tiff 4.0.7-2 source package in Ubuntu
Changelog
tiff (4.0.7-2) unstable; urgency=high
* Backport security fixes:
- fix uint32 overflow in TIFFReadEncodedStrip() that caused an integer
division by zero,
- avoid uint32 underflow in cpDecodedStrips that can cause various
issues, such as buffer overflows in the library,
- fix heap-based buffer overflow on generation of PixarLog / LUV
compressed files, with ColorMap, TransferFunction attached and nasty
plays with bitspersample,
- fix ChopUpSingleUncompressedStrip() in reading outside of the
StripByCounts/StripOffsets arrays when using TIFFReadScanline()
(closes: #846837),
- make OJPEGDecode() early exit in case of failure in OJPEGPreDecode() to
avoid a divide by zero, and potential other issues,
- fix readContigStripsIntoBuffer() in -i (ignore) mode so that the
output buffer is correctly incremented to avoid write outside bounds,
- add 3 extra bytes at end of strip buffer in
readSeparateStripsIntoBuffer() to avoid read outside of heap allocated
buffer,
- fix integer division by zero when BitsPerSample is missing
(closes: #846838),
- fix null pointer dereference in -r mode when the image has no
StripByteCount tag,
- avoid potential division by zero if BitsPerSamples tag is missing,
- limit the return number of inks to SamplesPerPixel in
TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) , so that code that parses ink
names doesn't go past the end of the buffer,
- avoid another potential division by zero if BitsPerSamples tag is
missing,
- fix uint32 underflow/overflow that can cause heap-based buffer overflow,
- replace assert( (bps % 8) == 0 ) by a non assert check.
* Remove thumbnail and rgb2ycbcr documentations, these tools no longer
present.
-- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 04 Dec 2016 12:24:44 +0000
Upload details
- Uploaded by:
- Laszlo Boszormenyi
- Uploaded to:
- Sid
- Original maintainer:
- Laszlo Boszormenyi
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| tiff_4.0.7-2.dsc | 2.1 KiB | 45c96169b9d438e37fe6f64ef77e342620330850ab741880dca4af9f69a451cc |
| tiff_4.0.7.orig.tar.gz | 2.0 MiB | 9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019 |
| tiff_4.0.7-2.debian.tar.xz | 22.6 KiB | 496252f073d2382ae47167b3830338353b88115fce87ff07c1bff05040cdb500 |
Available diffs
- diff from 4.0.7-1 to 4.0.7-2 (9.4 KiB)
No changes file available.
Binary packages built by this source
- libtiff-doc: No summary available for libtiff-doc in ubuntu zesty.
No description available for libtiff-doc in ubuntu zesty.
- libtiff-opengl: No summary available for libtiff-opengl in ubuntu zesty.
No description available for libtiff-opengl in ubuntu zesty.
- libtiff-opengl-dbgsym: No summary available for libtiff-opengl-dbgsym in ubuntu zesty.
No description available for libtiff-
opengl- dbgsym in ubuntu zesty.
- libtiff-tools: No summary available for libtiff-tools in ubuntu zesty.
No description available for libtiff-tools in ubuntu zesty.
- libtiff-tools-dbgsym: No summary available for libtiff-tools-dbgsym in ubuntu zesty.
No description available for libtiff-
tools-dbgsym in ubuntu zesty.
- libtiff5: No summary available for libtiff5 in ubuntu zesty.
No description available for libtiff5 in ubuntu zesty.
- libtiff5-dbgsym: No summary available for libtiff5-dbgsym in ubuntu zesty.
No description available for libtiff5-dbgsym in ubuntu zesty.
- libtiff5-dev: No summary available for libtiff5-dev in ubuntu zesty.
No description available for libtiff5-dev in ubuntu zesty.
- libtiffxx5: No summary available for libtiffxx5 in ubuntu zesty.
No description available for libtiffxx5 in ubuntu zesty.
- libtiffxx5-dbgsym: No summary available for libtiffxx5-dbgsym in ubuntu zesty.
No description available for libtiffxx5-dbgsym in ubuntu zesty.
