Back to tiff PTS page

Accepted tiff 4.0.10+git190814-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted tiff 4.0.10+git190814-1 (source) into unstable
From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Date: Wed, 14 Aug 2019 20:52:35 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1hy0G3-0006oD-6m@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 14 Aug 2019 19:24:22 +0000
Source: tiff
Architecture: source
Version: 4.0.10+git190814-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Closes: 934780
Changes:
 tiff (4.0.10+git190814-1) unstable; urgency=high
 .
   * Git snapshot, fixing the following security issues:
     - TryChopUpUncompressedBigTiff(): avoid potential division by zero,
     - fix vulnerability introduced by defer strile loading,
     - fix vulnerability in 'D' (DeferStrileLoad) mode,
     - return infinite distance when denominator is zero,
     - OJPEG: avoid use of uninitialized memory on corrupted files,
     - OJPEG: fix integer division by zero on corrupted subsampling factors,
     - OJPEGReadBufferFill(): avoid very long processing time on corrupted
       files,
     - TIFFClientOpen(): fix memory leak if one of the required callbacks is
       not provided,
     - CVE-2019-14973, fix integer overflow in _TIFFCheckMalloc() and other
       implementation-defined behaviour (closes: #934780).
   * Update libtiff5 symbols.
   * Update Standards-Version to 4.4.0 .
Checksums-Sha1:
 56a0327f17d4b136f77a4ca08ca5a00b8cc87aa0 2243 tiff_4.0.10+git190814-1.dsc
 30860672b3dade20fb8074304352378c424ab1a9 1477060 tiff_4.0.10+git190814.orig.tar.xz
 7c2bf1c25d83ce9714cad0869daa29a5296b0488 18432 tiff_4.0.10+git190814-1.debian.tar.xz
Checksums-Sha256:
 c7788186e23618f4f67b9fd4fc89d495f340b134018a29511d6156ec49981fc3 2243 tiff_4.0.10+git190814-1.dsc
 6e584b54bbbf6bf7e7601f6e4a66c735e16d925be6cb115aa0bf7c8e5a657be7 1477060 tiff_4.0.10+git190814.orig.tar.xz
 fea62ed59e3de3382c602f475f5c127921a9a77db2b4a587c8f348ce7c1424ba 18432 tiff_4.0.10+git190814-1.debian.tar.xz
Files:
 2d30e9ecb75726a6da3140d4ca940cb8 2243 libs optional tiff_4.0.10+git190814-1.dsc
 e3c903b2ae6bd7a69decc578f2d83a33 1477060 libs optional tiff_4.0.10+git190814.orig.tar.xz
 aa0640ca3faee35c2bb975e088b8b527 18432 libs optional tiff_4.0.10+git190814-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl1UZvsACgkQ3OMQ54ZM
yL80cxAAry4XPSkk8zkf3xhYMe7D0YQ56kQ40cbBR8QyPSO49LbwgPqJOEwyf/NI
dvFAhf5/xvQrwW84mOqDfp/jGI72kmVttHFb4NdiTsxFHUiNtqGS5dMRDrO4WRhp
Op+UjoHG4iLuvIQN1nvQpiZoru7u7zlOkCxyQzrKjXNY9/JwK7ifToc37hcGWB24
YTdYKlSegTQOcvUIs5jia7hPJLdPXIe3/ImPbi2KeXvZmDh87y6t0iMNYk8r8zdn
Aj0zRyGRWzYMK/1nLi3C1Pg10gn40bjQ3DAxey+ypMjidmBMHKguwyGUuO8XcXrd
hH18NgMlU8v/Zi4yVjSnjRJTAkl3V7dtuIWPvHusVfZ91rr4TzFQaorKXfy5oTNZ
Vp9ksesojROB72e0PiRnkM09pe0R9bU7slooVXNXCxEtrRGwC725JIaz+6x4MdZF
hiqHIbaGmNYNRx8LHQsLz4KPgzn6TtfOZukK+yZAKGuXir0nSznqEgNSQgeOTp+x
PQu9AC7SknputPJURqzr/UhW00XAOfQjVSClu6VX+me0wUOTCkrgr1jCDGuHGnL6
cLOEnr4wpqKSzx2iYVqOdK5gWa/cCH+VhztGCxe44e4MQO1A4Z/IQWy4tZ3o1gco
Vxhxuy/zKmgZZnjSFUT3Sequ06eMx579MLepV7rnqYTpIPgXb/Q=
=Mk7Z
-----END PGP SIGNATURE-----