tiff 4.1.0+git201212-1 source package in Ubuntu

Changelog

tiff (4.1.0+git201212-1) unstable; urgency=high

  * Git snapshot, fixing the following security issues:
    - TIFFSetupStrips: enforce 2GB limitation of
      Strip/Tile Offsets/ByteCounts arrays,
    - tiff2ps: fix heap buffer read overflow in PSDataColorContig() ,
    - tiff2pdf: palette bound check in t2p_sample_realize_palette() ,
    - tiffcrop: fix asan runtime error caused by integer promotion, 
    - raw2tiff: avoid divide by zero,
    - tif_fax3.c: check buffer overflow in Fax4Decode() ,
    - tif_fax3: better fix for CVE-2011-0192,
    - TIFFReadCustomDirectory(): fix potential heap buffer overflow when
      reading a custom directory, after a regular directory where a codec was
      active,
    - tif_fax3.h: check for buffer overflow in EXPAND2D before "calling"
      CLEANUP_RUNS() ,
    - contrib/win_dib/tiff2dib: fix uninitialized variable: lpBits,
    - Fax3SetupState(): check consistency of rowbytes and rowpixels,
      potential heap overflow in tiff2pdf,
    - tiff2pdf: avoid divide by zero, use-after-free in t2p_writeproc()
      function,
    - tiffcp/tiff2pdf/tiff2ps: enforce maximum malloc size,
    - tif_fax3: more buffer overflow checks in Fax3Decode2D() ,
    - tiffset: check memory allocation, use of allocated memory without null
      pointer check,
    - tiffdump: avoid unaligned memory access,
    - tiff2pdf: normalizePoint() macro to normalize the white point, avoid
      divide by zero,
    - tif_fax3: quit Fax3Decode2D() when a buffer overflow occurs,
    - tiffcrop: enforce memory allocation limit,
    - tiffinfo: fix dump of Tiled images, heap out of bounds read in
      TIFFReadRawData() ,
    - Fax3PreDecode(): reset curruns and refruns state variables,
      heap-buffer-overflow in Fax3Decode2D() ,
    - tif_fax3.h: extra buffer overflow checks, heap-buffer-overflow in
      Fax3Decode2D() ,
    - TIFFStartStrip(): avoid potential crash in WebP codec when using
      scanline access on corrupted files,
    - gtTileContig(): check Tile width for overflow,
    - avoid buffer overflow while writing jpeg end of file marker,
    - tiff2ps.c: fix buffer overread, heap-buffer-overflow in PSDataBW() ,
    - fix potential overflow in gtStripContig() ,
    - more overflow fixes for large width,
    - enforce (configurable) memory limit in tiff2rgba,
    - tiff2pdf: enforce memory limit for tiled pictures,
    - tiffcrop: fix buffer overrun in extractContigSamples24bits() .
  * Build with libdeflate support.
  * Update libtiff5 symbols.
  * Update debhelper level to 13 .
  * Update Standards-Version to 4.5.1 .

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Sun, 13 Dec 2020 07:52:33 +0100