tiff3 (3.9.6-9ubuntu1) quantal; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/control:
+ Stop Providing libtiff-dev, which will be provided by tiff now.
This will make libtiff5 the default libtiff.
tiff3 (3.9.6-9) unstable; urgency=high
* Previous change was uploaded with the wrong CVE number. I updated the
last changelog entry. The correct CVE number is CVE-2012-4447.
tiff3 (3.9.6-8) unstable; urgency=high
* Add fix for CVE-2012-4447, a buffer overrun.
tiff3 (3.9.6-7) unstable; urgency=high
* SECURITY UPDATE: possible arbitrary code execution via heap overflow
in tiff2pdf. (Closes: #682195)
- debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
tools/tiff2pdf.c.
- CVE-2012-3401
Changes prepared by Marc Deslauriers for Ubuntu. Thanks!
-- Michael Bienia <email address hidden> Sun, 07 Oct 2012 14:38:31 +0200