Package "libtiff4-dev"
Name: |
libtiff4-dev
|
Description: |
Tag Image File Format library (TIFF), development files
|
Latest version: |
3.9.5-2ubuntu1.12 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
main |
Head package: |
tiff |
Homepage: |
http://libtiff.maptools.org |
Links
Download "libtiff4-dev"
Other versions of "libtiff4-dev" in Precise
Changelog
tiff (3.9.5-2ubuntu1.5) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via heap
overflow in tp_process_jpeg_strip().
- debian/patches/CVE-2013-1960.patch: improve tp_process_jpeg_strip()
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/CVE-2013-1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither.c.
- CVE-2013-1961
-- Marc Deslauriers <email address hidden> Mon, 13 May 2013 11:02:59 -0400
|
Source diff to previous version |
CVE-2013-1960 |
libtiff-tools: Heap-based buffer overflow in t2_process_jpeg_strip |
CVE-2013-1961 |
libtiff-tools: Stack-based buffer overflow with malformed image-length and resolution |
|
tiff (3.9.5-2ubuntu1.4) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
PAGENUMBER, HALFTONEHINTS, YCBCRSUBSAMPLING, and DOTRANGE tags.
- debian/patches/CVE-2012-5581.patch: remove special cases of tags,
improve DOTRANGE tag case
- CVE-2012-5581
-- Seth Arnold <email address hidden> Mon, 03 Dec 2012 21:17:32 -0800
|
Source diff to previous version |
CVE-2012-5581 |
libtiff: Stack based buffer overflow when handling DOTRANGE tags |
|
tiff (3.9.5-2ubuntu1.3) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
PixarLog compression format
- debian/patches/CVE-2012-4447.patch: fix buffer size in
libtiff/tif_pixarlog.c.
- CVE-2012-4447
* SECURITY UPDATE: denial of service and possible code execution via
crafted PPM image
- debian/patches/CVE-2012-4564.patch: check scanline_size in
tools/ppm2tiff.c.
- CVE-2012-4564
-- Marc Deslauriers <email address hidden> Wed, 14 Nov 2012 11:29:16 -0500
|
Source diff to previous version |
CVE-2012-4447 |
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and pos |
CVE-2012-4564 |
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and pos |
|
tiff (3.9.5-2ubuntu1.2) precise-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via heap overflow
in tiff2pdf.
- debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
tools/tiff2pdf.c.
- CVE-2012-3401
-- Marc Deslauriers <email address hidden> Mon, 16 Jul 2012 09:47:09 -0400
|
Source diff to previous version |
|
tiff (3.9.5-2ubuntu1.1) precise-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
due to type-conversion flaw (LP: #1016324)
- debian/patches/CVE-2012-2088.patch: check for overflows in
libtiff/tif_strip.c and libtiff/tif_tile.c.
- CVE-2012-2088
* SECURITY UPDATE: possible arbitrary code execution via integer
overflows in tiff2pdf (LP: #1016324)
- debian/patches/CVE-2012-2113.patch: check for overflows in
tools/tiff2pdf.c.
- CVE-2012-2113
-- Marc Deslauriers <email address hidden> Wed, 04 Jul 2012 10:14:32 -0400
|
1016324 |
Two tiff issues: CVE-2012-2113 / CVE-2012-2088 |
|
About
-
Send Feedback to @ubuntu_updates