tiff 3.8.2-6 source package in Ubuntu
Changelog
tiff (3.8.2-6) unstable; urgency=high * Add watch file * Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library. The Common Vulnerabilities and Exposures project identifies the following issues: - CVE-2006-3459: a stack buffer overflow via TIFFFetchShortPair() in tif_dirread.c - CVE-2006-3460: A heap overflow vulnerability was discovered in the jpeg decoder - CVE-2006-3461: A heap overflow exists in the PixarLog decoder - CVE-2006-3462: The NeXT RLE decoder was also vulnerable to a heap overflow - CVE-2006-3463: An infinite loop was discovered in EstimateStripByteCounts() - CVE-2006-3464: Multiple unchecked arithmetic operations were uncovered, including a number of the range checking operations deisgned to ensure the offsets specified in tiff directories are legitimate. - A number of codepaths were uncovered where assertions did not hold true, resulting in the client application calling abort() - CVE-2006-3465: A flaw was also uncovered in libtiffs custom tag support -- Martin Pitt <email address hidden> Tue, 08 Aug 2006 07:42:55 +0100
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Edgy
- Original maintainer:
- Jay Berkenbilt
- Architectures:
- any
- Section:
- libs
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
tiff_3.8.2.orig.tar.gz | 1.3 MiB | 457b6bd9eb00ce506a2b27105f42a9e06c5bb10515be3224716e2cf2612a1426 |
tiff_3.8.2-6.diff.gz | 16.4 KiB | 0ae9979d8a0919f109d9b0bc94d3b4d51405d20a5ba147cb91f66ab3fa076c1d |
tiff_3.8.2-6.dsc | 750 bytes | 180cce11f8a663bfebffdc2338f7a07ad451c97006d3ec9848f728bc0339d14d |
Binary packages built by this source
- libtiff-opengl: No summary available for libtiff-opengl in ubuntu edgy.
No description available for libtiff-opengl in ubuntu edgy.
- libtiff-tools: No summary available for libtiff-tools in ubuntu feisty.
No description available for libtiff-tools in ubuntu feisty.
- libtiff4: No summary available for libtiff4 in ubuntu edgy.
No description available for libtiff4 in ubuntu edgy.
- libtiff4-dev: No summary available for libtiff4-dev in ubuntu feisty.
No description available for libtiff4-dev in ubuntu feisty.
- libtiffxx0c2: No summary available for libtiffxx0c2 in ubuntu gutsy.
No description available for libtiffxx0c2 in ubuntu gutsy.