Ubuntu

“tiff” 3.8.2-5 source package in Ubuntu

Changelog

tiff (3.8.2-5) unstable; urgency=low

  * Fix logic error that caused -q flag to be ignored when doing jpeg
    compression with tiff2pdf.  (Closes: #373102)

tiff (3.8.2-4) unstable; urgency=high

  * SECURITY UPDATE: Arbitrary command execution with crafted TIF files.
    Thanks to Martin Pitt.  (Closes: #371064)
  * Add debian/patches/tiff2pdf-octal-printf.patch:
    - tools/tiff2pdf.c: Fix buffer overflow due to wrong printf for octal
      signed char (it printed a signed integer, which overflew the buffer and
      was wrong anyway).
    - CVE-2006-2193

tiff (3.8.2-3) unstable; urgency=high

  * SECURITY UPDATE: Arbitrary command execution with crafted long file
    names.  Thanks to Martin Pitt for forwarding this.
    Add debian/patches/tiffsplit-fname-overflow.patch:
    - tools/tiffsplit.c: Use snprintf instead of strcpy for copying the
      user-specified file name into a statically sized buffer.
    CVE-2006-2656.  (Closes: #369819)
  * Update standards version to 3.7.2.  No changes required.
  * Moved doc-base information to libtiff4 instead of libtiff4-dev.

tiff (3.8.2-2) unstable; urgency=low

  * Fix build dependencies to get OpenGL utility libraries after new Xorg
    packaging.  (Closes: #365722)
  * Updated standards version to 3.7.0; no changes required to package.

tiff (3.8.2-1) unstable; urgency=low

  * New upstream release

tiff (3.8.0-3) unstable; urgency=low

  * Switched build dependency from xlibmesa-gl-dev to libgl1-mesa-dev
    (incorporating Ubunutu patch)
  * Incorporated patch from upstream to fix handling of RGBA tiffs in
    tiff2pdf.  (Closes: #352849)

tiff (3.8.0-2) unstable; urgency=low

  * Applied fixes from upstream to address a memory access violation
    [CVE-2006-0405].  (Closes: #350715, #351223)

tiff (3.8.0-1) unstable; urgency=low

  * New upstream release.  (Closes: #349921)
  * NOTE: The debian version of 3.8.0 includes a patch to correct a binary
    incompatibility in the original 3.8.0 release.  This libtiff package
    is binary compatible with 3.7.4 and will be binary compatible with the
    upcoming 3.8.1 release.

 -- Martin Pitt <email address hidden>   Sun,  25 Jun 2006 11:59:34 +0100

Upload details

Uploaded by:
Martin Pitt on 2006-06-25
Uploaded to:
Edgy
Original maintainer:
Jay Berkenbilt
Component:
main
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
tiff_3.8.2.orig.tar.gz 1.3 MiB e6ec4ab957ef49d5aabc38b7a376910b
tiff_3.8.2-5.diff.gz 10.1 KiB 8d3d9fffd10bfe3dc1d7828438665b16
tiff_3.8.2-5.dsc 750 bytes 5df1146e0700fc95aef281b2c503b544

Binary packages built by this source

libtiff-opengl: No summary available for libtiff-opengl in ubuntu edgy.

No description available for libtiff-opengl in ubuntu edgy.

libtiff-tools: No summary available for libtiff-tools in ubuntu edgy.

No description available for libtiff-tools in ubuntu edgy.

libtiff4: No summary available for libtiff4 in ubuntu edgy.

No description available for libtiff4 in ubuntu edgy.

libtiff4-dev: No summary available for libtiff4-dev in ubuntu edgy.

No description available for libtiff4-dev in ubuntu edgy.

libtiffxx0c2: No summary available for libtiffxx0c2 in ubuntu edgy.

No description available for libtiffxx0c2 in ubuntu edgy.