lp:ubuntu/lucid-security/tiff

Created by James Westby on 2010-06-21 and last modified on 2015-04-01
Get this branch:
bzr branch lp:ubuntu/lucid-security/tiff
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

23. By Marc Deslauriers on 2015-04-01

* SECURITY REGRESSION: regression when saving TIFF files with compression
  predictor (LP: #1439186)
  - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
    fix is available.

22. By Marc Deslauriers on 2015-03-30

* SECURITY UPDATE: Fix multiple security issues
  - debian/patches/CVE-2014-81xx-1.patch to CVE-2014-81xx-11.patch
  - debian/patches/CVE-2014-8128-5.patch
  - debian/patches/CVE-2014-9655-1.patch to CVE-2014-9655-3.patch
  - debian/patches/read_overrun.patch
  - debian/patches/CVE-2014-8130.patch
  - CVE-2014-8127 (partially)
  - CVE-2014-8128
  - CVE-2014-8129
  - CVE-2014-8130
  - CVE-2014-9330
  - CVE-2014-9655

21. By Marc Deslauriers on 2014-05-05

* SECURITY UPDATE: denial of service via buffer overflow in gif2tiff
  - debian/patches/CVE-2013-4231.patch: validate datasize in
    tools/gif2tiff.c.
  - CVE-2013-4231
* SECURITY UPDATE: denial of service via use-after-free in tiff2pdf
  - debian/patches/CVE-2013-4232.patch: properly exit on error in
    tools/tiff2pdf.c.
  - CVE-2013-4232
* SECURITY UPDATE: denial of service and possible code execution in
  gif2tiff tool
  - debian/patches/CVE-2013-4243.patch: check width and height in
    tools/gif2tiff.c.
  - CVE-2013-4243
* SECURITY UPDATE: denial of service and possible code execution in
  gif2tiff tool LZW decompressor
  - debian/patches/CVE-2013-4244.patch: validate code size in
    tools/gif2tiff.c.
  - CVE-2013-4244

20. By Marc Deslauriers on 2013-05-13

* SECURITY UPDATE: denial of service and possible code execution via heap
  overflow in tp_process_jpeg_strip().
  - debian/patches/CVE-2013-1960.patch: improve tp_process_jpeg_strip()
    logic in tools/tiff2pdf.c.
  - CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
  image-length and resolution.
  - debian/patches/CVE-2013-1961.patch: replace use of sprintf() with
    snprintf() in contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
    libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
    tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
    tools/tiffdither.c.
  - CVE-2013-1961

19. By Seth Arnold on 2012-12-03

* SECURITY UPDATE: denial of service and possible code execution via
  PAGENUMBER, HALFTONEHINTS, YCBCRSUBSAMPLING, and DOTRANGE tags.
  - debian/patches/CVE-2012-5581.patch: remove special cases of tags,
    improve DOTRANGE tag case
  - CVE-2012-5581

18. By Marc Deslauriers on 2012-11-14

* SECURITY UPDATE: denial of service and possible code execution via
  PixarLog compression format
  - debian/patches/CVE-2012-4447.patch: fix buffer size in
    libtiff/tif_pixarlog.c.
  - CVE-2012-4447
* SECURITY UPDATE: denial of service and possible code execution via
  crafted PPM image
  - debian/patches/CVE-2012-4564.patch: check scanline_size in
    tools/ppm2tiff.c.
  - CVE-2012-4564

17. By Marc Deslauriers on 2012-07-16

* SECURITY UPDATE: possible arbitrary code execution via heap overflow
  in tiff2pdf.
  - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
    tools/tiff2pdf.c.
  - CVE-2012-3401

16. By Marc Deslauriers on 2012-07-04

* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
  due to type-conversion flaw (LP: #1016324)
  - debian/patches/CVE-2012-2088.patch: check for overflows in
    libtiff/tif_strip.c and libtiff/tif_tile.c.
  - CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
  overflows in tiff2pdf (LP: #1016324)
  - debian/patches/CVE-2012-2113.patch: check for overflows in
    tools/tiff2pdf.c.
  - CVE-2012-2113

15. By Marc Deslauriers on 2012-04-02

* SECURITY UPDATE: denial of service and possible code execution via
  tiffdump
  - debian/patches/CVE-2010-4665.patch: prevent integer overflow in
    tools/tiffdump.c.
  - CVE-2010-4665
* SECURITY UPDATE: arbitrary code execution via size overflow
  - debian/patches/CVE-2012-1173.patch: use TIFFSafeMultiply in
    libtiff/tif_getimage.c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
  - CVE-2012-1173
* debian/patches/CVE-2010-1411.patch: updated to use actual upstream fix
  and to get TIFFSafeMultiply macro.

14. By Marc Deslauriers on 2011-04-20

* SECURITY UPDATE: arbitrary code execution via malformed JPEG
  - debian/patches/CVE-2009-5022.patch: check width in
    libtiff/tif_ojpeg.c.
  - CVE-2009-5022

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/maverick/tiff
This branch contains Public information 
Everyone can see this information.

Subscribers