lp:ubuntu/raring/tiff
- Get this branch:
- bzr branch lp:ubuntu/raring/tiff
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 30. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
crafted PPM image
- debian/patches/ CVE-2012- 4564.patch: check scanline_size in
tools/ppm2tiff. c.
- CVE-2012-4564 - 29. By Sebastien Bacher
-
* Resynchronize on Debian, remaining change
* debian/control: Have libtiff5-dev Provide libtiff-dev - 28. By Marc Deslauriers
-
* SECURITY UPDATE: possible arbitrary code execution via heap overflow
in tiff2pdf.
- debian/patches/ CVE-2012- 3401.patch: properly set t2p->t2p_error in
tools/tiff2pdf. c.
- CVE-2012-3401 - 25. By Marc Deslauriers
-
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
due to type-conversion flaw (LP: #1016324)
- debian/patches/ CVE-2012- 2088.patch: check for overflows in
libtiff/tif_strip. c and libtiff/tif_tile.c.
- CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
overflows in tiff2pdf (LP: #1016324)
- debian/patches/ CVE-2012- 2113.patch: check for overflows in
tools/tiff2pdf. c.
- CVE-2012-2113 - 24. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via size overflow
- debian/patches/ CVE-2012- 1173.patch: use TIFFSafeMultiply in
libtiff/tif_getimage. c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
- CVE-2012-1173 - 23. By Jay Berkenbilt <email address hidden>
-
Implemented mulitarch and and PIE build for security hardening by
integrating the changes from the Ubuntu tiff packages. Thanks to Marc
Deslauriers and anyone else who did the actual work. - 22. By Marc Deslauriers
-
* Merge from debian unstable. Remaining changes:
- Enable multiarch build
- debian/control: update depends for multiarch toolchain
- debian/*.install: update /usr/lib paths
- debian/rules:
- add --libdir to DEB_CONFIGURE_EXTRA_FLAGS
- update library path for .la files
- debian/{control, rules}: enable PIE build for security hardening
* Dropped patches:
- CVE-2010-2482.patch: upstream
- CVE-2010-2595.patch: upstream
- CVE-2010-2597.patch: upstream
- CVE-2010-2630.patch: upstream
- CVE-2011-0192.patch: upstream
- CVE-2011-1167.patch: upstream
- CVE-2009-5022.patch: upstream - 21. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via malformed JPEG
- debian/patches/ CVE-2009- 5022.patch: check width in
libtiff/tif_ojpeg. c.
- CVE-2009-5022
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)