Back to tiff PTS page

Accepted tiff 4.0.8-2+deb9u5 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted tiff 4.0.8-2+deb9u5 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 01 May 2020 18:02:47 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1jUZzr-0007it-2h@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 17 Apr 2020 16:28:49 +0000
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source
Version: 4.0.8-2+deb9u5
Distribution: stretch-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
 tiff (4.0.8-2+deb9u5) stretch-security; urgency=high
 .
   * Backport security fixes:
     - CVE-2018-12900, heap-based buffer overflow in cpSeparateBufToContigBuf(),
     - CVE-2018-17000, NULL pointer dereference in _TIFFmemcmp(),
     - CVE-2018-17100, int32 overflow in multiply_ms(),
     - CVE-2018-19210, NULL pointer dereference in TIFFWriteDirectorySec(),
     - CVE-2019-14973, _TIFFCheckMalloc() and _TIFFCheckRealloc() mishandle
       Integer Overflow checks,
     - CVE-2019-17546, integer overflow that potentially causes a heap-based
       buffer overflow,
     - CVE-2019-7663, Invalid Address dereference in
       TIFFWriteDirectoryTagTransfer() .
   * Add required _TIFFCastUInt64ToSSize@LIBTIFF_4.0 and
     _TIFFMultiplySSize@LIBTIFF_4.0 symbols to the libtiff5 package.
Checksums-Sha1:
 550b7006c595e232b5bbfa25fc8a2e8fd6732c61 2185 tiff_4.0.8-2+deb9u5.dsc
 af57187285812ca3cb2633145bd640e6b8d2906b 37260 tiff_4.0.8-2+deb9u5.debian.tar.xz
Checksums-Sha256:
 a782ae9a83645f53eab3cbe70b93f7fd3ec0c1c8efeb37513b8ea7ad77756c9c 2185 tiff_4.0.8-2+deb9u5.dsc
 141a6cde7494b392b10c00692dd4d4090294d7d5678265e3344662c23c7c3089 37260 tiff_4.0.8-2+deb9u5.debian.tar.xz
Files:
 f5786df2171cbd705b00a697006eb8fe 2185 libs optional tiff_4.0.8-2+deb9u5.dsc
 219f43ad0334d6bb11699836b13e177a 37260 libs optional tiff_4.0.8-2+deb9u5.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl6puV8ACgkQ3OMQ54ZM
yL/feRAArv/e+mDC7drymiipy8i53/bfz29YYb6+XiviAWuGxpLiHH75+ekr0ftf
IiIkUS6K8oER6weYgubcz9xtTmwjEkVv0aC4Sb1brYQtRz72wi93o5gXmcCi/Lww
Y47uMFVL6LfKLpxJbkABHlW0tzDVHQeMNcrvy10FLg0mL//BsDGQq8B0SvCwyPJg
1VyedJg1LXPLC9JPWA/Ahb2fjmrzP2dzbIChqpVqFQI/7RxUlXlVzcy6rqLjoRLL
17CXWzttOL5laGFdRKidiimKj9wFDi5rdJsaGZTLqqg8TqJSUSvQr9s6vANMB7oc
Q+aK3x3g72W/jmCZraEyIKNcDFrMFF/mc6pArWnlvFDOnVNfT9A0A+gr7jWVYek4
V+QRarDeF1i5GhEPFvUFFUSG/K4R4jydnJGob7aNjlRh6oQCt6HPUgDQ0YsW9GMt
px+Qdyx5OozlNx9WhrxoIxJYAdt6Dk+xU9SKXbhfoL47PMzwG9aswD2CoJYs+mFG
5vPTjOIIrFnTBRs9zzeyR0OIQYIb253BI2rSSSlXNsw1DiQBRX9JWBnCRSOlYfiT
wm/iFnLkqeCXpf1rtG0K29yDo2CSumgF776M0kpAVjn0cP18VAOkklLHuIKNzzp1
3PeC/TouTD1VfkJWCI8NHREupvDY0ykQ3E34vteyyDsrDhdGBGI=
=e7UE
-----END PGP SIGNATURE-----