-
tiff (4.0.3-12.3ubuntu2) vivid; urgency=medium
* SECURITY REGRESSION: regression when saving TIFF files with compression
predictor (LP: #1439186)
- debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
fix is available.
-- Marc Deslauriers <email address hidden> Wed, 01 Apr 2015 14:02:39 -0400
-
tiff (4.0.3-12.3ubuntu1) vivid; urgency=medium
* SECURITY UPDATE: Backport more security-relevant commits
- debian/patches/CVE-2014-81xx-9.patch
- debian/patches/CVE-2014-9655-1.patch
- debian/patches/CVE-2014-9655-3.patch
- debian/patches/read_overrun.patch
- debian/patches/estimatestripbytecounts_return_code.patch
- debian/patches/CVE-2014-8130.patch
-- Marc Deslauriers <email address hidden> Mon, 30 Mar 2015 10:19:49 -0400
-
tiff (4.0.3-12.3) unstable; urgency=medium
* Add another (final) patch for CVE-2014-8128 (Bug #2499). Thanks to
Petr Gajdos
-- Moritz Muehlenhoff <email address hidden> Mon, 23 Mar 2015 18:26:40 +0100
-
tiff (4.0.3-12.1) unstable; urgency=medium
* NMU as discussed with Ondrej, the future adopter of tiff
* Fix multiple security issues, exact details will be recorded in the
Debian security tracker
-- Moritz Muehlenhoff <email address hidden> Sat, 21 Feb 2015 13:06:08 +0100
-
tiff (4.0.3-12) unstable; urgency=high
* Fix integer overflow in bmp2tiff. CVE-2014-9330. (Closes: #773987)
-- Jay Berkenbilt <email address hidden> Tue, 30 Dec 2014 11:32:04 -0500
-
tiff (4.0.3-11) unstable; urgency=medium
* Don't crash on JPEG => non-JPEG conversion (Closes: #741451)
* Thanks Tomasz Buchert <email address hidden> for preparing the fix!
-- Jay Berkenbilt <email address hidden> Tue, 23 Dec 2014 15:51:40 -0500
-
tiff (4.0.3-10build1) utopic; urgency=medium
* No-change rebuild to get debug symbols on all architectures.
-- Brian Murray <email address hidden> Tue, 21 Oct 2014 13:48:40 -0700