tiff (3.9.5-1ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes:
- Enable multiarch build
- debian/control: update depends for multiarch toolchain
- debian/*.install: update /usr/lib paths
- debian/rules:
- add --libdir to DEB_CONFIGURE_EXTRA_FLAGS
- update library path for .la files
- debian/{control,rules}: enable PIE build for security hardening
* Dropped patches:
- CVE-2010-2482.patch: upstream
- CVE-2010-2595.patch: upstream
- CVE-2010-2597.patch: upstream
- CVE-2010-2630.patch: upstream
- CVE-2011-0192.patch: upstream
- CVE-2011-1167.patch: upstream
- CVE-2009-5022.patch: upstream
tiff (3.9.5-1) unstable; urgency=low
* New upstream release. All security patches are fully incorporated
into this version, as are many other bug fixes.
* Updated standards version to 3.9.2. No changes needed.
tiff (3.9.4-9) unstable; urgency=high
* CVE-2011-1167: correct potential buffer overflow with thunder encoded
files with wrong bitspersample set. (Closes: #619614)
tiff (3.9.4-8) unstable; urgency=low
* Enable PIE (position independent executable) build for security
hardening. Patch from Ubuntu. (Closes: #613759)
tiff (3.9.4-7) unstable; urgency=high
* Incorporate revised fix to CVE-2011-0192.
tiff (3.9.4-6) unstable; urgency=high
* Incorporated fix to CVE-2011-0192, "Buffer overflow in Fax4Decode".
-- Marc Deslauriers <email address hidden> Wed, 25 May 2011 15:10:36 -0400
