Publishing details
Changelog
tiff (4.0.3-7ubuntu0.11) trusty-security; urgency=medium
* SECURITY UPDATE: heap over-read in TIFFWriteScanline
- debian/patches/CVE-2018-10779.patch: fix overflow in
libtiff/tif_write.c.
- CVE-2018-10779
* SECURITY UPDATE: heap over-read in cpSeparateBufToContigBuf
- debian/patches/CVE-2018-12900-1.patch: check for overflow in
tools/tiffcp.c.
- debian/patches/CVE-2018-12900-2.patch: use INT_MAX in tools/tiffcp.c.
- CVE-2018-12900
- CVE-2019-7663
* SECURITY UPDATE: NULL pointer dereference in _TIFFmemcmp
- debian/patches/CVE-2018-17000.patch: add NULL check in
libtiff/tif_dirwrite.c.
- CVE-2018-17000
* SECURITY UPDATE: NULL pointer dereference in TIFFWriteDirectorySec
- debian/patches/CVE-2018-19210-1.patch: unset transferfunction field
if necessary in libtiff/tif_dir.c.
- debian/patches/CVE-2018-19210-2.patch: fix warning in
libtiff/tif_dir.c.
- CVE-2018-19210
* SECURITY UPDATE: memory leak in TIFFFdOpen
- debian/patches/CVE-2019-6128.patch: properly handle errors in
tools/pal2rgb.c.
- CVE-2019-6128
-- Marc Deslauriers <email address hidden> Mon, 11 Mar 2019 12:51:58 -0400
Builds
Built packages
-
libtiff-doc
TIFF manipulation and conversion documentation
-
libtiff-opengl
TIFF manipulation and conversion tools
-
libtiff-opengl-dbgsym
debug symbols for package libtiff-opengl
-
libtiff-tools
TIFF manipulation and conversion tools
-
libtiff-tools-dbgsym
debug symbols for package libtiff-tools
-
libtiff4-dev
Tag Image File Format library (TIFF), transitional package
-
libtiff5
Tag Image File Format (TIFF) library
-
libtiff5-alt-dev
Tag Image File Format library (TIFF), transitional package
-
libtiff5-dbgsym
debug symbols for package libtiff5
-
libtiff5-dev
Tag Image File Format library (TIFF), development files
-
libtiffxx5
Tag Image File Format (TIFF) library -- C++ interface
-
libtiffxx5-dbgsym
debug symbols for package libtiffxx5
Package files