This bug was fixed in the package tiff - 4.0.3-7ubuntu0.7 --------------- tiff (4.0.3-7ubuntu0.7) trusty-security; urgency=medium
* SECURITY REGRESSION: JPEG tiff read and write issue due to misapplied patches (LP: #1670036) - debian/patches/CVE-2016-9297_and_CVE-2016-9448_correct.patch: replace two previous patches with one that applies fix to correct location. - Thanks to John Cupitt and Even Rouault -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Mon, 29 May 2017 07:35:17 -0400 ** Changed in: tiff (Ubuntu Trusty) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1670036 Title: Misapplied patches in 4.0.6-2ubuntu0.1 break reading and writing JPEG compressed files Status in LibTIFF: New Status in tiff package in Ubuntu: Invalid Status in tiff source package in Trusty: Fix Released Status in tiff source package in Xenial: Fix Released Status in tiff source package in Yakkety: Fix Released Bug description: The patches applied to libtiff 4.0.6 in 4.0.6-2ubuntu01 seem to break JPEG tiff read and write. To reproduce: $ tiffcp -c jpeg k2a.tif x.tif (where k2a.tif is a simple uncompressed RGB strip tiff) appears to work. However, x.tif, the output, will now not read without warnings: $ tiffcp x.tif y.tif TIFFFetchNormalTag: Warning, ASCII value for tag "JPEGTables" does not end in null byte. Forcing it to be null. JPEGLib: Warning, Premature end of JPEG file. This was working fine until a couple of days ago, so I guess it's one of the most recent patches. Some packages using libtiff seem to be broken too. For example, openslide, which uses libtiff to load jp2k-compressed slide images, is no longer working: $ openslide-write-png CMU-1-Small-Region.svs 0 0 0 100 100 x.png TIFFFetchNormalTag: Warning, ASCII value for tag "JPEGTables" does not end in null byte. Forcing it to be null. TIFFFetchNormalTag: Warning, ASCII value for tag "JPEGTables" does not end in null byte. Forcing it ... repeats 8 more times openslide-write-png: Premature end of JPEG file and x.png is not a valid PNG image. The test .svs image may be downloaded here: http://openslide.cs.cmu.edu/download/openslide-testdata/Aperio/ To manage notifications about this bug go to: https://bugs.launchpad.net/libtiff/+bug/1670036/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp