tiff 4.0.7-2 source package in Ubuntu

Changelog

tiff (4.0.7-2) unstable; urgency=high

  * Backport security fixes:
    - fix uint32 overflow in TIFFReadEncodedStrip() that caused an integer
      division by zero,
    - avoid uint32 underflow in cpDecodedStrips that can cause various
      issues, such as buffer overflows in the library,
    - fix heap-based buffer overflow on generation of PixarLog / LUV
      compressed files, with ColorMap, TransferFunction attached and nasty
      plays with bitspersample,
    - fix ChopUpSingleUncompressedStrip() in reading outside of the
      StripByCounts/StripOffsets arrays when using TIFFReadScanline()
      (closes: #846837),
    - make OJPEGDecode() early exit in case of failure in OJPEGPreDecode() to
      avoid a divide by zero, and potential other issues,
    - fix readContigStripsIntoBuffer() in -i (ignore) mode so that the
      output buffer is correctly incremented to avoid write outside bounds,
    - add 3 extra bytes at end of strip buffer in
      readSeparateStripsIntoBuffer() to avoid read outside of heap allocated
      buffer,
    - fix integer division by zero when BitsPerSample is missing
      (closes: #846838),
    - fix null pointer dereference in -r mode when the image has no
      StripByteCount tag,
    - avoid potential division by zero if BitsPerSamples tag is missing,
    - limit the return number of inks to SamplesPerPixel in
      TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) , so that code that parses ink
      names doesn't go past the end of the buffer,
    - avoid another potential division by zero if BitsPerSamples tag is
      missing,
    - fix uint32 underflow/overflow that can cause heap-based buffer overflow,
    - replace assert( (bps % 8) == 0 ) by a non assert check.
  * Remove thumbnail and rgb2ycbcr documentations, these tools no longer
    present.

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Sun, 04 Dec 2016 12:24:44 +0000

Upload details

Uploaded by:
Laszlo Boszormenyi
Uploaded to:
Sid
Original maintainer:
Laszlo Boszormenyi
Architectures:
any all
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
tiff_4.0.7-2.dsc 2.1 KiB 45c96169b9d438e37fe6f64ef77e342620330850ab741880dca4af9f69a451cc
tiff_4.0.7.orig.tar.gz 2.0 MiB 9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019
tiff_4.0.7-2.debian.tar.xz 22.6 KiB 496252f073d2382ae47167b3830338353b88115fce87ff07c1bff05040cdb500

Available diffs

No changes file available.

Binary packages built by this source

libtiff-doc: No summary available for libtiff-doc in ubuntu zesty.

No description available for libtiff-doc in ubuntu zesty.

libtiff-opengl: No summary available for libtiff-opengl in ubuntu zesty.

No description available for libtiff-opengl in ubuntu zesty.

libtiff-opengl-dbgsym: No summary available for libtiff-opengl-dbgsym in ubuntu zesty.

No description available for libtiff-opengl-dbgsym in ubuntu zesty.

libtiff-tools: No summary available for libtiff-tools in ubuntu zesty.

No description available for libtiff-tools in ubuntu zesty.

libtiff-tools-dbgsym: No summary available for libtiff-tools-dbgsym in ubuntu zesty.

No description available for libtiff-tools-dbgsym in ubuntu zesty.

libtiff5: No summary available for libtiff5 in ubuntu zesty.

No description available for libtiff5 in ubuntu zesty.

libtiff5-dbgsym: No summary available for libtiff5-dbgsym in ubuntu zesty.

No description available for libtiff5-dbgsym in ubuntu zesty.

libtiff5-dev: No summary available for libtiff5-dev in ubuntu zesty.

No description available for libtiff5-dev in ubuntu zesty.

libtiffxx5: No summary available for libtiffxx5 in ubuntu zesty.

No description available for libtiffxx5 in ubuntu zesty.

libtiffxx5-dbgsym: No summary available for libtiffxx5-dbgsym in ubuntu zesty.

No description available for libtiffxx5-dbgsym in ubuntu zesty.