Publishing details

Changelog

tiff (4.0.6-2) unstable; urgency=high

  * Backport fix for the following vulnerabilities:
    - CVE-2016-5314, PixarLogDecode() heap-based buffer overflow
      (closes: #830700),
    - CVE-2016-5316, PixarLogCleanup() Segmentation fault,
    - CVE-2016-5320, rgb2ycbcr: command excution,
    - CVE-2016-5875, heap-based buffer overflow when using the PixarLog
      compression format,
    - CVE-2016-6223, information leak in libtiff/tif_read.c ,
    - CVE-2016-5321, DumpModeDecode(): Ddos,
    - CVE-2016-5323, tiffcrop _TIFFFax3fillruns(): NULL pointer dereference.
  * Be primary maintainer and keep Ondřej as uploader.
  * Update Standards-Version to 3.9.8 .

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Sat, 16 Jul 2016 11:45:21 +0000

Available diffs

Builds

Package files