~ubuntu-branches/ubuntu/vivid/tiff/vivid-proposed

Committer: Package Import Robot
Author(s): Moritz Muehlenhoff
Date: 2015-02-21 13:06:08 UTC
Revision ID: package-import@ubuntu.com-20150221130608-wchjs7u2376opwgf

Tags: 4.0.3-12.1

* NMU as discussed with Ondrej, the future adopter of tiff
* Fix multiple security issues, exact details will be recorded in the
Debian security tracker

files added:
.pc/CVE-2014-8127-1.patch

.pc/CVE-2014-8127-1.patch/tools

.pc/CVE-2014-8127-1.patch/tools/tiff2bw.c

.pc/CVE-2014-8127-2.patch

.pc/CVE-2014-8127-2.patch/tools

.pc/CVE-2014-8127-2.patch/tools/pal2rgb.c

.pc/CVE-2014-8127-2.patch/tools/thumbnail.c

.pc/CVE-2014-8127-3.patch

.pc/CVE-2014-8127-3.patch/libtiff

.pc/CVE-2014-8127-3.patch/libtiff/tif_read.c

.pc/CVE-2014-8127-4.patch

.pc/CVE-2014-8127-4.patch/libtiff

.pc/CVE-2014-8127-4.patch/libtiff/tif_dir.c

.pc/CVE-2014-8127-4.patch/libtiff/tif_dirread.c

.pc/CVE-2014-8127-4.patch/libtiff/tif_getimage.c

.pc/CVE-2014-8127-4.patch/libtiff/tif_next.c

.pc/CVE-2014-8127-4.patch/tools

.pc/CVE-2014-8127-4.patch/tools/tiff2pdf.c

.pc/CVE-2014-8127-4.patch/tools/tiffcrop.c

.pc/CVE-2014-8127-4.patch/tools/tiffdump.c

.pc/CVE-2014-8128-1.patch

.pc/CVE-2014-8128-1.patch/tools

.pc/CVE-2014-8128-1.patch/tools/thumbnail.c

.pc/CVE-2014-8128-2.patch

.pc/CVE-2014-8128-2.patch/tools

.pc/CVE-2014-8128-2.patch/tools/thumbnail.c

.pc/CVE-2014-8128-2.patch/tools/tiffcmp.c

.pc/CVE-2014-8128-3.patch

.pc/CVE-2014-8128-3.patch/tools

.pc/CVE-2014-8128-3.patch/tools/tiff2pdf.c

.pc/CVE-2014-8129.patch

.pc/CVE-2014-8129.patch/libtiff

.pc/CVE-2014-8129.patch/libtiff/tif_next.c

.pc/CVE-2014-9655.patch

.pc/CVE-2014-9655.patch/libtiff

.pc/CVE-2014-9655.patch/libtiff/tif_getimage.c

.pc/CVE-2014-9655.patch/libtiff/tif_next.c

debian/patches/CVE-2014-8127-1.patch

debian/patches/CVE-2014-8127-2.patch

debian/patches/CVE-2014-8127-3.patch

debian/patches/CVE-2014-8127-4.patch

debian/patches/CVE-2014-8128-1.patch

debian/patches/CVE-2014-8128-2.patch

debian/patches/CVE-2014-8128-3.patch

debian/patches/CVE-2014-8129.patch

debian/patches/CVE-2014-9655.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

libtiff/tif_dir.c

libtiff/tif_dirread.c

libtiff/tif_getimage.c

libtiff/tif_next.c

libtiff/tif_read.c

tools/pal2rgb.c

tools/thumbnail.c

tools/tiff2bw.c

tools/tiff2pdf.c

tools/tiffcmp.c

tools/tiffcrop.c

tools/tiffdump.c

Show diffs side-by-side

added added

removed removed

tools/tiffdump.c

355

void* datamem;

356

uint64 dataoffset;

357

int datatruncated;

358

int datasizeoverflow;

359

358

360

tag = *(uint16*)dp;

359

361

if (swabflag)

360

362

TIFFSwabShort(&tag);

393

395

else

394

396

typewidth = datawidth[type];

395

397

datasize = count*typewidth;

398

datasizeoverflow = (typewidth > 0 && datasize / typewidth != count);

396

399

datafits = 1;

397

400

datamem = dp;

398

401

dataoffset = 0;

399

402

datatruncated = 0;

400

403

if (!bigtiff)

401

404

{

402

if (datasize>4)

405

if (datasizeoverflow || datasize>4)

403

406

{

404

407

uint32 dataoffset32;

405

408

datafits = 0;

413

416

}

414

417

else

415

418

{

416

if (datasize>8)

419

if (datasizeoverflow || datasize>8)

417

420

{

418

421

datafits = 0;

419

422

datamem = NULL;

423

426

}

424

427

dp += sizeof(uint64);

425

428

}

426

if (datasize>0x10000)

429

if (datasizeoverflow || datasize>0x10000)

427

430

{

428

431

datatruncated = 1;

429

432

count = 0x10000/typewidth;

Older »