-
tiff (3.9.5-2ubuntu1.12) precise-security; urgency=medium
* SECURITY UPDATE: heap over-read in TIFFWriteScanline
- debian/patches/CVE-2018-10779.patch: fix overflow in
libtiff/tif_write.c.
- CVE-2018-10779
* SECURITY UPDATE: heap over-read in cpSeparateBufToContigBuf
- debian/patches/CVE-2018-12900-1.patch: check for overflow in
tools/tiffcp.c.
- debian/patches/CVE-2018-12900-2.patch: use INT_MAX in tools/tiffcp.c.
- CVE-2018-12900
- CVE-2019-7663
* SECURITY UPDATE: memory leak in TIFFFdOpen
- debian/patches/CVE-2019-6128.patch: properly handle errors in
tools/pal2rgb.c.
- CVE-2019-6128
* SECURITY UPDATE: multiple overflows
- debian/patches/CVE-2018-1710x-*.patch: Avoid overflows in
tools/pal2rgb.c, tools/tiff2bw.c, tools/ppm2tiff.c.
- CVE-2018-17100
- CVE-2018-17101
* SECURITY UPDATE: JBIGDecode out-of-bounds write
- debian/patches/CVE-2018-18557.patch: fix issue in libtiff/tif_jbig.c.
- CVE-2018-18557
-- <email address hidden> (Leonidas S. Barbosa) Thu, 14 Mar 2019 09:56:07 -0300
-
tiff (3.9.5-2ubuntu1.9) precise-security; urgency=medium
* SECURITY UPDATE: out-of-bounds reads in TIFFRGBAImage
- debian/patches/CVE-2015-8665-8683.patch: fix out-of-bounds reads in
libtiff/tif_getimage.c.
- CVE-2015-8665
- CVE-2015-8683
* SECURITY UPDATE: out-of-bounds writes in decode function
- debian/patches/CVE-2015-8781-8782-8783.patch: fix out-of-bounds
writes and an out-of-bounds read in libtiff/tif_luv.c.
- CVE-2015-8781
- CVE-2015-8782
- CVE-2015-8783
* SECURITY UPDATE: out-of-bounds write in NeXTDecode()
- debian/patches/CVE-2015-8784.patch: fix out-of-bounds write in
libtiff/tif_next.c.
- CVE-2015-8784
-- Marc Deslauriers <email address hidden> Wed, 23 Mar 2016 10:39:37 -0400
-
tiff (3.9.5-2ubuntu1.8) precise-security; urgency=medium
* SECURITY REGRESSION: regression when saving TIFF files with compression
predictor (LP: #1439186)
- debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
fix is available.
-- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:08:49 -0400
-
tiff (3.9.5-2ubuntu1.7) precise-security; urgency=medium
* SECURITY UPDATE: Fix multiple security issues
- debian/patches/CVE-2014-81xx-1.patch to CVE-2014-81xx-11.patch
- debian/patches/CVE-2014-8128-5.patch
- debian/patches/CVE-2014-9655-1.patch to CVE-2014-9655-3.patch
- debian/patches/read_overrun.patch
- debian/patches/CVE-2014-8130.patch
- CVE-2014-8127 (partially)
- CVE-2014-8128
- CVE-2014-8129
- CVE-2014-8130
- CVE-2014-9330
- CVE-2014-9655
-- Marc Deslauriers <email address hidden> Mon, 30 Mar 2015 08:11:18 -0400
-
tiff (3.9.5-2ubuntu1.6) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via buffer overflow in gif2tiff
- debian/patches/CVE-2013-4231.patch: validate datasize in
tools/gif2tiff.c.
- CVE-2013-4231
* SECURITY UPDATE: denial of service via use-after-free in tiff2pdf
- debian/patches/CVE-2013-4232.patch: properly exit on error in
tools/tiff2pdf.c.
- CVE-2013-4232
* SECURITY UPDATE: denial of service and possible code execution in
gif2tiff tool
- debian/patches/CVE-2013-4243.patch: check width and height in
tools/gif2tiff.c.
- CVE-2013-4243
* SECURITY UPDATE: denial of service and possible code execution in
gif2tiff tool LZW decompressor
- debian/patches/CVE-2013-4244.patch: validate code size in
tools/gif2tiff.c.
- CVE-2013-4244
-- Marc Deslauriers <email address hidden> Mon, 05 May 2014 15:38:14 -0400
-
tiff (3.9.5-2ubuntu1.5) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via heap
overflow in tp_process_jpeg_strip().
