-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2011-03-03 12:16:19 UTC
-
Revision ID:
james.westby@ubuntu.com-20110303121619-uzjg2d61wf3i6zhw
Tags: 3.9.4-2ubuntu0.1
* SECURITY UPDATE: denial of service via invalid td_stripbytecount field
(LP: #597246)
- debian/patches/CVE-2010-2482.patch: look for missing strip byte
counts in libtiff/tif_ojpeg.c, tools/tiffsplit.c.
- CVE-2010-2482
* SECURITY UPDATE: denial of service via invalid combination of
SamplesPerPixel and Photometric values (LP: #591605)
- debian/patches/CVE-2010-2483.patch: validate samplesperpixel in
libtiff/tif_getimage.c.
- CVE-2010-2483
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
values
- debian/patches/CVE-2010-2595.patch: validate values in
libtiff/tif_color.c.
- CVE-2010-2595
* SECURITY UPDATE: denial of service via devide-by-zero (LP: #593067)
- debian/patches/CVE-2010-2597.patch: properly initialize fields in
libtiff/tif_strip.c.
- CVE-2010-2597
- CVE-2010-2598
* SECURITY UPDATE: denial of service via out-of-order tags
- debian/patches/CVE-2010-2630.patch: correctly handle order in
libtiff/tif_dirread.c.
- CVE-2010-2630
* SECURITY UPDATE: denial of service and possible code execution via
heap corruption in JPEGDecodeRaw
- debian/patches/CVE-2010-3087.patch: check for overflows in
libtiff/tif_jpeg.c, libtiff/tif_strip.c.
- CVE-2010-3087
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in Fax4Decode
- debian/patches/CVE-2011-0192.patch: check length in
libtiff/tif_fax3.h.
- CVE-2011-0192