This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- Tag Image File Format library (TIFF), development files, current version
- TIFF manipulation and conversion documentation
- Tag Image File Format (TIFF) library
- Tag Image File Format library (TIFF), development files
Other versions of "tiff" in Bionic
Packages in group
Deleted packages are displayed in grey.
tiff (4.0.9-5ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: incorrect integer overflow checks
- debian/patches/CVE-2019-14973.patch: fix implementation-defined
behaviour in libtiff/tif_aux.c, libtiff/tif_getimage.c,
libtiff/tif_luv.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c,
libtiff/tif_strip.c, libtiff/tif_tile.c, libtiff/tiffiop.h.
- debian/libtiff5.symbols: added new symbols.
* SECURITY UPDATE: heap-based buffer overflow via crafted RGBA image
- debian/patches/CVE-2019-17546.patch: fix integer overflow in
-- Marc Deslauriers <email address hidden> Wed, 16 Oct 2019 09:44:21 -0400
|Source diff to previous version|
||_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavio
||tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-ba
tiff (4.0.9-5ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: heap over-read in TIFFWriteScanline
- debian/patches/CVE-2018-10779.patch: fix overflow in
* SECURITY UPDATE: heap over-read in cpSeparateBufToContigBuf
- debian/patches/CVE-2018-12900-1.patch: check for overflow in
- debian/patches/CVE-2018-12900-2.patch: use INT_MAX in tools/tiffcp.c.
* SECURITY UPDATE: NULL pointer dereference in _TIFFmemcmp
- debian/patches/CVE-2018-17000.patch: add NULL check in
* SECURITY UPDATE: NULL pointer dereference in TIFFWriteDirectorySec
- debian/patches/CVE-2018-19210-1.patch: unset transferfunction field
if necessary in libtiff/tif_dir.c.
- debian/patches/CVE-2018-19210-2.patch: fix warning in
* SECURITY UPDATE: memory leak in TIFFFdOpen
- debian/patches/CVE-2019-6128.patch: properly handle errors in
-- Marc Deslauriers <email address hidden> Mon, 11 Mar 2019 11:59:03 -0400
|Source diff to previous version|
||TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
||Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service
||An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpS
||A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an a
||In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service a
||The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
tiff (4.0.9-5ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: buffer overflow in LZWDecodeCompat
- debian/patches/CVE-2018-8905.patch: fix logic in libtiff/tif_lzw.c.
* SECURITY UPDATE: DoS in TIFFWriteDirectorySec()
- debian/patches/CVE-2018-10963.patch: avoid assertion in
* SECURITY UPDATE: multiple overflows
- debian/patches/CVE-2018-1710x.patch: Avoid overflows in
tools/pal2rgb.c, tools/tiff2bw.c, tools/ppm2tiff.c.
* SECURITY UPDATE: JBIGDecode out-of-bounds write
- debian/patches/CVE-2018-18557.patch: fix issue in libtiff/tif_jbig.c,
* SECURITY UPDATE: NULL pointer dereference in LZWDecode
- debian/patches/CVE-2018-18661.patch: add checks to tools/tiff2bw.c.
-- Marc Deslauriers <email address hidden> Thu, 17 Jan 2019 09:13:55 -0500
||In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2p
||The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failu
||IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that
||An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) o
||An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a deni
||LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-
||An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
Send Feedback to @ubuntu_updates