lp:ubuntu/trusty-security/tiff
- Get this branch:
- bzr branch lp:ubuntu/trusty-security/tiff
Branch merges
Branch information
Recent revisions
- 36. By Marc Deslauriers
-
* SECURITY REGRESSION: regression when saving TIFF files with compression
predictor (LP: #1439186)
- debian/patches/ CVE-2014- 8128-5. patch: disable until proper upstream
fix is available. - 35. By Marc Deslauriers
-
* SECURITY UPDATE: Fix multiple security issues
- debian/patches/ CVE-2014- 81xx-1. patch to CVE-2014- 81xx-11. patch
- debian/patches/ CVE-2014- 8128-5. patch
- debian/patches/ CVE-2014- 9655-1. patch to CVE-2014- 9655-3. patch
- debian/patches/ read_overrun. patch
- debian/patches/ estimatestripby tecounts_ return_ code.patch
- debian/patches/ CVE-2014- 8130.patch
- CVE-2014-8127 (partially)
- CVE-2014-8128
- CVE-2014-8129
- CVE-2014-8130
- CVE-2014-9330
- CVE-2014-9655 - 34. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution in
gif2tiff tool
- debian/patches/ CVE-2013- 4243.patch: check width and height in
tools/gif2tiff. c.
- CVE-2013-4243 - 33. By Jay Berkenbilt <email address hidden>
-
Use dh-autoreconf to support new architectures in Ubuntu.
- 31. By Jay Berkenbilt <email address hidden>
-
* Update standards to 3.9.5. No changes required.
* libtiff4 -> libtiff5 transition. libtiff5-dev now provides
libtiff-dev. libtiff5-alt-dev and libtiff4-dev are transitional
packages that depend on libtiff5-dev. They will both be removed
before jessie. - 30. By Jackson Doak
-
* Merge from debian. Remaining changes:
- debian/control: Have libtiff5-dev Provide libtiff-dev - 29. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via heap
overflow in tp_process_jpeg_strip( ).
- debian/patches/ CVE-2013- 1960.patch: improve tp_process_ jpeg_strip( )
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/ CVE-2013- 1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/ xtiff.c, libtiff/ tif_codec. c,
libtiff/tif_dirinfo. c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf. c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither. c.
- CVE-2013-1961 - 28. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
crafted PPM image
- debian/patches/ CVE-2012- 4564.patch: check scanline_size in
tools/ppm2tiff. c.
- CVE-2012-4564 - 27. By Sebastien Bacher
-
* Resynchronize on Debian, remaining change
* debian/control: Have libtiff5-dev Provide libtiff-dev
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/utopic/tiff