~ubuntu-branches/ubuntu/quantal/tiff/quantal-updates

Viewing all changes in revision 30.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2013-05-13 10:43:48 UTC
  • Revision ID: package-import@ubuntu.com-20130513104348-dd395iiumjegwsis
Tags: 4.0.2-1ubuntu2.2
* SECURITY UPDATE: denial of service and possible code execution via heap
  overflow in tp_process_jpeg_strip().
  - debian/patches/CVE-2013-1960.patch: improve tp_process_jpeg_strip()
    logic in tools/tiff2pdf.c.
  - CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
  image-length and resolution.
  - debian/patches/CVE-2013-1961.patch: replace use of sprintf() with
    snprintf() in contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
    libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
    tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
    tools/tiffdither.c.
  - CVE-2013-1961

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: