lp:~noskcaj/ubuntu/trusty/tiff/tiff
- Get this branch:
- bzr branch lp:~noskcaj/ubuntu/trusty/tiff/tiff
Branch merges
- Marc Deslauriers: Approve
-
Diff: 46531 lines (+4917/-35989)175 files modified.pc/CVE-2012-3401.patch/tools/tiff2pdf.c (+0/-5385)
.pc/CVE-2012-4447.patch/libtiff/tif_pixarlog.c (+0/-1426)
.pc/CVE-2012-4564.patch/tools/ppm2tiff.c (+0/-366)
.pc/CVE-2013-1960.patch/tools/tiff2pdf.c (+0/-5386)
.pc/CVE-2013-1961.patch/contrib/dbs/xtiff/xtiff.c (+0/-1290)
.pc/CVE-2013-1961.patch/libtiff/tif_codec.c (+0/-165)
.pc/CVE-2013-1961.patch/libtiff/tif_dirinfo.c (+0/-907)
.pc/CVE-2013-1961.patch/tools/rgb2ycbcr.c (+0/-390)
.pc/CVE-2013-1961.patch/tools/tiff2bw.c (+0/-471)
.pc/CVE-2013-1961.patch/tools/tiff2pdf.c (+0/-5407)
.pc/CVE-2013-1961.patch/tools/tiff2ps.c (+0/-3073)
.pc/CVE-2013-1961.patch/tools/tiffcrop.c (+0/-9066)
.pc/CVE-2013-1961.patch/tools/tiffdither.c (+0/-333)
.pc/applied-patches (+0/-6)
.pc/opengl.patch/tools/tiffgt.c (+0/-466)
ChangeLog (+82/-0)
HOWTO-RELEASE (+3/-2)
Makefile.am (+1/-1)
Makefile.in (+118/-85)
Makefile.vc (+1/-1)
RELEASE-DATE (+1/-1)
SConstruct (+1/-1)
TODO (+1/-1)
VERSION (+1/-1)
aclocal.m4 (+183/-212)
build/Makefile.in (+81/-64)
config/ltmain.sh (+1/-1)
config/test-driver (+127/-0)
configure (+272/-272)
configure.ac (+11/-7)
configure.com (+13/-1)
contrib/Makefile.in (+81/-64)
contrib/addtiffo/Makefile.am (+1/-1)
contrib/addtiffo/Makefile.in (+61/-15)
contrib/dbs/Makefile.am (+1/-1)
contrib/dbs/Makefile.in (+94/-73)
contrib/dbs/xtiff/Makefile.in (+36/-6)
contrib/dbs/xtiff/xtiff.c (+2/-2)
contrib/iptcutil/Makefile.am (+1/-1)
contrib/iptcutil/Makefile.in (+61/-15)
contrib/mfs/Makefile.in (+36/-6)
contrib/pds/Makefile.in (+36/-6)
contrib/ras/Makefile.in (+36/-6)
contrib/stream/Makefile.in (+36/-6)
contrib/tags/Makefile.in (+36/-6)
contrib/win_dib/Makefile.in (+36/-6)
debian/all-preinst (+2/-3)
debian/changelog (+68/-0)
debian/control (+6/-2)
debian/libtiff5.shlibs (+0/-1)
debian/libtiff5.symbols (+252/-0)
debian/patches/CVE-2012-3401.patch (+0/-16)
debian/patches/CVE-2012-4447.patch (+0/-13)
debian/patches/CVE-2012-4564.patch (+3/-6)
debian/patches/CVE-2013-1960.patch (+5/-10)
debian/patches/CVE-2013-1961.patch (+90/-95)
debian/patches/CVE-2013-4231.patch (+17/-0)
debian/patches/CVE-2013-4232.patch (+18/-0)
debian/patches/CVE-2013-4244.patch (+18/-0)
debian/patches/opengl.patch (+3/-3)
debian/patches/series (+3/-2)
debian/rules (+4/-3)
html/Makefile.in (+85/-66)
html/addingtags.html (+1/-1)
html/bugs.html (+1/-1)
html/contrib.html (+1/-1)
html/document.html (+1/-1)
html/images.html (+1/-1)
html/images/Makefile.in (+39/-7)
html/index.html (+1/-1)
html/internals.html (+1/-1)
html/intro.html (+1/-1)
html/libtiff.html (+1/-1)
html/man/Makefile.am (+7/-0)
html/man/Makefile.in (+46/-7)
