[ubuntu/hardy-security] tiff 3.8.2-7ubuntu3.10 (Accepted)

Wed, 04 Apr 2012 14:04:09 -0700 

tiff (3.8.2-7ubuntu3.10) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    tiffdump
    - debian/patches/z_CVE-2010-4665.patch: prevent integer overflow in
      tools/tiffdump.c.
    - CVE-2010-4665
  * SECURITY UPDATE: arbitrary code execution via size overflow
    - debian/patches/z_CVE-2012-1173.patch: use TIFFSafeMultiply in
      libtiff/tif_getimage.c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
    - CVE-2012-1173
  * debian/patches/CVE-2010-1411.patch: updated to use actual upstream fix
    and to get TIFFSafeMultiply macro.

Date: Mon, 02 Apr 2012 12:15:45 -0400
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/tiff/3.8.2-7ubuntu3.10

Format: 1.7
Date: Mon, 02 Apr 2012 12:15:45 -0400
Source: tiff
Binary: libtiff4 libtiffxx0c2 libtiff4-dev libtiff-tools libtiff-opengl
Architecture: source
Version: 3.8.2-7ubuntu3.10
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description: 
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff4   - Tag Image File Format (TIFF) library
 libtiff4-dev - Tag Image File Format library (TIFF), development files
 libtiffxx0c2 - Tag Image File Format (TIFF) library -- C++ interface
Changes: 
 tiff (3.8.2-7ubuntu3.10) hardy-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     tiffdump
     - debian/patches/z_CVE-2010-4665.patch: prevent integer overflow in
       tools/tiffdump.c.
     - CVE-2010-4665
   * SECURITY UPDATE: arbitrary code execution via size overflow
     - debian/patches/z_CVE-2012-1173.patch: use TIFFSafeMultiply in
       libtiff/tif_getimage.c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
     - CVE-2012-1173
   * debian/patches/CVE-2010-1411.patch: updated to use actual upstream fix
     and to get TIFFSafeMultiply macro.
Files: 
 28bad4c5359bbcedb9084ae4c461995c 1498 libs optional tiff_3.8.2-7ubuntu3.10.dsc
 9383fa83ca5527e4b64c28f580806b80 25380 libs optional 
tiff_3.8.2-7ubuntu3.10.diff.gz
Original-Maintainer: Jay Berkenbilt <q...@debian.org>

-- 
Hardy-changes mailing list
Hardy-changes@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/hardy-changes

Reply via email to