ubuntuusers.de

via DuckDuckGo

Gunnar

Datum:
26. November 2012 19:06
Code:
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
Hole:1 Änderungsprotokoll (Changelog) für libtiff5 (http://changelogs.ubuntu.com
/changelogs/pool/main/t/tiff/tiff_4.0.2-1ubuntu2.1/changelog) [30,2 kB]
tiff (4.0.2-1ubuntu2.1) quantal-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    PixarLog compression format
    - debian/patches/CVE-2012-4447.patch: fix buffer size in
      libtiff/tif_pixarlog.c.
    - CVE-2012-4447
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted PPM image
    - debian/patches/CVE-2012-4564.patch: check scanline_size in
      tools/ppm2tiff.c.
    - CVE-2012-4564

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 14 Nov 2012 09:52:14 -0
500

tiff (4.0.2-1ubuntu2) quantal; urgency=low

  * SECURITY UPDATE: possible arbitrary code execution via heap overflow
    in tiff2pdf.
    - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
      tools/tiff2pdf.c.
    - CVE-2012-3401

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 19 Jul 2012 10:04:36 -0
400

: