tiff: out-of-bounds write in horizontalDifference8() 
in tiffcp tool
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
836570: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836570
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: tiff
Version: 4.0.6-2
Severity: important
Tags: security, fixed-upstream, upstream

Original report:
    http://www.openwall.com/lists/oss-security/2016/04/12/2

Upstream bug report:
    http://bugzilla.maptools.org/show_bug.cgi?id=2544

Fixed per:
    http://bugzilla.maptools.org/show_bug.cgi?id=2544#c4

-- 
Henri Salo

--- End Message ---

--- Begin Message ---

Source: tiff
Source-Version: 4.0.3-12.3+deb8u2

We believe that the bug you reported is fixed in the latest version of
tiff, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 836...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <g...@debian.org> (supplier of updated tiff package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 21 Nov 2016 21:32:06 +0000
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl 
libtiff-doc
Architecture: source all amd64
Version: 4.0.3-12.3+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Ondřej Surý <ond...@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <g...@debian.org>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Closes: 819972 820362 820363 820364 820365 820366 830700 836570 842046 842270 
842361 844013 844057 844226
Changes:
 tiff (4.0.3-12.3+deb8u2) jessie-security; urgency=high
 .
   * Backport fix for the following vulnerabilities:
     - CVE-2016-5314 , CVE-2016-5315 , CVE-2016-5316, CVE-2016-5317: several
       out of bound writes in the rgb2ycbcr tool (closes: #830700),
     - CVE-2016-5320, rgb2ycbcr: command excution,
     - CVE-2016-5875, heap-based buffer overflow when using the PixarLog
       compression format,
     - CVE-2016-6223, information leak in libtiff/tif_read.c (closes: #842270),
     - CVE-2016-5321: DumpModeDecode() DoS,
     - CVE-2016-5323: _TIFFFax3fillruns() NULL pointer dereference,
     - CVE-2016-3945: out-of-bounds write in the tiff2rgba tool,
     - CVE-2016-3990: out-of-bounds write in horizontalDifference8() in tiffcp
       tool (closes: #836570),
     - CVE-2016-3991: heap-based buffer overflow in the loadImage function in
       the tiffcrop tool,
     - CVE-2016-5322: extractContigSamplesBytes: out-of-bounds read in the
       tiffcrop tool,
     - CVE-2016-3623: rgb2ycbcr tool DoS by setting the (1) '-v' or (2) '-h'
       parameter to 0 ,
     - CVE-2016-9533: PixarLog horizontalDifference heap-buffer-overflow,
     - CVE-2016-9534: TIFFFlushData1 heap-buffer-overflow,
     - CVE-2016-9535: Predictor heap-buffer-overflow,
     - CVE-2016-9536: t2p_process_jpeg_strip heap-buffer-overflow,
     - CVE-2016-9537: out-of-bounds write vulnerabilities in buffers of
       tiffcrop,
     - CVE-2016-9538: read of undefined buffer in readContigStripsIntoBuffer()
       due to uint16 overflow,
     - CVE-2016-9540: out-of-bounds write on tiled images,
     - CVE-2016-3624: rgb2ycbcr tool DoS by setting the '-v' option to -1 ,
     - CVE-2016-3622: divide-by-zero error in the tiff2rgba tool
       (closes: #820365),
     - CVE-2016-5652: fix write buffer overflow of 2 bytes on JPEG compressed
       images (closes: #842361),
     - CVE-2016-9453: out-of-bounds write memcpy in tiff2pdf tool,
     - CVE-2016-9273: read outsize of array in tiffsplit tool
       (closes: #844013),
     - CVE-2016-9532: heap buffer overflow via writeBufferToSeparateStrips in
       the tiffcrop tool (closes: #844057),
     - CVE-2016-9297: potential read outside buffer in _TIFFPrintField()
       (closes: #844226),
     - CVE-2016-9448: invalid read of size 1 in TIFFFetchNormalTag, regression
       of CVE-2016-9297 ,
     - CVE-2016-10092: heap-buffer-overflow in tiffcrop,