- debian/patches/CVE-2013-1960.patch: improve tp_process_jpeg_strip()
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/CVE-2013-1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither.c.
- CVE-2013-1961
-- Marc Deslauriers <email address hidden> Mon, 13 May 2013 11:02:59 -0400
-
tiff (3.9.5-2ubuntu1.4) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
PAGENUMBER, HALFTONEHINTS, YCBCRSUBSAMPLING, and DOTRANGE tags.
- debian/patches/CVE-2012-5581.patch: remove special cases of tags,
improve DOTRANGE tag case
- CVE-2012-5581
-- Seth Arnold <email address hidden> Mon, 03 Dec 2012 21:17:32 -0800
-
tiff (3.9.5-2ubuntu1.3) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
PixarLog compression format
- debian/patches/CVE-2012-4447.patch: fix buffer size in
libtiff/tif_pixarlog.c.
- CVE-2012-4447
* SECURITY UPDATE: denial of service and possible code execution via
crafted PPM image
- debian/patches/CVE-2012-4564.patch: check scanline_size in
tools/ppm2tiff.c.
- CVE-2012-4564
-- Marc Deslauriers <email address hidden> Wed, 14 Nov 2012 11:29:16 -0500
-
tiff (3.9.5-2ubuntu1.2) precise-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via heap overflow
in tiff2pdf.
- debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
tools/tiff2pdf.c.
- CVE-2012-3401
-- Marc Deslauriers <email address hidden> Mon, 16 Jul 2012 09:47:09 -0400
-
tiff (3.9.5-2ubuntu1.1) precise-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
due to type-conversion flaw (LP: #1016324)
- debian/patches/CVE-2012-2088.patch: check for overflows in
libtiff/tif_strip.c and libtiff/tif_tile.c.
- CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
overflows in tiff2pdf (LP: #1016324)
- debian/patches/CVE-2012-2113.patch: check for overflows in
tools/tiff2pdf.c.
- CVE-2012-2113
-- Marc Deslauriers <email address hidden> Wed, 04 Jul 2012 10:14:32 -0400
-
tiff (3.9.5-2ubuntu1) precise; urgency=low
* SECURITY UPDATE: arbitrary code execution via size overflow
- debian/patches/CVE-2012-1173.patch: use TIFFSafeMultiply in
libtiff/tif_getimage.c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
- CVE-2012-1173
-- Marc Deslauriers <email address hidden> Mon, 02 Apr 2012 10:27:24 -0400
-
tiff (3.9.5-2) unstable; urgency=low
* Implemented mulitarch and and PIE build for security hardening by
integrating the changes from the Ubuntu tiff packages. Thanks to Marc
Deslauriers and anyone else who did the actual work.
-- Jay Berkenbilt <email address hidden> Sat, 17 Sep 2011 10:15:39 -0400
-
tiff (3.9.5-1ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes:
- Enable multiarch build
- debian/control: update depends for multiarch toolchain
- debian/*.install: update /usr/lib paths
- debian/rules:
- add --libdir to DEB_CONFIGURE_EXTRA_FLAGS
- update library path for .la files
- debian/{control,rules}: enable PIE build for security hardening
* Dropped patches:
- CVE-2010-2482.patch: upstream
- CVE-2010-2595.patch: upstream
- CVE-2010-2597.patch: upstream
- CVE-2010-2630.patch: upstream
- CVE-2011-0192.patch: upstream
- CVE-2011-1167.patch: upstream
- CVE-2009-5022.patch: upstream
tiff (3.9.5-1) unstable; urgency=low
* New upstream release. All security patches are fully incorporated
into this version, as are many other bug fixes.
* Updated standards version to 3.9.2. No changes needed.
tiff (3.9.4-9) unstable; urgency=high
* CVE-2011-1167: correct potential buffer overflow with thunder encoded
files with wrong bitspersample set. (Closes: #619614)
tiff (3.9.4-8) unstable; urgency=low
* Enable PIE (position independent executable) build for security
hardening. Patch from Ubuntu. (Closes: #613759)
tiff (3.9.4-7) unstable; urgency=high
* Incorporate revised fix to CVE-2011-0192.
tiff (3.9.4-6) unstable; urgency=high
* Incorporated fix to CVE-2011-0192, "Buffer overflow in Fax4Decode".
-- Marc Deslauriers <email address hidden> Wed, 25 May 2011 15:10:36 -0400