« back to all changes in this revision
Viewing changes to libtiff/tif_codec.c
- Committer: Package Import Robot
- Date: 2013-05-13 10:43:48 UTC
- Revision ID: package-import@ubuntu.com-20130513104348-dd395iiumjegwsis
* SECURITY UPDATE: denial of service and possible code execution via heap
overflow in tp_process_jpeg_strip().
- debian/patches/CVE-2013-1960.patch: improve tp_process_jpeg_strip()
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/CVE-2013-1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither.c.
- CVE-2013-1961
overflow in tp_process_jpeg_strip().
- debian/patches/CVE-2013-1960.patch: improve tp_process_jpeg_strip()
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/CVE-2013-1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither.c.
- CVE-2013-1961
- files added:
- .pc/CVE-2013-1960.patch
- .pc/CVE-2013-1960.patch/tools
- .pc/CVE-2013-1961.patch
- .pc/CVE-2013-1961.patch/contrib
- .pc/CVE-2013-1961.patch/contrib/dbs
- .pc/CVE-2013-1961.patch/contrib/dbs/xtiff
- .pc/CVE-2013-1961.patch/libtiff
- .pc/CVE-2013-1961.patch/tools
- files modified:
- .pc/applied-patches
added
removed
libtiff/tif_codec.c
