Changelog
tiff (4.0.10+git190903-1) unstable; urgency=high
* Git snapshot, fixing the following security issues:
- setByteArray(): avoid potential signed integer overflow,
- EstimateStripByteCounts(): avoid several unsigned integer overflows,
- tif_ojpeg: avoid two unsigned integer overflows,
- OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile
dimensions close to UINT32_MAX,
- _TIFFPartialReadStripArray(): avoid unsigned integer overflow,
- JPEG: avoid use of uninitialized memory on corrupted files,
- TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t,
- allocChoppedUpStripArrays(): avoid unsigned integer overflow,
- tif_ojpeg: avoid use of uninitialized memory on edge/broken file,
- ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer
overflows.
-- Laszlo Boszormenyi (GCS) <email address hidden> Tue, 17 Sep 2019 22:07:35 +0000