Branches for Breezy

Author: Adam Conrad
Revision Date: 2005-08-19 02:36:53 UTC

Update build-depends for the xorg -> mesa transition.

Author: Martin Pitt
Revision Date: 2006-08-02 11:32:09 UTC

* SECURITY UPDATE: Arbitrary code execution with crafted TIFF files, found
  by Tavis Ormandy of the Google Security Team.
* Add debian/patches/CVE-2006-3459-3465.patch:
  - CVE-2006-3459: a stack buffer overflow via TIFFFetchShortPair() in
    tif_dirread.c
  - CVE-2006-3460: A heap overflow vulnerability was discovered in the
    jpeg decoder
  - CVE-2006-3461: A heap overflow exists in the PixarLog decoder
  - CVE-2006-3462: The NeXT RLE decoder was also vulnerable to a heap
    overflow
  - CVE-2006-3463: An infinite loop was discovered in
    EstimateStripByteCounts()
  - CVE-2006-3464: Multiple unchecked arithmetic operations were
    uncovered, including a number of the range checking operations
    deisgned to ensure the offsets specified in tiff directories are
    legitimate.
  - A number of codepaths were uncovered where assertions did not hold
    true, resulting in the client application calling abort()
  - CVE-2006-3465: A flaw was also uncovered in libtiffs custom tag
    support