     - CVE-2016-10093: uint32 underflow/overflow that can cause heap-based
       buffer overflow in tiffcp,
     - CVE-2016-10094: off-by-one error in tiff2pdf.
   * Fix CVE-2015-8668 (closes: #842046), CVE-2016-3619 (closes: #820362),
     CVE-2016-3620 (closes: #820363), CVE-2016-3621 (closes: #820364) and
     CVE-2016-5319 with removing bmp2tiff.
   * Fix CVE-2016-3186 (closes: #819972) and CVE-2016-5102 with removing
     gif2tiff.
   * Fix CVE-2016-3631 (closes: #820366), CVE-2016-3632 , CVE-2016-3633 ,
     CVE-2016-3634 and CVE-2016-8331 with removing thumbnail.
   * Remove no longer supported ras2tiff tool.
Checksums-Sha1:
 4052058e8fd2efd8b544d1b4e35fea6b6defd0cf 2240 tiff_4.0.3-12.3+deb8u2.dsc
 db2da0c828ce0a15737416cb9cb7643f02e92616 43512 
tiff_4.0.3-12.3+deb8u2.debian.tar.xz
 0f55b35ee2815838d80d5aa5b7f82f56c15d854b 367184 
libtiff-doc_4.0.3-12.3+deb8u2_all.deb
 5a1829166804a852ee42c0e408d611601a346628 215942 
libtiff5_4.0.3-12.3+deb8u2_amd64.deb
 b92399d76710777d1a3451a9f61631096b9a056b 77704 
libtiffxx5_4.0.3-12.3+deb8u2_amd64.deb
 16b7f8455de19d1bdd3bc5d875789dc490ab9d2e 337848 
libtiff5-dev_4.0.3-12.3+deb8u2_amd64.deb
 7f37a7d6a07f06141e894001e8f003714b16b1d8 271252 
libtiff-tools_4.0.3-12.3+deb8u2_amd64.deb
 54efbc23cbbfa0bd7fccc99a9081d6d3f6e16689 82632 
libtiff-opengl_4.0.3-12.3+deb8u2_amd64.deb
Checksums-Sha256:
 6a2dd52c52bccdc8404be32a55c2e26fa0077736a5d8e3644123e6155866ac45 2240 
tiff_4.0.3-12.3+deb8u2.dsc
 0f5eb5da8fd6c9b334db2cb715e9c747e1173e5f9288daeb2036108f9cfefb90 43512 
tiff_4.0.3-12.3+deb8u2.debian.tar.xz
 07721f9c8f003409a7a9d5624322965b40c12086efa08357633de75bbdbd696f 367184 
libtiff-doc_4.0.3-12.3+deb8u2_all.deb
 82cbbffc6b090e3d3e09fa7fb37bf769666cba2bbf491501a432b9fb2599e509 215942 
libtiff5_4.0.3-12.3+deb8u2_amd64.deb
 8cb55ed976a3c3b666fb0b7c592342f7e8b922b9a6d8b3a16553c55c36524032 77704 
libtiffxx5_4.0.3-12.3+deb8u2_amd64.deb
 9f1cbe3f873941297d0ea6d2c895f3e55438c217a66116ad24aefad6c509c6fd 337848 
libtiff5-dev_4.0.3-12.3+deb8u2_amd64.deb
 e10dd63cf1f220c10bfad4c7d056e4e66477516450d97a97c812e8652b0391c9 271252 
libtiff-tools_4.0.3-12.3+deb8u2_amd64.deb
 d34db3e2fe021b48da1e59a8dfc17fc64aaddeaae8d143e9357957de4d565542 82632 
libtiff-opengl_4.0.3-12.3+deb8u2_amd64.deb
Files:
 3a9ad683bac10d3fb3684776b8c52069 2240 libs optional tiff_4.0.3-12.3+deb8u2.dsc
 dc4dc19c4eee7afe95855f46437f8b4b 43512 libs optional 
tiff_4.0.3-12.3+deb8u2.debian.tar.xz
 a3014e24d81a15273b26d2f075a92c86 367184 doc optional 
libtiff-doc_4.0.3-12.3+deb8u2_all.deb
 d2bf6666f4c5bcdf348ff9b253b9440f 215942 libs optional 
libtiff5_4.0.3-12.3+deb8u2_amd64.deb
 eaf0a311b4be823f9bc55f07e8d66094 77704 libs optional 
libtiffxx5_4.0.3-12.3+deb8u2_amd64.deb
 3ef5f421142ec36ad2ac0e1396c22792 337848 libdevel optional 
libtiff5-dev_4.0.3-12.3+deb8u2_amd64.deb
 734952555b4a3d4a342c345cd8b44f04 271252 graphics optional 
libtiff-tools_4.0.3-12.3+deb8u2_amd64.deb
 7314ac1e3d277e4b1b46e914ed13dee4 82632 graphics optional 
libtiff-opengl_4.0.3-12.3+deb8u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlh3+CIACgkQEMKTtsN8
TjY+3A//YsfuShAmJbxrQ+XCz4YrYgOMc69eYbZ4dpWxgb0VAg0BLoKNan/tFLRa
ehIEczIKr8c2TRIeEnUwP97iKCQ9hzbxtksHc4hCJ3Yj/u4jmOc+FcYyUT2zfBHr
dZwNUBY3J8id9ZEW+9KyA6UXpSpbMTRwORnOv+IcBlamQmKI/WF/2JfpzJ3LW9BJ
+YZO+SINWASEcvJdX7rA3LM+wMuu/KuYos18l4qq+U6sAClpa1WmhgYr1Wb60SvU
kyWUafll67voyfq9hYLupZczXgutjVt+vwJ8UUwpnPM0Z7MKIhAebaAx97iwCGxU
3NmszdWELss0fjDUzrXEbnvBe2ovhIU2vRVnju28T0YahvE/PO8rLbPwr8ZWDqRh
ebNHqeiGu1Jn6ZYlUiBCp6IH6Y0cMaXMASfgeW5t16PRy8vasIGWsxFg7mJfNHu8
0ZkLchJcHKX9I4pAVZXKswQ7c+sPgWRItrMFHqcYQcpD6+wvo93iHM3clF65iy3q
1OaAmigv8I3PpibEFNR8EiErDiXNvvNwv+Y54cjrRbJ+BdsdaUZU3WXofBCuEa1P
IcvAkdlRV4ZPhFLtKzW+o3NmRUsHmmldlDBdHMZsDMiuWKI3weNjH1vuVQCswC64
8C6QXtcbphG9CM/58nejWD2vFGqQdThaJv5vcMXj5S2hBIgMglI=
=ZVkd
-----END PGP SIGNATURE-----

--- End Message ---