-
tiff (4.0.3-10ubuntu0.2) utopic-security; urgency=medium
* SECURITY REGRESSION: regression when saving TIFF files with compression
predictor (LP: #1439186)
- debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
fix is available.
-- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:05:44 -0400
-
tiff (4.0.3-10ubuntu0.1) utopic-security; urgency=medium
* SECURITY UPDATE: Fix multiple security issues
- debian/patches/CVE-2014-81xx-1.patch to CVE-2014-81xx-11.patch
- debian/patches/CVE-2014-8128-5.patch
- debian/patches/CVE-2014-9655-1.patch to CVE-2014-9655-3.patch
- debian/patches/read_overrun.patch
- debian/patches/estimatestripbytecounts_return_code.patch
- debian/patches/CVE-2014-8130.patch
- CVE-2014-8127 (partially)
- CVE-2014-8128
- CVE-2014-8129
- CVE-2014-8130
- CVE-2014-9330
- CVE-2014-9655
-- Marc Deslauriers <email address hidden> Fri, 27 Mar 2015 11:44:29 -0400
-
tiff (4.0.3-10build1) utopic; urgency=medium
* No-change rebuild to get debug symbols on all architectures.
-- Brian Murray <email address hidden> Tue, 21 Oct 2014 13:48:40 -0700
-
tiff (4.0.3-10) unstable; urgency=medium
* Remove libtiff4-dev, completing the tiff transition. Packages that
still declare build dependencies on libtiff4-dev must now build depend
on libtiff-dev instead, or if a versioned dependency is required,
libtiff5-dev with a specific version.
-- Jay Berkenbilt <email address hidden> Sun, 29 Jun 2014 17:32:18 -0400
-
tiff (4.0.3-9) unstable; urgency=medium
* Fix for CVE-2013-4243 (validation for gif2tiff) from Red Hat. (Closes:
#742917)
-- Jay Berkenbilt <email address hidden> Sat, 21 Jun 2014 18:12:40 -0400
-
tiff (4.0.3-8ubuntu1) utopic; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution in
gif2tiff tool
- debian/patches/CVE-2013-4243.patch: check width and height in
tools/gif2tiff.c.
- CVE-2013-4243
-- Marc Deslauriers <email address hidden> Mon, 05 May 2014 15:02:45 -0400
-
tiff (4.0.3-8) unstable; urgency=medium
* Remove libtiff5-alt-dev transitional package now that no one is
build-depending on it anymore.
-- Jay Berkenbilt <email address hidden> Sat, 01 Mar 2014 09:36:51 -0500
-
tiff (4.0.3-7) unstable; urgency=medium
* Use dh-autoreconf to support new architectures in Ubuntu.
-- Jay Berkenbilt <email address hidden> Mon, 23 Dec 2013 09:58:47 -0500