Format: 1.8
Date: Thu, 22 Mar 2018 10:16:37 -0400
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: i386
Version: 4.0.6-1ubuntu0.4
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-060.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
 tiff (4.0.6-1ubuntu0.4) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: buffer overflow in gif2tiff
     - debian/patches/CVE-2016-3186.patch: check return code in
       tools/gif2tiff.c.
     - CVE-2016-3186
   * SECURITY UPDATE: buffer overflow in gif2tiff
     - debian/patches/CVE-2016-5102.patch: make warning fatal in
       tools/gif2tiff.c.
     - CVE-2016-5102
   * SECURITY UPDATE: multiple overflows
     - debian/patches/CVE-2016-5318.patch: ignore certain fields in
       libtiff/tif_dir.h, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c.
     - CVE-2016-5318
     - CVE-2017-9147
   * SECURITY UPDATE: bmp2tiff issues
     - debian/patches/CVE-2017-5563_9117.patch: add check to
       tools/bmp2tiff.c.
     - CVE-2017-5563
     - CVE-2017-9117
   * SECURITY UPDATE: heap-based buffer overflow in t2p_write_pdf
     - debian/patches/CVE-2017-9935-1.patch: fix transfer function handling
       in libtiff/tif_dir.c, tools/tiff2pdf.c.
     - debian/patches/CVE-2017-9935-2.patch: fix incorrect type for transfer
       table in tools/tiff2pdf.c.
     - CVE-2017-9935
   * SECURITY UPDATE: DoS in TIFFOpen
     - debian/patches/CVE-2017-11613-1.patch: avoid memory exhaustion in
       libtiff/tif_dirread.c.
     - debian/patches/CVE-2017-11613-2.patch: rework fix in
       libtiff/tif_dirread.c.
     - CVE-2017-11613
   * SECURITY UPDATE: TIFFSetupStrips heap overflow in pal2rgb
     - debian/patches/CVE-2017-17095.patch: add workaround to
       tools/pal2rgb.c.
     - CVE-2017-17095
Checksums-Sha1:
 cc50d7dbbc3f1e46ef0d46cacf1295de5792ae90 11492 libtiff-opengl-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 95d76df2c19f6866477fe798abfcd8dfc96518f5 10706 libtiff-opengl_4.0.6-1ubuntu0.4_i386.deb
 a7e8feca328bec5ac92c98123dd3fc4151061c4a 263382 libtiff-tools-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 953aa75462e3230406ef760abc2d18eb79f604f6 228622 libtiff-tools_4.0.6-1ubuntu0.4_i386.deb
 2365575563ac66ce32135d305282c997cf820195 236302 libtiff5-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 c63e898bd00bf04b6de7b655e8236479e9d1b945 285630 libtiff5-dev_4.0.6-1ubuntu0.4_i386.deb
 574f7cc6f6a868943e32aabd30bfd0374a53d0fd 158922 libtiff5_4.0.6-1ubuntu0.4_i386.deb
 e348d7f991f593d8cae8513c3dc14067a6a2ce64 14286 libtiffxx5-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 3f2ce230fd126f2d75d6a4c4c08762f6080eec01 6216 libtiffxx5_4.0.6-1ubuntu0.4_i386.deb
Checksums-Sha256:
 d12a8b52f0071778f27a289740c0318a1902eb1b963f56da109f0ec93559ddb1 11492 libtiff-opengl-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 e934268708455ef63e0ec7f44eea5d2876d202984c571227b5a497d81e23b5a1 10706 libtiff-opengl_4.0.6-1ubuntu0.4_i386.deb
 30550526b911be3debf07422aa4faa360dd19ce8c4a1f07632f39421e9912333 263382 libtiff-tools-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 4c4e910943805c87b3e379c39f266bd77ea5e3ffce2afcb0c39a5d06c0c76d14 228622 libtiff-tools_4.0.6-1ubuntu0.4_i386.deb
 1db4252a3a99b221d5ca9de5f8da42366d266f28ac03f6077521b2a6a8d315b4 236302 libtiff5-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 c62587de8571d28fa6511e1165b28e24c062be4484fb743e45438fa3d7d53067 285630 libtiff5-dev_4.0.6-1ubuntu0.4_i386.deb
 fbe91b2d59c70853422478a55ff9328fbbe694e049a77d58a169d989cc57477c 158922 libtiff5_4.0.6-1ubuntu0.4_i386.deb
 c05b86f5eba332296ebe6453c4da3090e03e145b118a655a5928b1a514b42356 14286 libtiffxx5-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 d1c9d9a9ac0f3cc6b917dc43e9cd93f243f7957b2f7a119c3c27c79e3ce828d5 6216 libtiffxx5_4.0.6-1ubuntu0.4_i386.deb
Files:
 e958d0b886f1214a53f509dc7b470ba6 11492 graphics extra libtiff-opengl-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 298bc1b1730531ae997209b9e796671d 10706 graphics optional libtiff-opengl_4.0.6-1ubuntu0.4_i386.deb
 b3a9b7e7ad9f86629d8fec401435f82f 263382 graphics extra libtiff-tools-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 837020197d8f8be99b777f35b492fed8 228622 graphics optional libtiff-tools_4.0.6-1ubuntu0.4_i386.deb
 819edda855a1ad941b94dc098379d645 236302 libs extra libtiff5-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 b4ed07a0befe8a62fe06de575acab9ac 285630 libdevel optional libtiff5-dev_4.0.6-1ubuntu0.4_i386.deb
 badb3ff3dc4a9d3b29274057d18db470 158922 libs optional libtiff5_4.0.6-1ubuntu0.4_i386.deb
 1f35d348a025ca09a6015edbe5033898 14286 libs extra libtiffxx5-dbgsym_4.0.6-1ubuntu0.4_i386.ddeb
 85eb151517c799f21a7d032596345898 6216 libs optional libtiffxx5_4.0.6-1ubuntu0.4_i386.deb
Original-Maintainer: Ondřej Surý <ondrej@debian.org>