lp:ubuntu/jaunty-security/tiff

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/jaunty-security/tiff
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

7. By Kees Cook

* SECURITY UPDATE: arbitrary code execution and crashes via multiple
  integer overflows. Backported upstream fixes:
  - debian/patches/CVE-2010-1411.patch
  - debian/patches/fix-unknown-tags.patch

6. By Marc Deslauriers

* SECURITY UPDATE: arbitrary code execution via integer overflows in
  tiff2rgba and rgb2ycbcr
  - debian/patches/CVE-2009-2347.patch: check for integer overflows in
    tools/rgb2ycbcr.c and tools/tiff2rgba.c.
  - CVE-2009-2347

5. By Marc Deslauriers

* SECURITY UPDATE: denial of service via buffer underflow in the
  LZWDecodeCompat function (LP: #380149)
  - debian/patches/CVE-2009-2285.patch: abort if code is bigger than
    CODE_CLEAR in libtiff/tif_lzw.c.
  - CVE-2009-2285

4. By Jay Berkenbilt <email address hidden>

* Apply security patches (CVE-2008-2327)
* Convert patch system to quilt
* Create README.source
* Set standards version to 3.8.0

3. By Jay Berkenbilt <email address hidden>

Apply patches from Drew Yao of Apple Product Security to fix
CVE-2008-2327, a potential buffer underflow in the LZW decoder
(tif_lzw.c).

2. By Jay Berkenbilt

* New maintainer (thanks Joy!)
* Applied patch by Dmitry V. Levin to fix a segmentation fault
  [tools/tiffdump.c, CAN-2004-1183]
  Thanks to Martin Schulze for forwarding the patch.
* Fixed section of -dev package (devel -> libdevel)

1. By Fabio Massimo Di Nitto

Import upstream version 3.6.1

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/lucid/tiff
This branch contains Public information 
Everyone can see this information.

Subscribers