tiff 3.7.3-1ubuntu1.5 source package in Ubuntu
Changelog
tiff (3.7.3-1ubuntu1.5) breezy-security; urgency=low * SECURITY UPDATE: Arbitrary code execution with crafted TIFF files, found by Tavis Ormandy of the Google Security Team. * Add debian/patches/CVE-2006-3459-3465.patch: - CVE-2006-3459: a stack buffer overflow via TIFFFetchShortPair() in tif_dirread.c - CVE-2006-3460: A heap overflow vulnerability was discovered in the jpeg decoder - CVE-2006-3461: A heap overflow exists in the PixarLog decoder - CVE-2006-3462: The NeXT RLE decoder was also vulnerable to a heap overflow - CVE-2006-3463: An infinite loop was discovered in EstimateStripByteCounts() - CVE-2006-3464: Multiple unchecked arithmetic operations were uncovered, including a number of the range checking operations deisgned to ensure the offsets specified in tiff directories are legitimate. - A number of codepaths were uncovered where assertions did not hold true, resulting in the client application calling abort() - CVE-2006-3465: A flaw was also uncovered in libtiffs custom tag support -- Martin Pitt <email address hidden> Wed, 2 Aug 2006 11:32:09 +0000
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Breezy
- Original maintainer:
- Jay Berkenbilt
- Architectures:
- any
- Section:
- libs
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
tiff_3.7.3.orig.tar.gz | 1.2 MiB | 9aa62191202e8f94b6c0fbf7051ff815a6c8d300e71af859fb63725d1a8c638c |
tiff_3.7.3-1ubuntu1.5.diff.gz | 17.0 KiB | ae65afaea0a536963061b5fb480315b5b3163846c7b96255dec49e8ed2d4c22a |
tiff_3.7.3-1ubuntu1.5.dsc | 756 bytes | 5385257690a4be1314e003a4a0113e4b37fc519310ef42fddf3d6869d2ab17a0 |
Binary packages built by this source
- libtiff-opengl: No summary available for libtiff-opengl in ubuntu breezy.
No description available for libtiff-opengl in ubuntu breezy.
- libtiff-tools: No summary available for libtiff-tools in ubuntu breezy.
No description available for libtiff-tools in ubuntu breezy.
- libtiff4: No summary available for libtiff4 in ubuntu breezy.
No description available for libtiff4 in ubuntu breezy.
- libtiff4-dev: No summary available for libtiff4-dev in ubuntu breezy.
No description available for libtiff4-dev in ubuntu breezy.
- libtiffxx0c2: No summary available for libtiffxx0c2 in ubuntu breezy.
No description available for libtiffxx0c2 in ubuntu breezy.