~ubuntu-branches/ubuntu/precise/tiff/precise

Viewing all changes in revision 17.

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2011-03-03 10:52:21 UTC
  • Revision ID: james.westby@ubuntu.com-20110303105221-f2sb1011la09403k
Tags: 3.9.4-5ubuntu2
* SECURITY UPDATE: denial of service via invalid td_stripbytecount field
  (LP: #597246)
  - debian/patches/CVE-2010-2482.patch: look for missing strip byte
    counts in libtiff/tif_ojpeg.c, tools/tiffsplit.c.
  - CVE-2010-2482
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
  values
  - debian/patches/CVE-2010-2595.patch: validate values in
    libtiff/tif_color.c.
  - CVE-2010-2595
* SECURITY UPDATE: denial of service via devide-by-zero (LP: #593067)
  - debian/patches/CVE-2010-2597.patch: properly initialize fields in
    libtiff/tif_strip.c.
  - CVE-2010-2597
  - CVE-2010-2598
* SECURITY UPDATE: denial of service via out-of-order tags
  - debian/patches/CVE-2010-2630.patch: correctly handle order in
    libtiff/tif_dirread.c.
  - CVE-2010-2630
* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in Fax4Decode
  - debian/patches/CVE-2011-0192.patch: check length in
    libtiff/tif_fax3.h.
  - CVE-2011-0192

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: