Ubuntu
tiff package

lp:ubuntu/raring/tiff

Raring (13.04)
raring

Created by James Westby on 2012-10-20 and last modified on 2012-11-15

Get this branch:: bzr branch lp:ubuntu/raring/tiff

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

30. By Marc Deslauriers on 2012-11-15: * SECURITY UPDATE: denial of service and possible code execution via
  crafted PPM image
  - debian/patches/CVE-2012-4564.patch: check scanline_size in
    tools/ppm2tiff.c.
  - CVE-2012-4564
29. By Sebastien Bacher on 2012-11-06: * Resynchronize on Debian, remaining change
* debian/control: Have libtiff5-dev Provide libtiff-dev
28. By Marc Deslauriers on 2012-07-19: * SECURITY UPDATE: possible arbitrary code execution via heap overflow
  in tiff2pdf.
  - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
    tools/tiff2pdf.c.
  - CVE-2012-3401
27. By Michael Terry on 2012-07-11: * debian/control:
- Have libtiff5-dev Provide libtiff-dev
26. By Jay Berkenbilt <email address hidden> on 2012-06-24: New upstream release
25. By Marc Deslauriers on 2012-07-05: * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
  due to type-conversion flaw (LP: #1016324)
  - debian/patches/CVE-2012-2088.patch: check for overflows in
    libtiff/tif_strip.c and libtiff/tif_tile.c.
  - CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
  overflows in tiff2pdf (LP: #1016324)
  - debian/patches/CVE-2012-2113.patch: check for overflows in
    tools/tiff2pdf.c.
  - CVE-2012-2113
24. By Marc Deslauriers on 2012-04-02: * SECURITY UPDATE: arbitrary code execution via size overflow
  - debian/patches/CVE-2012-1173.patch: use TIFFSafeMultiply in
    libtiff/tif_getimage.c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
  - CVE-2012-1173
23. By Jay Berkenbilt <email address hidden> on 2011-09-17: Implemented mulitarch and and PIE build for security hardening by
integrating the changes from the Ubuntu tiff packages. Thanks to Marc
Deslauriers and anyone else who did the actual work.
22. By Marc Deslauriers on 2011-05-25: * Merge from debian unstable. Remaining changes:
  - Enable multiarch build
    - debian/control: update depends for multiarch toolchain
    - debian/*.install: update /usr/lib paths
    - debian/rules:
      - add --libdir to DEB_CONFIGURE_EXTRA_FLAGS
      - update library path for .la files
  - debian/{control,rules}: enable PIE build for security hardening
* Dropped patches:
  - CVE-2010-2482.patch: upstream
  - CVE-2010-2595.patch: upstream
  - CVE-2010-2597.patch: upstream
  - CVE-2010-2630.patch: upstream
  - CVE-2011-0192.patch: upstream
  - CVE-2011-1167.patch: upstream
  - CVE-2009-5022.patch: upstream
21. By Marc Deslauriers on 2011-04-20: * SECURITY UPDATE: arbitrary code execution via malformed JPEG
  - debian/patches/CVE-2009-5022.patch: check width in
    libtiff/tif_ojpeg.c.
  - CVE-2009-5022

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntutiff package