tiff 4.0.3-7ubuntu0.8 source package in Ubuntu
Changelog
tiff (4.0.3-7ubuntu0.8) trusty-security; urgency=medium * SECURITY UPDATE: DoS in tif_read.c - debian/patches/CVE-2016-10266.patch: fix uint32 overflow in libtiff/tif_read.c, libtiff/tiffiop.h. - CVE-2016-10266 * SECURITY UPDATE: DoS in tif_ojpeg.c - debian/patches/CVE-2016-10267.patch: make OJPEGDecode() early exit in case of failure in libtiff/tif_ojpeg.c. - CVE-2016-10267 * SECURITY UPDATE: DoS in tif_unix.c - debian/patches/CVE-2016-10268.patch: avoid uint32 underflow in cpDecodedStrips in tools/tiffcp.c. - CVE-2016-10268 * SECURITY UPDATE: DoS in tif_unix.c - debian/patches/CVE-2016-10269.patch: fix heap-based buffer overflow in libtiff/tif_luv.c, libtiff/tif_pixarlog.c. - CVE-2016-10269 * SECURITY UPDATE: DoS in TIFFWriteDirectoryTagCheckedRational - debian/patches/CVE-2016-10371.patch: replace assertion by runtime check in libtiff/tif_dirwrite.c, tools/tiffcrop.c. - CVE-2016-10371 * SECURITY UPDATE: DoS in putagreytile function - debian/patches/CVE-2017-7592.patch: add explicit uint32 cast in libtiff/tif_getimage.c. - CVE-2017-7592 * SECURITY UPDATE: information disclosure in tif_read.c - debian/patches/CVE-2017-7593.patch: use _TIFFcalloc() to zero in libtiff/tif_read.c, libtiff/tif_unix.c, libtiff/tif_vms.c, libtiff/tif_win32.c, libtiff/tiffio.h. - CVE-2017-7593 * SECURITY UPDATE: DoS in OJPEGReadHeaderInfoSecTablesDcTable - debian/patches/CVE-2017-7594-1.patch: fix leak in libtiff/tif_ojpeg.c. - debian/patches/CVE-2017-7594-2.patch: fix another leak in libtiff/tif_ojpeg.c. - CVE-2017-7594 * SECURITY UPDATE: DoS in JPEGSetupEncode - debian/patches/CVE-2017-7595.patch: avoid integer division by zero in libtiff/tif_jpeg.c. - CVE-2017-7595 * SECURITY UPDATE: DoS via undefined behaviour - debian/patches/CVE-2017-7596_7597_7599_7600.patch: avoir undefined behaviour in libtiff/tif_dir.c, libtiff/tif_dirread.c, libtiff/tif_dirwrite.c. - CVE-2017-7596 - CVE-2017-7597 - CVE-2017-7599 - CVE-2017-7600 * SECURITY UPDATE: DoS via divide-by-zero - debian/patches/CVE-2017-7598.patch: avoid division by floating point 0 in libtiff/tif_dirread.c. - CVE-2017-7598 * SECURITY UPDATE: DoS via undefined behaviour - debian/patches/CVE-2017-7601.patch: validate BitsPerSample in libtiff/tif_jpeg.c. - CVE-2017-7601 * SECURITY UPDATE: signed integer overflow - debian/patches/CVE-2017-7602.patch: avoid potential undefined behaviour in libtiff/tif_read.c. - CVE-2017-7602 * SECURITY UPDATE: DoS via memory leak - debian/patches/CVE-2017-9403_9815.patch: fix memory leak in libtiff/tif_dirread.c, tools/tiff2ps.c. - CVE-2017-9403 - CVE-2017-9815 * SECURITY UPDATE: DoS via memory leak - debian/patches/CVE-2017-9404.patch: fix potential memory leak in libtiff/tif_ojpeg.c. - CVE-2017-9404 * SECURITY UPDATE: DoS via memory leak - debian/patches/CVE-2017-9936.patch: fix memory leak in libtiff/tif_jbig.c. - CVE-2017-9936 * SECURITY UPDATE: DoS via assertion - debian/patches/CVE-2017-10688.patch: replace assertion in libtiff/tif_dirwrite.c. - CVE-2017-10688 * SECURITY UPDATE: heap overflow in tiff2pdf.c - debian/patches/CVE-2017-11335.patch: prevent heap buffer overflow write in tools/tiff2pdf.c. - CVE-2017-11335 * SECURITY UPDATE: DoS in TIFFReadDirEntryArray - debian/patches/CVE-2017-12944.patch: add protection against excessive memory allocation attempts in libtiff/tif_dirread.c. - CVE-2017-12944 * SECURITY UPDATE: DoS via assertion - debian/patches/CVE-2017-13726.patch: replace assertion in libtiff/tif_dirwrite.c. - CVE-2017-13726 * SECURITY UPDATE: DoS via assertion - debian/patches/CVE-2017-13727.patch: replace assertion in libtiff/tif_dirwrite.c. - CVE-2017-13727 * SECURITY UPDATE: null pointer dereference - debian/patches/CVE-2017-18013.patch: fix null pointer dereference in libtiff/tif_print.c. - CVE-2017-18013 * SECURITY UPDATE: DoS via resource consumption - debian/patches/CVE-2018-5784.patch: fix infinite loop in contrib/addtiffo/tif_overview.c, tools/tiff2pdf.c, tools/tiffcrop.c. - CVE-2018-5784 -- Marc Deslauriers <email address hidden> Tue, 20 Mar 2018 09:12:24 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
tiff_4.0.3.orig.tar.gz | 2.0 MiB | ea1aebe282319537fb2d4d7805f478dd4e0e05c33d0928baba76a7c963684872 |
tiff_4.0.3-7ubuntu0.8.debian.tar.gz | 78.3 KiB | 1c8afea960a565be03855618e88a157da106c41f5450bb1ecb024bec30cb20c1 |
tiff_4.0.3-7ubuntu0.8.dsc | 2.2 KiB | 5a8b0f7b30cde1b9ab581db48f70bd60d65a7c935cd486bfe2e3ed28ff06ebf1 |
Available diffs
Binary packages built by this source
- libtiff-doc: TIFF manipulation and conversion documentation
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
contains documentation.
- libtiff-opengl: TIFF manipulation and conversion tools
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
contains libtiff tools that depend upon opengl. It complements the
libtiff-tools package, which contains the libtiff tools that don't
depend upon opengl.
- libtiff-opengl-dbgsym: debug symbols for package libtiff-opengl
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
contains libtiff tools that depend upon opengl. It complements the
libtiff-tools package, which contains the libtiff tools that don't
depend upon opengl.
- libtiff-tools: TIFF manipulation and conversion tools
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes tools for converting TIFF images to and from other formats
and tools for doing simple manipulations of TIFF images. See also
libtiff-opengl.
- libtiff-tools-dbgsym: debug symbols for package libtiff-tools
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes tools for converting TIFF images to and from other formats
and tools for doing simple manipulations of TIFF images. See also
libtiff-opengl.
- libtiff4-dev: Tag Image File Format library (TIFF), transitional package
This is a transitional package that can be safely removed. Build
dependencies on libtiff4-dev should be replaced with build
dependencies on libtiff-dev.
- libtiff5: Tag Image File Format (TIFF) library
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the shared library.
- libtiff5-alt-dev: Tag Image File Format library (TIFF), transitional package
This is a transitional package that can be safely removed. Build
dependencies on libtiff5-alt-dev should be replaced with build
dependencies on libtiff-dev.
- libtiff5-dbgsym: debug symbols for package libtiff5
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the shared library.
- libtiff5-dev: Tag Image File Format library (TIFF), development files
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the development files, static library, and header files.
- libtiffxx5: Tag Image File Format (TIFF) library -- C++ interface
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the shared library for the experimental C++ interfaces.
- libtiffxx5-dbgsym: debug symbols for package libtiffxx5
libtiff is a library providing support for the Tag Image File Format
(TIFF), a widely used format for storing image data. This package
includes the shared library for the experimental C++ interfaces.