UbuntuUpdates.org

Package "libtiff-dev"

Name: libtiff-dev

Description:

Tag Image File Format library (TIFF), development files

Latest version: 4.0.10-4ubuntu0.1
Release: disco (19.04)
Level: updates
Repository: main
Head package: tiff
Homepage: https://libtiff.maptools.org

Links

Save this URL for the latest version of "libtiff-dev": https://www.ubuntuupdates.org/libtiff-dev


Download "libtiff-dev"


Other versions of "libtiff-dev" in Disco

Repository Area Version
base main 4.0.10-4
security main 4.0.10-4ubuntu0.1

Changelog

Version: 4.0.10-4ubuntu0.1 2019-10-17 13:07:22 UTC

  tiff (4.0.10-4ubuntu0.1) disco-security; urgency=medium

  * SECURITY UPDATE: incorrect integer overflow checks
    - debian/patches/CVE-2019-14973.patch: fix implementation-defined
      behaviour in libtiff/tif_aux.c, libtiff/tif_getimage.c,
      libtiff/tif_luv.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c,
      libtiff/tif_strip.c, libtiff/tif_tile.c, libtiff/tiffiop.h.
    - debian/libtiff5.symbols: added new symbols.
    - CVE-2019-14973
  * SECURITY UPDATE: heap-based buffer overflow via crafted RGBA image
    - debian/patches/CVE-2019-17546.patch: fix integer overflow in
      libtiff/tif_getimage.c.
    - CVE-2019-17546

 -- Marc Deslauriers <email address hidden> Wed, 16 Oct 2019 09:09:34 -0400

CVE-2019-14973 _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavio
CVE-2019-17546 tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-ba



About   -   Send Feedback to @ubuntu_updates