html/man/TIFFFieldDataType.3tiff.html (+89/-0)
html/man/TIFFFieldName.3tiff.html (+86/-0)
html/man/TIFFFieldPassCount.3tiff.html (+98/-0)
html/man/TIFFFieldReadCount.3tiff.html (+101/-0)
html/man/TIFFFieldTag.3tiff.html (+88/-0)
html/man/TIFFFieldWriteCount.3tiff.html (+108/-0)
html/man/bmp2tiff.1.html (+121/-0)
html/misc.html (+1/-1)
html/support.html (+1/-1)
html/v3.4beta007.html (+1/-1)
html/v3.4beta016.html (+1/-1)
html/v3.4beta018.html (+1/-1)
html/v3.4beta024.html (+1/-1)
html/v3.4beta028.html (+1/-1)
html/v3.4beta029.html (+1/-1)
html/v3.4beta031.html (+1/-1)
html/v3.4beta032.html (+1/-1)
html/v3.4beta033.html (+1/-1)
html/v3.4beta034.html (+1/-1)
html/v3.4beta035.html (+1/-1)
html/v3.4beta036.html (+1/-1)
html/v3.5.1.html (+1/-1)
html/v3.5.2.html (+1/-1)
html/v3.5.3.html (+1/-1)
html/v3.5.4.html (+1/-1)
html/v3.5.5.html (+1/-1)
html/v3.5.6-beta.html (+1/-1)
html/v3.5.7.html (+1/-1)
html/v3.6.0.html (+1/-1)
html/v3.6.1.html (+1/-1)
html/v3.7.0.html (+1/-1)
html/v3.7.0alpha.html (+1/-1)
html/v3.7.0beta.html (+1/-1)
html/v3.7.0beta2.html (+1/-1)
html/v3.7.1.html (+1/-1)
html/v3.7.2.html (+1/-1)
html/v3.7.3.html (+1/-1)
html/v3.7.4.html (+1/-1)
html/v3.8.0.html (+1/-1)
html/v3.8.1.html (+1/-1)
html/v3.8.2.html (+1/-1)
html/v4.0.2.html (+1/-1)
libtiff/Makefile.in (+88/-31)
libtiff/SConstruct (+1/-1)
libtiff/libtiff.def (+7/-0)
libtiff/tif_codec.c (+1/-2)
libtiff/tif_config.h.in (+5/-3)
libtiff/tif_dirinfo.c (+56/-6)
libtiff/tif_dirread.c (+21/-8)
libtiff/tif_dirwrite.c (+3/-3)
libtiff/tif_fax3.c (+2/-2)
libtiff/tif_jpeg.c (+6/-3)
libtiff/tif_packbits.c (+9/-3)
libtiff/tif_pixarlog.c (+1/-1)
libtiff/tif_print.c (+4/-2)
libtiff/tif_read.c (+3/-3)
libtiff/tif_write.c (+31/-9)
libtiff/tiff.h (+29/-1)
libtiff/tiffio.h (+8/-1)
libtiff/tiffvers.h (+2/-2)
m4/libtool.m4 (+1/-1)
man/Makefile.am (+6/-0)
man/Makefile.in (+68/-14)
man/TIFFFieldDataType.3tiff (+53/-0)
man/TIFFFieldName.3tiff (+52/-0)
man/TIFFFieldPassCount.3tiff (+73/-0)
man/TIFFFieldReadCount.3tiff (+77/-0)
man/TIFFFieldTag.3tiff (+56/-0)
man/TIFFFieldWriteCount.3tiff (+88/-0)
man/libtiff.3tiff (+10/-1)
nmake.opt (+1/-1)
port/Makefile.in (+80/-31)
port/Makefile.vc (+1/-1)
port/dummy.c (+1/-1)
port/lfind.c (+1/-1)
port/strtoul.c (+1/-1)
test/Makefile.am (+2/-2)
test/Makefile.in (+853/-301)
test/ascii_tag.c (+1/-1)
test/check_tag.c (+1/-1)
test/long_tag.c (+1/-1)
test/raw_decode.c (+60/-22)
test/short_tag.c (+1/-1)
test/strip.c (+1/-1)
test/strip_rw.c (+1/-1)
test/test_arrays.c (+1/-1)
test/test_arrays.h (+1/-1)
test/tifftest.h (+1/-1)
tools/Makefile.am (+1/-1)
tools/Makefile.in (+76/-27)
tools/ppm2tiff.c (+2/-11)
tools/rasterfile.h (+1/-1)
tools/rgb2ycbcr.c (+1/-2)
tools/tiff2bw.c (+1/-1)
tools/tiff2pdf.c (+171/-156)
tools/tiff2ps.c (+4/-4)
tools/tiffcrop.c (+5/-5)
tools/tiffdither.c (+1/-1)
