tiff 4.0.7-2 source package in Ubuntu
Changelog
tiff (4.0.7-2) unstable; urgency=high * Backport security fixes: - fix uint32 overflow in TIFFReadEncodedStrip() that caused an integer division by zero, - avoid uint32 underflow in cpDecodedStrips that can cause various issues, such as buffer overflows in the library, - fix heap-based buffer overflow on generation of PixarLog / LUV compressed files, with ColorMap, TransferFunction attached and nasty plays with bitspersample, - fix ChopUpSingleUncompressedStrip() in reading outside of the StripByCounts/StripOffsets arrays when using TIFFReadScanline() (closes: #846837), - make OJPEGDecode() early exit in case of failure in OJPEGPreDecode() to avoid a divide by zero, and potential other issues, - fix readContigStripsIntoBuffer() in -i (ignore) mode so that the output buffer is correctly incremented to avoid write outside bounds, - add 3 extra bytes at end of strip buffer in readSeparateStripsIntoBuffer() to avoid read outside of heap allocated buffer, - fix integer division by zero when BitsPerSample is missing (closes: #846838), - fix null pointer dereference in -r mode when the image has no StripByteCount tag, - avoid potential division by zero if BitsPerSamples tag is missing, - limit the return number of inks to SamplesPerPixel in TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) , so that code that parses ink names doesn't go past the end of the buffer, - avoid another potential division by zero if BitsPerSamples tag is missing, - fix uint32 underflow/overflow that can cause heap-based buffer overflow, - replace assert( (bps % 8) == 0 ) by a non assert check. * Remove thumbnail and rgb2ycbcr documentations, these tools no longer present. -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 04 Dec 2016 12:24:44 +0000
Upload details
- Uploaded by:
- Laszlo Boszormenyi
- Uploaded to:
- Sid
- Original maintainer:
- Laszlo Boszormenyi
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
tiff_4.0.7-2.dsc | 2.1 KiB | 45c96169b9d438e37fe6f64ef77e342620330850ab741880dca4af9f69a451cc |
tiff_4.0.7.orig.tar.gz | 2.0 MiB | 9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019 |
tiff_4.0.7-2.debian.tar.xz | 22.6 KiB | 496252f073d2382ae47167b3830338353b88115fce87ff07c1bff05040cdb500 |
Available diffs
- diff from 4.0.7-1 to 4.0.7-2 (9.4 KiB)
No changes file available.
Binary packages built by this source
- libtiff-doc: No summary available for libtiff-doc in ubuntu zesty.
No description available for libtiff-doc in ubuntu zesty.
- libtiff-opengl: No summary available for libtiff-opengl in ubuntu zesty.
No description available for libtiff-opengl in ubuntu zesty.
- libtiff-opengl-dbgsym: No summary available for libtiff-opengl-dbgsym in ubuntu zesty.
No description available for libtiff-
opengl- dbgsym in ubuntu zesty.
- libtiff-tools: No summary available for libtiff-tools in ubuntu zesty.
No description available for libtiff-tools in ubuntu zesty.
- libtiff-tools-dbgsym: No summary available for libtiff-tools-dbgsym in ubuntu zesty.
No description available for libtiff-
tools-dbgsym in ubuntu zesty.
- libtiff5: No summary available for libtiff5 in ubuntu zesty.
No description available for libtiff5 in ubuntu zesty.
- libtiff5-dbgsym: No summary available for libtiff5-dbgsym in ubuntu zesty.
No description available for libtiff5-dbgsym in ubuntu zesty.
- libtiff5-dev: No summary available for libtiff5-dev in ubuntu zesty.
No description available for libtiff5-dev in ubuntu zesty.
- libtiffxx5: No summary available for libtiffxx5 in ubuntu zesty.
No description available for libtiffxx5 in ubuntu zesty.
- libtiffxx5-dbgsym: No summary available for libtiffxx5-dbgsym in ubuntu zesty.
No description available for libtiffxx5-dbgsym in ubuntu zesty.