-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 26 Jan 2018 20:53:45 +0000 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: i386 Version: 4.0.3-12.3+deb8u5 Distribution: jessie-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Moritz Muehlenhoff Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 866109 868513 872607 873879 873880 885985 Changes: tiff (4.0.3-12.3+deb8u5) jessie-security; urgency=high . [ Laszlo Boszormenyi (GCS) ] * Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf (closes: #868513). * Fix CVE-2017-12944: OOM prevention in TIFFReadDirEntryArray() (closes: #872607). * Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec() (closes: #873880). * Fix CVE-2017-13727: reachable assertion abort in TIFFWriteDirectoryTagSubifd() (closes: #873879). * Fix CVE-2017-18013: NULL pointer dereference in TIFFPrintDirectory() (closes: #885985). * Fix CVE-2017-9935: heap-based buffer overflow in the t2p_write_pdf() function (closes: #866109). . [ Moritz Muehlenhoff ] * CVE-2016-10371 Checksums-Sha1: 8cc99a26b607a870715262a52c80c1f17beca561 231114 libtiff5_4.0.3-12.3+deb8u5_i386.deb a8d0e5a17816d256898159851d579aafa37fa9fc 81464 libtiffxx5_4.0.3-12.3+deb8u5_i386.deb 7b4174ed674da573adc8c5dc9eb0a8bd1885c2fd 358502 libtiff5-dev_4.0.3-12.3+deb8u5_i386.deb d0e6c56d86bf81cf94cc42737c91a1ef8bf0c1d3 276750 libtiff-tools_4.0.3-12.3+deb8u5_i386.deb c056292f7b1c92e69935a7a9ab4190a57bf3afdd 86030 libtiff-opengl_4.0.3-12.3+deb8u5_i386.deb Checksums-Sha256: 995185b360b8f6280afa2d3f823b8f1ce3e283cbccc49cd51ab482c85636a7e1 231114 libtiff5_4.0.3-12.3+deb8u5_i386.deb ea33e3709b043af35f82847c1d5c343f789d8786bc8960af2f368ebadc253dde 81464 libtiffxx5_4.0.3-12.3+deb8u5_i386.deb 1ebbff026b28fb3a376b9c80426aa38ea86fbf4e26fcf62b933147d45dd97e0f 358502 libtiff5-dev_4.0.3-12.3+deb8u5_i386.deb 05b6d3c2140a10c24045314c381f1341d8651924cdfb7dc97c0891d9a279b9e8 276750 libtiff-tools_4.0.3-12.3+deb8u5_i386.deb 684f038d9bb8341a3c6510250fa88f1d5419085f3c82bb47dab52ee2853ffb18 86030 libtiff-opengl_4.0.3-12.3+deb8u5_i386.deb Files: 81ce552f23862d90480ecb0dad168c7f 231114 libs optional libtiff5_4.0.3-12.3+deb8u5_i386.deb ab6dd5b32c2333c656db0698e4f6ff42 81464 libs optional libtiffxx5_4.0.3-12.3+deb8u5_i386.deb 4c8ae627ac32b88403e9525dce23b761 358502 libdevel optional libtiff5-dev_4.0.3-12.3+deb8u5_i386.deb 1eaf4ef8a40655e064b583a317496a49 276750 graphics optional libtiff-tools_4.0.3-12.3+deb8u5_i386.deb e7546096a7c77b0ca5865a76716383a2 86030 graphics optional libtiff-opengl_4.0.3-12.3+deb8u5_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEevHXPYnWIBOaTTctFfcBBC0/C0gFAlprvLYACgkQFfcBBC0/ C0gsnxAAhDwzwB28yE9T9kYBWUxhTO0L5p7akTjCRKI7WASgDrQOn1WyocM/ThsN bBiShxxCZsb+ySDd0UuNCSx9Ij754pmx0Bg4IQONurRq1AXPbF4A9YHk/4An7TYD 6lPnAk3/G/xFhiO5uRTsdsW6gw2hxLp1OLl731KdoQizQ0MXHK7URmLA6MBPgpQD VOoEIg209VUPW4zRfNUxOaucu8hfETTsLpbruKvnexN7uvbREfpS00SFzmKxLAR2 /1+0J4TpRNrS0aO9zRro1+kVpeoHy5IS7UEFSP/qo/4Rx0iRInNzUqPBoGH9WYiH /WaOTmimMFYRg5+5/AMt/0gfW/AnOXOYXlB4juinV5ds7KaGUeICRRzwevrXDv4+ duNcWpYN8rTdPoaOr8OXjW80R6itAzP3O4etohF09wZ12K/j+WWSBAp10bRl9ht2 5RaJZCJ7ukNGRyyVIA7ROC+u719Ts2yqcedeGwy94fBg9K+IY4Yk+3St7Sv4rv89 btwcAMAs/Zh0ndE4lXfvajXRD/7pgXbrm4gnAGLO7RD5ZSGbsrLo7wM0JvdlLnRU o95fqzUG4l3A02SlA42aYI1HKE2ozGISS9l858e6zahyB/pv1rBRCkBXYaxy+lwZ fPyuhYSffJL1K1vD/W9b8z2t4VAJbd4R53xRtmTiIOCbgZJwTAw= =i1Y4 -----END PGP SIGNATURE-----