Ubuntu
tiff package

tiff 3.8.2-6 source package in Ubuntu

Changelog

tiff (3.8.2-6) unstable; urgency=high

  * Add watch file
  * Tavis Ormandy of the Google Security Team discovered several problems
    in the TIFF library.  The Common Vulnerabilities and Exposures project
    identifies the following issues:
     - CVE-2006-3459: a stack buffer overflow via TIFFFetchShortPair() in
       tif_dirread.c
     - CVE-2006-3460: A heap overflow vulnerability was discovered in the
       jpeg decoder
     - CVE-2006-3461: A heap overflow exists in the PixarLog decoder
     - CVE-2006-3462: The NeXT RLE decoder was also vulnerable to a heap
       overflow
     - CVE-2006-3463: An infinite loop was discovered in
       EstimateStripByteCounts()
     - CVE-2006-3464: Multiple unchecked arithmetic operations were
       uncovered, including a number of the range checking operations
       deisgned to ensure the offsets specified in tiff directories are
       legitimate.
     - A number of codepaths were uncovered where assertions did not hold
       true, resulting in the client application calling abort()
     - CVE-2006-3465: A flaw was also uncovered in libtiffs custom tag
       support

 -- Martin Pitt <email address hidden>   Tue,  08 Aug 2006 07:42:55 +0100

Upload details

Uploaded by:
Martin Pitt
Uploaded to:
Edgy
Original maintainer:
Jay Berkenbilt
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
tiff_3.8.2.orig.tar.gz 1.3 MiB 457b6bd9eb00ce506a2b27105f42a9e06c5bb10515be3224716e2cf2612a1426
tiff_3.8.2-6.diff.gz 16.4 KiB 0ae9979d8a0919f109d9b0bc94d3b4d51405d20a5ba147cb91f66ab3fa076c1d
tiff_3.8.2-6.dsc 750 bytes 180cce11f8a663bfebffdc2338f7a07ad451c97006d3ec9848f728bc0339d14d

View changes file

Binary packages built by this source

libtiff-opengl: No summary available for libtiff-opengl in ubuntu edgy.

No description available for libtiff-opengl in ubuntu edgy.

libtiff-tools: No summary available for libtiff-tools in ubuntu feisty.

No description available for libtiff-tools in ubuntu feisty.

libtiff4: No summary available for libtiff4 in ubuntu edgy.

No description available for libtiff4 in ubuntu edgy.

libtiff4-dev: No summary available for libtiff4-dev in ubuntu feisty.

No description available for libtiff4-dev in ubuntu feisty.

libtiffxx0c2: No summary available for libtiffxx0c2 in ubuntu gutsy.

No description available for libtiffxx0c2 in ubuntu gutsy.