tiff (4.0.2-4ubuntu2.1) raring-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via heap
overflow in tp_process_jpeg_strip().
- debian/patches/CVE-2013-1960.patch: improve tp_process_jpeg_strip()
logic in tools/tiff2pdf.c.
- CVE-2013-1960
* SECURITY UPDATE: denial of service via stack overflow with malformed
image-length and resolution.
- debian/patches/CVE-2013-1961.patch: replace use of sprintf() with
snprintf() in contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c,
libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c,
tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c,
tools/tiffdither.c.
- CVE-2013-1961
Date: 2013-05-13 18:20:14.245990+00:00
Changed-By: Marc Deslauriers <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/raring/+source/tiff/4.0.2-4ubuntu2.1
Sorry, changesfile not available.
--
Raring-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/raring-changes
