lp:ubuntu/maverick-security/tiff

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/maverick-security/tiff
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

18. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible code execution via
  tiffdump
  - debian/patches/CVE-2010-4665.patch: prevent integer overflow in
    tools/tiffdump.c.
  - CVE-2010-4665
* SECURITY UPDATE: arbitrary code execution via size overflow
  - debian/patches/CVE-2012-1173.patch: use TIFFSafeMultiply in
    libtiff/tif_getimage.c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
  - CVE-2012-1173

17. By Marc Deslauriers

* SECURITY UPDATE: arbitrary code execution via malformed JPEG
  - debian/patches/CVE-2009-5022.patch: check width in
    libtiff/tif_ojpeg.c.
  - CVE-2009-5022

16. By Marc Deslauriers

* SECURITY UPDATE: arbitrary code execution via crafted
  THUNDER_2BITDELTAS data
  - debian/patches/CVE-2011-1167.patch: validate bitspersample and
    make sure npixels is sane in libtiff/tif_thunder.c.
  - CVE-2011-1167

15. By Kees Cook

* debian/patches/CVE-2011-0192.patch: update for regression in
  processing of certain CCITTFAX4 files (LP: #731540).
  - http://bugzilla.maptools.org/show_bug.cgi?id=2297

14. By Marc Deslauriers

* SECURITY UPDATE: denial of service via invalid td_stripbytecount field
  (LP: #597246)
  - debian/patches/CVE-2010-2482.patch: look for missing strip byte
    counts in libtiff/tif_ojpeg.c, tools/tiffsplit.c.
  - CVE-2010-2482
* SECURITY UPDATE: denial of service via invalid combination of
  SamplesPerPixel and Photometric values (LP: #591605)
  - debian/patches/CVE-2010-2483.patch: validate samplesperpixel in
    libtiff/tif_getimage.c.
  - CVE-2010-2483
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
  values
  - debian/patches/CVE-2010-2595.patch: validate values in
    libtiff/tif_color.c.
  - CVE-2010-2595
* SECURITY UPDATE: denial of service via devide-by-zero (LP: #593067)
  - debian/patches/CVE-2010-2597.patch: properly initialize fields in
    libtiff/tif_strip.c.
  - CVE-2010-2597
  - CVE-2010-2598
* SECURITY UPDATE: denial of service via out-of-order tags
  - debian/patches/CVE-2010-2630.patch: correctly handle order in
    libtiff/tif_dirread.c.
  - CVE-2010-2630
* SECURITY UPDATE: denial of service and possible code execution via
  heap corruption in JPEGDecodeRaw
  - debian/patches/CVE-2010-3087.patch: check for overflows in
    libtiff/tif_jpeg.c, libtiff/tif_strip.c.
  - CVE-2010-3087
* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in Fax4Decode
  - debian/patches/CVE-2011-0192.patch: check length in
    libtiff/tif_fax3.h.
  - CVE-2011-0192

13. By Jay Berkenbilt <email address hidden>

Incorporated patch to fix CVE-2010-2233, which fixes a specific
failure of tif_getimage on 64-bit platforms.

12. By Jay Berkenbilt <email address hidden>

New upstream release

11. By Kees Cook

* SECURITY UPDATE: arbitrary code execution via multiple integer
  overflows. Backported upstream fixes:
  - debian/patches/CVE-2010-1411.patch
  - debian/patches/CVE-2010-2065.patch
  - debian/patches/CVE-2010-2067.patch
  - debian/patches/fix-64bit-flip.patch

10. By Jay Berkenbilt <email address hidden>

* Depend on libjpeg-dev instead of libjpeg62-dev. (Closes: #569242)
* Change source format to '3.0 (quilt)'
* Update standards version to 3.8.4. No changes required.

9. By Jay Berkenbilt <email address hidden>

* Include patch from upstream to fix problems with TIFFReadScanline()
  and ycbcr-encoded JPEG images. (Closes: #510792)
* Fix some manual page spelling errors found by lintian.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/natty/tiff
This branch contains Public information 
Everyone can see this information.

Subscribers