lp:ubuntu/trusty-proposed/tiff
- Get this branch:
- bzr branch lp:ubuntu/trusty-proposed/tiff
Branch merges
Branch information
Recent revisions
- 33. By Jay Berkenbilt <email address hidden>
-
Use dh-autoreconf to support new architectures in Ubuntu.
- 31. By Jay Berkenbilt <email address hidden>
-
* Update standards to 3.9.5. No changes required.
* libtiff4 -> libtiff5 transition. libtiff5-dev now provides
libtiff-dev. libtiff5-alt-dev and libtiff4-dev are transitional
packages that depend on libtiff5-dev. They will both be removed
before jessie. - 30. By Jackson Doak
-
* Merge from debian. Remaining changes:
- debian/control: Have libtiff5-dev Provide libtiff-dev - 29. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via heap
overflow in tp_process_jpeg_strip( ).
- debian/patches/ CVE-2013- 1960.patch: improve tp_process_ jpeg_strip( )
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/ CVE-2013- 1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/ xtiff.c, libtiff/ tif_codec. c,
libtiff/tif_dirinfo. c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf. c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither. c.
- CVE-2013-1961 - 28. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
crafted PPM image
- debian/patches/ CVE-2012- 4564.patch: check scanline_size in
tools/ppm2tiff. c.
- CVE-2012-4564 - 27. By Sebastien Bacher
-
* Resynchronize on Debian, remaining change
* debian/control: Have libtiff5-dev Provide libtiff-dev - 25. By Marc Deslauriers
-
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
due to type-conversion flaw (LP: #1016324)
- debian/patches/ CVE-2012- 2088.patch: check for overflows in
libtiff/tif_strip. c and libtiff/tif_tile.c.
- CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
overflows in tiff2pdf (LP: #1016324)
- debian/patches/ CVE-2012- 2113.patch: check for overflows in
tools/tiff2pdf. c.
- CVE-2012-2113 - 24. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via size overflow
- debian/patches/ CVE-2012- 1173.patch: use TIFFSafeMultiply in
libtiff/tif_getimage. c, fix TIFFSafeMultiply in libtiff/tiffiop.h.
- CVE-2012-1173
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/trusty/tiff