* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
due to type-conversion flaw (LP: #1016324)
- debian/patches/CVE-2012-2088.patch: check for overflows in
libtiff/tif_strip.c and libtiff/tif_tile.c.
- CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
overflows in tiff2pdf (LP: #1016324)
- debian/patches/CVE-2012-2113.patch: check for overflows in
tools/tiff2pdf.c.
- CVE-2012-2113
-- Marc Deslauriers <email address hidden> Thu, 05 Jul 2012 09:13:37 -0400
This bug was fixed in the package tiff - 3.9.5-2ubuntu2
---------------
tiff (3.9.5-2ubuntu2) quantal; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow patches/ CVE-2012- 2088.patch: check for overflows in tif_strip. c and libtiff/tif_tile.c. patches/ CVE-2012- 2113.patch: check for overflows in tiff2pdf. c.
due to type-conversion flaw (LP: #1016324)
- debian/
libtiff/
- CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
overflows in tiff2pdf (LP: #1016324)
- debian/
tools/
- CVE-2012-2113
-- Marc Deslauriers <email address hidden> Thu, 05 Jul 2012 09:13:37 -0400