Format: 1.8
Date: Tue, 20 Mar 2018 09:12:24 -0400
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc libtiff5-alt-dev libtiff4-dev
Architecture: ppc64el
Version: 4.0.3-7ubuntu0.8
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-007.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff4-dev - Tag Image File Format library (TIFF), transitional package
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-alt-dev - Tag Image File Format library (TIFF), transitional package
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes: 
 tiff (4.0.3-7ubuntu0.8) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: DoS in tif_read.c
     - debian/patches/CVE-2016-10266.patch: fix uint32 overflow in
       libtiff/tif_read.c, libtiff/tiffiop.h.
     - CVE-2016-10266
   * SECURITY UPDATE: DoS in tif_ojpeg.c
     - debian/patches/CVE-2016-10267.patch: make OJPEGDecode() early exit in
       case of failure in libtiff/tif_ojpeg.c.
     - CVE-2016-10267
   * SECURITY UPDATE: DoS in tif_unix.c
     - debian/patches/CVE-2016-10268.patch: avoid uint32 underflow in
       cpDecodedStrips in tools/tiffcp.c.
     - CVE-2016-10268
   * SECURITY UPDATE: DoS in tif_unix.c
     - debian/patches/CVE-2016-10269.patch: fix heap-based buffer overflow
       in libtiff/tif_luv.c, libtiff/tif_pixarlog.c.
     - CVE-2016-10269
   * SECURITY UPDATE: DoS in TIFFWriteDirectoryTagCheckedRational
     - debian/patches/CVE-2016-10371.patch: replace assertion by runtime
       check in libtiff/tif_dirwrite.c, tools/tiffcrop.c.
     - CVE-2016-10371
   * SECURITY UPDATE: DoS in putagreytile function
     - debian/patches/CVE-2017-7592.patch: add explicit uint32 cast in
       libtiff/tif_getimage.c.
     - CVE-2017-7592
   * SECURITY UPDATE: information disclosure in tif_read.c
     - debian/patches/CVE-2017-7593.patch: use _TIFFcalloc() to zero in
       libtiff/tif_read.c, libtiff/tif_unix.c, libtiff/tif_vms.c,
       libtiff/tif_win32.c, libtiff/tiffio.h.
     - CVE-2017-7593
   * SECURITY UPDATE: DoS in OJPEGReadHeaderInfoSecTablesDcTable
     - debian/patches/CVE-2017-7594-1.patch: fix leak in
       libtiff/tif_ojpeg.c.
     - debian/patches/CVE-2017-7594-2.patch: fix another leak in
       libtiff/tif_ojpeg.c.
     - CVE-2017-7594
   * SECURITY UPDATE: DoS in JPEGSetupEncode
     - debian/patches/CVE-2017-7595.patch: avoid integer division by zero in
       libtiff/tif_jpeg.c.
     - CVE-2017-7595
   * SECURITY UPDATE: DoS via undefined behaviour
     - debian/patches/CVE-2017-7596_7597_7599_7600.patch: avoir undefined
       behaviour in libtiff/tif_dir.c, libtiff/tif_dirread.c,
       libtiff/tif_dirwrite.c.
     - CVE-2017-7596
     - CVE-2017-7597
     - CVE-2017-7599
     - CVE-2017-7600
   * SECURITY UPDATE: DoS via divide-by-zero
     - debian/patches/CVE-2017-7598.patch: avoid division by floating point
       0 in libtiff/tif_dirread.c.
     - CVE-2017-7598
   * SECURITY UPDATE: DoS via undefined behaviour
     - debian/patches/CVE-2017-7601.patch: validate BitsPerSample in
       libtiff/tif_jpeg.c.
     - CVE-2017-7601
   * SECURITY UPDATE: signed integer overflow
     - debian/patches/CVE-2017-7602.patch: avoid potential undefined
       behaviour in libtiff/tif_read.c.
     - CVE-2017-7602
   * SECURITY UPDATE: DoS via memory leak
     - debian/patches/CVE-2017-9403_9815.patch: fix memory leak in
       libtiff/tif_dirread.c, tools/tiff2ps.c.
     - CVE-2017-9403
     - CVE-2017-9815
   * SECURITY UPDATE: DoS via memory leak
     - debian/patches/CVE-2017-9404.patch: fix potential memory leak in
       libtiff/tif_ojpeg.c.
     - CVE-2017-9404
   * SECURITY UPDATE: DoS via memory leak
     - debian/patches/CVE-2017-9936.patch: fix memory leak in
       libtiff/tif_jbig.c.
     - CVE-2017-9936
   * SECURITY UPDATE: DoS via assertion
     - debian/patches/CVE-2017-10688.patch: replace assertion in
       libtiff/tif_dirwrite.c.
     - CVE-2017-10688
   * SECURITY UPDATE: heap overflow in tiff2pdf.c
     - debian/patches/CVE-2017-11335.patch: prevent heap buffer overflow
       write in tools/tiff2pdf.c.
     - CVE-2017-11335
   * SECURITY UPDATE: DoS in TIFFReadDirEntryArray
     - debian/patches/CVE-2017-12944.patch: add protection against excessive
       memory allocation attempts in libtiff/tif_dirread.c.
     - CVE-2017-12944
   * SECURITY UPDATE: DoS via assertion
     - debian/patches/CVE-2017-13726.patch: replace assertion in
       libtiff/tif_dirwrite.c.
     - CVE-2017-13726
   * SECURITY UPDATE: DoS via assertion
     - debian/patches/CVE-2017-13727.patch: replace assertion in
       libtiff/tif_dirwrite.c.
