Viewing all changes in revision 14.
- Committer: Bazaar Package Importer
- Date: 2011-03-03 12:16:19 UTC
- Revision ID: james.westby@ubuntu.com-20110303121619-uzjg2d61wf3i6zhw
* SECURITY UPDATE: denial of service via invalid td_stripbytecount field
(LP: #597246)
- debian/patches/CVE-2010-2482.patch: look for missing strip byte
counts in libtiff/tif_ojpeg.c, tools/tiffsplit.c.
- CVE-2010-2482
* SECURITY UPDATE: denial of service via invalid combination of
SamplesPerPixel and Photometric values (LP: #591605)
- debian/patches/CVE-2010-2483.patch: validate samplesperpixel in
libtiff/tif_getimage.c.
- CVE-2010-2483
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
values
- debian/patches/CVE-2010-2595.patch: validate values in
libtiff/tif_color.c.
- CVE-2010-2595
* SECURITY UPDATE: denial of service via devide-by-zero (LP: #593067)
- debian/patches/CVE-2010-2597.patch: properly initialize fields in
libtiff/tif_strip.c.
- CVE-2010-2597
- CVE-2010-2598
* SECURITY UPDATE: denial of service via out-of-order tags
- debian/patches/CVE-2010-2630.patch: correctly handle order in
libtiff/tif_dirread.c.
- CVE-2010-2630
* SECURITY UPDATE: denial of service and possible code execution via
heap corruption in JPEGDecodeRaw
- debian/patches/CVE-2010-3087.patch: check for overflows in
libtiff/tif_jpeg.c, libtiff/tif_strip.c.
- CVE-2010-3087
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in Fax4Decode
- debian/patches/CVE-2011-0192.patch: check length in
libtiff/tif_fax3.h.
- CVE-2011-0192
(LP: #597246)
- debian/patches/CVE-2010-2482.patch: look for missing strip byte
counts in libtiff/tif_ojpeg.c, tools/tiffsplit.c.
- CVE-2010-2482
* SECURITY UPDATE: denial of service via invalid combination of
SamplesPerPixel and Photometric values (LP: #591605)
- debian/patches/CVE-2010-2483.patch: validate samplesperpixel in
libtiff/tif_getimage.c.
- CVE-2010-2483
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
values
- debian/patches/CVE-2010-2595.patch: validate values in
libtiff/tif_color.c.
- CVE-2010-2595
* SECURITY UPDATE: denial of service via devide-by-zero (LP: #593067)
- debian/patches/CVE-2010-2597.patch: properly initialize fields in
libtiff/tif_strip.c.
- CVE-2010-2597
- CVE-2010-2598
* SECURITY UPDATE: denial of service via out-of-order tags
- debian/patches/CVE-2010-2630.patch: correctly handle order in
libtiff/tif_dirread.c.
- CVE-2010-2630
* SECURITY UPDATE: denial of service and possible code execution via
heap corruption in JPEGDecodeRaw
- debian/patches/CVE-2010-3087.patch: check for overflows in
libtiff/tif_jpeg.c, libtiff/tif_strip.c.
- CVE-2010-3087
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in Fax4Decode
- debian/patches/CVE-2011-0192.patch: check length in
libtiff/tif_fax3.h.
- CVE-2011-0192
- files added:
- .pc/CVE-2010-2482.patch
- .pc/CVE-2010-2482.patch/libtiff
- .pc/CVE-2010-2482.patch/tools
- .pc/CVE-2010-2483.patch
- .pc/CVE-2010-2483.patch/libtiff
- .pc/CVE-2010-2595.patch
- .pc/CVE-2010-2595.patch/libtiff
- .pc/CVE-2010-2597.patch
- .pc/CVE-2010-2597.patch/libtiff
- .pc/CVE-2010-2630.patch
- .pc/CVE-2010-2630.patch/libtiff
- .pc/CVE-2010-3087.patch
- .pc/CVE-2010-3087.patch/libtiff
- .pc/CVE-2011-0192.patch
- .pc/CVE-2011-0192.patch/libtiff
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
