-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 26 Jan 2018 20:53:45 +0000 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: s390x Version: 4.0.3-12.3+deb8u5 Distribution: jessie-security Urgency: high Maintainer: s390x Build Daemon (zandonai) Changed-By: Moritz Muehlenhoff Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 866109 868513 872607 873879 873880 885985 Changes: tiff (4.0.3-12.3+deb8u5) jessie-security; urgency=high . [ Laszlo Boszormenyi (GCS) ] * Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf (closes: #868513). * Fix CVE-2017-12944: OOM prevention in TIFFReadDirEntryArray() (closes: #872607). * Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec() (closes: #873880). * Fix CVE-2017-13727: reachable assertion abort in TIFFWriteDirectoryTagSubifd() (closes: #873879). * Fix CVE-2017-18013: NULL pointer dereference in TIFFPrintDirectory() (closes: #885985). * Fix CVE-2017-9935: heap-based buffer overflow in the t2p_write_pdf() function (closes: #866109). . [ Moritz Muehlenhoff ] * CVE-2016-10371 Checksums-Sha1: cdf2a8a9820868ebb46f9443fabe4d2047ef92f1 219348 libtiff5_4.0.3-12.3+deb8u5_s390x.deb c067c4b6db08521c46b8fac3751317e7adf6aefe 80924 libtiffxx5_4.0.3-12.3+deb8u5_s390x.deb 1952eadad566d6f722d195745024ab0edb2abbd3 342480 libtiff5-dev_4.0.3-12.3+deb8u5_s390x.deb ed66e5546c456808afc823f86c25a0956330444d 270560 libtiff-tools_4.0.3-12.3+deb8u5_s390x.deb 46dc24da28ad5f51b06fb1de23eeb292dc68955f 85810 libtiff-opengl_4.0.3-12.3+deb8u5_s390x.deb Checksums-Sha256: e09023389559c1195e1592675cae3b43d0fe25e4319b733b8b7b99119329734a 219348 libtiff5_4.0.3-12.3+deb8u5_s390x.deb f2655494f669a4eac8cbe521cc9c281b67428a477d82164344b1ce87a9e5f385 80924 libtiffxx5_4.0.3-12.3+deb8u5_s390x.deb 36275b41948ff6fca5d3f2e09058ad5ec63d6c4028dc5c13166931dc2678b17c 342480 libtiff5-dev_4.0.3-12.3+deb8u5_s390x.deb be0f8fc89a3483b24ab2000f0476348bb9a3f98d347e2edb03dd008af5ab7c20 270560 libtiff-tools_4.0.3-12.3+deb8u5_s390x.deb 1b01d309f1f022abd696ece5a4f4de89beeca2ed548ab9bacea1926e7f393f29 85810 libtiff-opengl_4.0.3-12.3+deb8u5_s390x.deb Files: e005e7080d0925330792f8f898a9d614 219348 libs optional libtiff5_4.0.3-12.3+deb8u5_s390x.deb 58c27d31fce5d4e6274c82cf0788a6b7 80924 libs optional libtiffxx5_4.0.3-12.3+deb8u5_s390x.deb e9d27e7941049c3fae371172ef1b7a7f 342480 libdevel optional libtiff5-dev_4.0.3-12.3+deb8u5_s390x.deb e6210ee8705c943c2949f784573235e5 270560 graphics optional libtiff-tools_4.0.3-12.3+deb8u5_s390x.deb 81488c1a2d84418bc153753d1bee2cdb 85810 graphics optional libtiff-opengl_4.0.3-12.3+deb8u5_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfzwmoL6M/a4Zy/f5TMEGqGAsQucFAlprvGkACgkQTMEGqGAs QudwoQ//fPydwAaPRn6f+qUs/JV1/PAQcwIXaN+u40cR/V6kuBWZeHZ4h87SP9CN 4AVMnh+6+/wohy5UGvvxYFrpzqzB120miRzqOVlBC/8fKPxH8I0Mii3TPXP6Agfk 8P7wSdeQtPlCkOA/EpQbJJTqkWjeskQUSbd6SRVUPDYfqERaPiH7r0++8gwUJg8l dn92ZmcYBzGOZXJ5iy66ptRcUkdcgNx1tOHj0aNrOAcne35XpAeCBzJ/kdEvVjfF K+NDjBNakHkN3bWqePzkmLcxA1aEA09X2Fc8f9BG+xjnTS1IIatNiWgVX6KZUrFZ SXcPWSXwGD892kBQwIxutO16G4KgpLoqkDR8yiGc4JGiOOMuC0DozBNQW2KszylJ tXvSLNraMoKB/ZNtjQz2hOZ3A2kONbQp6/g0i6GdJPsf7F/1rvNGDo6WA2yhNF3s Pn04edk2R8x5Y9RKjTQfI4julFZw2/6f8VADYBy/XT6WCrUkvvdPXt0LXPLumsPX kB7mPPqm+GZ2GveI534/ran/j7bs0ARfM0jNpz/sUZg2E5Ftsx+s4+CIsoGagGzw y4rfJgtsiQZibyqcGV4C5a8sjh2smMkzYT6qUPOgEFhgg2IcXOVX4ZF3Mq7jFtcg tnyi+Q62HwjbHql0SgUir12870eKcfGBTQytSZKSjktmR1j9KYU= =c3sP -----END PGP SIGNATURE-----