     - CVE-2017-13727
   * SECURITY UPDATE: null pointer dereference
     - debian/patches/CVE-2017-18013.patch: fix null pointer dereference in
       libtiff/tif_print.c.
     - CVE-2017-18013
   * SECURITY UPDATE: DoS via resource consumption
     - debian/patches/CVE-2018-5784.patch: fix infinite loop in
       contrib/addtiffo/tif_overview.c, tools/tiff2pdf.c, tools/tiffcrop.c.
     - CVE-2018-5784
Checksums-Sha1: 
 2ac6b5417dd660a4d7dc78b25683f44575dc5fe0 152014 libtiff5_4.0.3-7ubuntu0.8_ppc64el.deb
 c9e8b009533360b4d9d191c6cac6194eea8f77cb 302246 libtiff5-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 3f0ed7bf03b63b9018c179eed65c81f2e0a031a3 5938 libtiffxx5_4.0.3-7ubuntu0.8_ppc64el.deb
 2fcb0781c2ac44b57fedec900459bc91eea383ff 15446 libtiffxx5-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 5b8a7eebcfe51d7e3cacbdeb9960983bed552d09 287554 libtiff5-dev_4.0.3-7ubuntu0.8_ppc64el.deb
 92ebd8aef9077e236d7f146ca20a506990307373 231212 libtiff-tools_4.0.3-7ubuntu0.8_ppc64el.deb
 262723f8bfad99c6cb88de116a90ec92e425fc9d 360186 libtiff-tools-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 98afc9724200c6d13b176a328a8032bdbd7ca923 10878 libtiff-opengl_4.0.3-7ubuntu0.8_ppc64el.deb
 a72440211f84bb797bb2cc9cc4a08e6949410cd8 13222 libtiff-opengl-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 5398f0b04d973403b6d1f501e8d7c7345006478c 2370 libtiff5-alt-dev_4.0.3-7ubuntu0.8_ppc64el.deb
 7179811749b852edc43aedeea606dc3538fa3ef3 2356 libtiff4-dev_4.0.3-7ubuntu0.8_ppc64el.deb
Checksums-Sha256: 
 12d2f37ee995f63cde708936055c304b4a598b0e48c2f58a5af987a5908a580a 152014 libtiff5_4.0.3-7ubuntu0.8_ppc64el.deb
 5335324508ee15218eabb0fd72c9ecd66a3b18d98c943a74fdd42826c765dff9 302246 libtiff5-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 e1c8788c46babb4d60c7f9ae40f03842d5dbf92dd72f0dbcaef129a2db746625 5938 libtiffxx5_4.0.3-7ubuntu0.8_ppc64el.deb
 ad9b4960639d9b33d4ea8287455613ff848867b41f19e1705e385da38ab14e0a 15446 libtiffxx5-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 d2a441afdd67099acfe9d14caae96ef8f030767325b99257443ef565a47fcf06 287554 libtiff5-dev_4.0.3-7ubuntu0.8_ppc64el.deb
 df4e1d610a70e30d75d71a6fc16221b21426654610a76742a8dd076d0490fee1 231212 libtiff-tools_4.0.3-7ubuntu0.8_ppc64el.deb
 be6d42ec5386090b6dcc36a63e1b059eb525b336fcba4c189adaa5dbeb8a82f3 360186 libtiff-tools-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 975123c81d79182b5b12bc52175662efc67af32a777e9781924138b641b36b9c 10878 libtiff-opengl_4.0.3-7ubuntu0.8_ppc64el.deb
 96d1e07725d73c93e2a16df430ab5544afdc267503225fbc528973c90872e724 13222 libtiff-opengl-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 b22049139e7ea0f33ed6d0929022461d12b76d1366b4e9e8c729d61acb6bfd99 2370 libtiff5-alt-dev_4.0.3-7ubuntu0.8_ppc64el.deb
 3fc2c134adc0fe60be5b2a71ba7dd3666a04875e23d86c5cdd02fb56f9fb0578 2356 libtiff4-dev_4.0.3-7ubuntu0.8_ppc64el.deb
Files: 
 fa0dcf3ade0938c4af46f67f1ec887d9 152014 libs optional libtiff5_4.0.3-7ubuntu0.8_ppc64el.deb
 4f9845f1c887de841d6d907b0f8f8964 302246 libs extra libtiff5-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 a10c545ce2eafa315cd7c7ba0dab39cc 5938 libs optional libtiffxx5_4.0.3-7ubuntu0.8_ppc64el.deb
 6434d0680a1c5f2a623b129906e2131a 15446 libs extra libtiffxx5-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 51a26cd95eba4110d5813d36e64cb4dc 287554 libdevel optional libtiff5-dev_4.0.3-7ubuntu0.8_ppc64el.deb
 39479f974e40a839ece4c5ff058deafd 231212 graphics optional libtiff-tools_4.0.3-7ubuntu0.8_ppc64el.deb
 9098a220e6dfe11c2e4d7d8f7d926f5c 360186 graphics extra libtiff-tools-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 199c21221996aa1640fb34b8bc812add 10878 graphics optional libtiff-opengl_4.0.3-7ubuntu0.8_ppc64el.deb
 26e9808a47b547c60e07547960a47010 13222 graphics extra libtiff-opengl-dbgsym_4.0.3-7ubuntu0.8_ppc64el.ddeb
 731a4b7ada3854718b38d119d6a46414 2370 oldlibs extra libtiff5-alt-dev_4.0.3-7ubuntu0.8_ppc64el.deb
 46d934d2e5e6eff8d7e0928dc37876a7 2356 oldlibs extra libtiff4-dev_4.0.3-7ubuntu0.8_ppc64el.deb
Original-Maintainer: Jay Berkenbilt <qjb@debian.org>