tiff 3.6.1-5ubuntu0.5 source package in Ubuntu
Changelog
tiff (3.6.1-5ubuntu0.5) hoary-security; urgency=low
* SECURITY UPDATE: Arbitrary command execution with crafted long file names.
* tools/tiffsplit.c: Use snprintf instead of strcpy for copying the
user-specified file name into a statically sized buffer. [CVE-2006-2656]
* tools/tiff2pdf.c: Fix buffer overflow due to wrong printf for octal
signed char (it printed a signed integer, which overflew the buffer and
was wrong anyway).
-- Martin Pitt <email address hidden> Fri, 2 Jun 2006 16:24:59 +0000
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Hoary
- Original maintainer:
- Jay Berkenbilt
- Architectures:
- any
- Section:
- libs
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| tiff_3.6.1.orig.tar.gz | 828.9 KiB | ee7deab7d26c22d31e6f5eca8ce14db7f186989818d23d5d648829dfda634957 |
| tiff_3.6.1-5ubuntu0.5.diff.gz | 25.7 KiB | ef0496bf02b1a1a4a16afb4e818e124367d0be158d2e5f97934b60cb8f7734b9 |
| tiff_3.6.1-5ubuntu0.5.dsc | 681 bytes | 7f0623e5873b66c069d33c3fa9d639b213d78e0b8f2eecc275446d9417f52adb |
Binary packages built by this source
- libtiff-tools: No summary available for libtiff-tools in ubuntu hoary.
No description available for libtiff-tools in ubuntu hoary.
- libtiff4: No summary available for libtiff4 in ubuntu hoary.
No description available for libtiff4 in ubuntu hoary.
- libtiff4-dev: No summary available for libtiff4-dev in ubuntu hoary.
No description available for libtiff4-dev in ubuntu hoary.
