-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 26 Jan 2018 20:53:45 +0000 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: armel Version: 4.0.3-12.3+deb8u5 Distribution: jessie-security Urgency: high Maintainer: armhf Build Daemon (henze) Changed-By: Moritz Muehlenhoff Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 866109 868513 872607 873879 873880 885985 Changes: tiff (4.0.3-12.3+deb8u5) jessie-security; urgency=high . [ Laszlo Boszormenyi (GCS) ] * Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf (closes: #868513). * Fix CVE-2017-12944: OOM prevention in TIFFReadDirEntryArray() (closes: #872607). * Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec() (closes: #873880). * Fix CVE-2017-13727: reachable assertion abort in TIFFWriteDirectoryTagSubifd() (closes: #873879). * Fix CVE-2017-18013: NULL pointer dereference in TIFFPrintDirectory() (closes: #885985). * Fix CVE-2017-9935: heap-based buffer overflow in the t2p_write_pdf() function (closes: #866109). . [ Moritz Muehlenhoff ] * CVE-2016-10371 Checksums-Sha1: 30bfa602323356197067863e141418b9a8ba1cb3 204316 libtiff5_4.0.3-12.3+deb8u5_armel.deb 5fbcf04966b0eedc44ade70c90f7bd7fbd9616ee 80864 libtiffxx5_4.0.3-12.3+deb8u5_armel.deb 2f7be706e0f16f1cb4754d4d59b8ff43a9773893 328862 libtiff5-dev_4.0.3-12.3+deb8u5_armel.deb bd8f15a14b0e5c8118c35a64442fd1dd492b23b5 266048 libtiff-tools_4.0.3-12.3+deb8u5_armel.deb cacc0e73cbf6df3ce8548ec1a139d698cd128789 87592 libtiff-opengl_4.0.3-12.3+deb8u5_armel.deb Checksums-Sha256: c64dc362ef15c60c822187fbe92dbcbd647e1294934acf81d9d26e75d3949d0e 204316 libtiff5_4.0.3-12.3+deb8u5_armel.deb f25a2185135119e73b4aa79ea15a5202e75b2b55feacd98e625a155709c8d9bb 80864 libtiffxx5_4.0.3-12.3+deb8u5_armel.deb 11ad60af3b99a0eee2c19dbf646c3f1e7f9ce2ea2251b8c8e0342bd9de81443c 328862 libtiff5-dev_4.0.3-12.3+deb8u5_armel.deb 4e45083516d15a8ebe07ea9d078b36a890c46a1e2b2a81b7f9cc6a3afbfb950b 266048 libtiff-tools_4.0.3-12.3+deb8u5_armel.deb fa625f205edb58d509eb868d2c5a28176c9246aee5d07188b873c5c6fa20fc1a 87592 libtiff-opengl_4.0.3-12.3+deb8u5_armel.deb Files: b7e28b474fdbdcb2c323effcd392c4da 204316 libs optional libtiff5_4.0.3-12.3+deb8u5_armel.deb f14a1bc746b0a993421bcadb251b90ba 80864 libs optional libtiffxx5_4.0.3-12.3+deb8u5_armel.deb 39fee7efe8b908ff3d43c6d28e7107ca 328862 libdevel optional libtiff5-dev_4.0.3-12.3+deb8u5_armel.deb 173ecb9e3d00420b77527e23b7bb6e1c 266048 graphics optional libtiff-tools_4.0.3-12.3+deb8u5_armel.deb 18319e220945b1c8d278e460695cf113 87592 graphics optional libtiff-opengl_4.0.3-12.3+deb8u5_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEV/cHFWB5nZR3+CaJunHHiPkQx30FAlprvnAACgkQunHHiPkQ x32zQBAAkhgNkag9ISBQHJk3A6iBSvDAWJz4sQ+Ah+TNFYFPqneyuHsOAJ68TyxG Go3jh8nuEQBiIMHXQJvu2IhoPvAUGMScwcb0IupCbxkpF/t535bjHNlrxd2wdczi MBs3mUe4dihPgzltDvvURMHrUqMrjhUSx+CFkbjb/KCOZ7zlW+lzdawLeXXX+LFQ 4wPWaqm2I2Rw4sEnjMs4COhkfm2Flis3+/1YLbkZuNGdC3GpElAbtgn9CPM2Lml8 /Z5LHRLE1w/JEbw3UUYCGAbdHuJcTMYnNmPpeGjyZoZLZk7prtGP48q+sCI+mb55 XEs3g1qUgEAv8XIhRkAaPqjMZgRDhXaOzIFTzew/O5hAGAUB7PRLqEzccQt0h3nZ b5HK43ds5fjCtwL942SS0JYSsPi4G+R2x42/tWM2nAbNrIfscJUIrRmU2twxV9ZX 7stHxVLjVIQHi4fdRqUIBjg081xylJGy/zOCAq6iRzgZgsUrG4Pedw8bXZ3jBPxr +L+HcK0Se3h1vXj+aLB0imQuRSOASDHL+1Wu9V5dahA8o0dsUDHIANewYRG2A+qT 9m/+O9xgNui/8WQCwjc22R78aMgt5X729uHKz5GJUaBiJqTXk/T70wshs4UJ4a1X Noz20xmZ+HrFynN85iLexhFm0djxmbV5SyX1X4yJrAOBeAesLRY= =zU8G -----END PGP SIGNATURE-----