tools/tiffgt.c (+0/-1)
tools/tiffset.c (+32/-33)
Branch information
- Owner:
- Jackson Doak
- Status:
- Development
Recent revisions
- 30. By Jackson Doak
-
Merge from debian. Remaining changes: debian/control: Have libtiff5-dev Provide libtiff-dev
- 29. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via heap
overflow in tp_process_jpeg_strip( ).
- debian/patches/ CVE-2013- 1960.patch: improve tp_process_ jpeg_strip( )
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/ CVE-2013- 1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/ xtiff.c, libtiff/ tif_codec. c,
libtiff/tif_dirinfo. c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf. c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither. c.
- CVE-2013-1961 - 28. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
crafted PPM image
- debian/patches/ CVE-2012- 4564.patch: check scanline_size in
tools/ppm2tiff. c.
- CVE-2012-4564 - 27. By Sebastien Bacher
-
* Resynchronize on Debian, remaining change
* debian/control: Have libtiff5-dev Provide libtiff-dev - 25. By Marc Deslauriers
-
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
due to type-conversion flaw (LP: #1016324)
- debian/patches/ CVE-2012- 2088.patch: check for overflows in
libtiff/tif_strip. c and libtiff/tif_tile.c.
- CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
overflows in tiff2pdf (LP: #1016324)
- debian/patches/ CVE-2012- 2113.patch: check for overflows in
tools/tiff2pdf. c.
- CVE-2012-2113 - 24. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via size overflow
- debian/patches/ CVE-2012- 1173.patch: use TIFFSafeMultiply in
libtiff/tif_getimage. c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
- CVE-2012-1173 - 23. By Jay Berkenbilt <email address hidden>
-
Implemented mulitarch and and PIE build for security hardening by
integrating the changes from the Ubuntu tiff packages. Thanks to Marc
Deslauriers and anyone else who did the actual work. - 22. By Marc Deslauriers
-
* Merge from debian unstable. Remaining changes:
- Enable multiarch build
- debian/control: update depends for multiarch toolchain
- debian/*.install: update /usr/lib paths
- debian/rules:
- add --libdir to DEB_CONFIGURE_EXTRA_FLAGS
- update library path for .la files
- debian/{control, rules}: enable PIE build for security hardening
* Dropped patches:
- CVE-2010-2482.patch: upstream
- CVE-2010-2595.patch: upstream
- CVE-2010-2597.patch: upstream
- CVE-2010-2630.patch: upstream
- CVE-2011-0192.patch: upstream
- CVE-2011-1167.patch: upstream
- CVE-2009-5022.patch: upstream - 21. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via malformed JPEG
- debian/patches/ CVE-2009- 5022.patch: check width in
libtiff/tif_ojpeg. c.
- CVE-2009-5022
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/trusty/tiff