Accepted tiff 4.1.0+git201212-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 13 Dec 2020 07:52:33 +0100
Source: tiff
Architecture: source
Version: 4.1.0+git201212-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changes:
tiff (4.1.0+git201212-1) unstable; urgency=high
.
* Git snapshot, fixing the following security issues:
- TIFFSetupStrips: enforce 2GB limitation of
Strip/Tile Offsets/ByteCounts arrays,
- tiff2ps: fix heap buffer read overflow in PSDataColorContig() ,
- tiff2pdf: palette bound check in t2p_sample_realize_palette() ,
- tiffcrop: fix asan runtime error caused by integer promotion,
- raw2tiff: avoid divide by zero,
- tif_fax3.c: check buffer overflow in Fax4Decode() ,
- tif_fax3: better fix for CVE-2011-0192,
- TIFFReadCustomDirectory(): fix potential heap buffer overflow when
reading a custom directory, after a regular directory where a codec was
active,
- tif_fax3.h: check for buffer overflow in EXPAND2D before "calling"
CLEANUP_RUNS() ,
- contrib/win_dib/tiff2dib: fix uninitialized variable: lpBits,
- Fax3SetupState(): check consistency of rowbytes and rowpixels,
potential heap overflow in tiff2pdf,
- tiff2pdf: avoid divide by zero, use-after-free in t2p_writeproc()
function,
- tiffcp/tiff2pdf/tiff2ps: enforce maximum malloc size,
- tif_fax3: more buffer overflow checks in Fax3Decode2D() ,
- tiffset: check memory allocation, use of allocated memory without null
pointer check,
- tiffdump: avoid unaligned memory access,
- tiff2pdf: normalizePoint() macro to normalize the white point, avoid
divide by zero,
- tif_fax3: quit Fax3Decode2D() when a buffer overflow occurs,
- tiffcrop: enforce memory allocation limit,
- tiffinfo: fix dump of Tiled images, heap out of bounds read in
TIFFReadRawData() ,
- Fax3PreDecode(): reset curruns and refruns state variables,
heap-buffer-overflow in Fax3Decode2D() ,
- tif_fax3.h: extra buffer overflow checks, heap-buffer-overflow in
Fax3Decode2D() ,
- TIFFStartStrip(): avoid potential crash in WebP codec when using
scanline access on corrupted files,
- gtTileContig(): check Tile width for overflow,
- avoid buffer overflow while writing jpeg end of file marker,
- tiff2ps.c: fix buffer overread, heap-buffer-overflow in PSDataBW() ,
- fix potential overflow in gtStripContig() ,
- more overflow fixes for large width,
- enforce (configurable) memory limit in tiff2rgba,
- tiff2pdf: enforce memory limit for tiled pictures,
- tiffcrop: fix buffer overrun in extractContigSamples24bits() .
* Build with libdeflate support.
* Update libtiff5 symbols.
* Update debhelper level to 13 .
* Update Standards-Version to 4.5.1 .
Checksums-Sha1:
b5b832471964154d0ac49534a140bc2f0aa2dfc5 2264 tiff_4.1.0+git201212-1.dsc
f99ae00f17e051f1489152182351879b8cf45f5c 1723848 tiff_4.1.0+git201212.orig.tar.xz
a7f8ec43b507f37b110e5650f250573e2b04a097 19512 tiff_4.1.0+git201212-1.debian.tar.xz
Checksums-Sha256:
835ff106e859dc07d4ca18d9eef0109d646fb6b3324877a7716f9a1ae70a5327 2264 tiff_4.1.0+git201212-1.dsc
bebb2ad5537638159ff026c933ae769ab720afb8cd7b9f3bf7533db673b8636c 1723848 tiff_4.1.0+git201212.orig.tar.xz
4a5a87e944b8028fc64d22be950bf6b69ed85d4bd9269c70b27f240ac8e2073c 19512 tiff_4.1.0+git201212-1.debian.tar.xz
Files:
1040ebe54a671dbe9a6e9f01f3639cd6 2264 libs optional tiff_4.1.0+git201212-1.dsc
28a39c14bfa889a220a535b2b0d95e28 1723848 libs optional tiff_4.1.0+git201212.orig.tar.xz
320072303c73f50dce44682656b96957 19512 libs optional tiff_4.1.0+git201212-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl/WiQ4ACgkQ3OMQ54ZM
yL8Y7A//dJxAnuL5CXRzXTaNY7Ocpc6f4kPlhvQTVF03I6KAncAN15tl3PvGeAjK
nsjtnbBD6Y94vGp5CYGOvmSsfVvX5vh4lGpujowfeRJk700WZeGhOdjYRrJ1C9TT
tqI2+EdKEJH0lxAF803wSsNfPgnsOyFvfx+us0XBWcz5lYbni8XRwcaYl+9DRUXI
cT6xWklKkGJFKQYcytWqxDpkT2cfOkkm/S1tnN6olZI+To4EcWdvy7httn92BEoW
iOAVY5xvC2jO3aknGgpvzX2hBPTLpabfYQSb9+YsaHMlv0lWyh5gpRid+udag73L
xNxQm/6TBRkPiJasPUaKUXmw2g9Cdg2jwm1ACVmVMJjJAcqYCvBNPYYCU9EZYYSn
+zTqYW1DqFWDmKDIpnKATOZAXZ/BEB6U51UiDIRc7/XVjYW6xx0mg/UqmhvmhVmM
ykySasM0oANMAOb3rTpcsr2wlGGNUjKaPEW/Bl+Owda/43Bl4NxaYK6DBy1d7uwA
1Njiw46MWPt1yUoRAyIH4o73tszSlGIBHtyW9XRCMRg//QSSeTLbEvmQjwmeyxbE
JNjRSYRn4B3aDgBeTBsFYNqnDl4LZj3zrZLQdteU6xPk9Vx5dKKI5QD5lmaQv/AJ
kcelFJRwlVYLk1tQahCUWrtAmyBaqNGxt59dU7tgY1sEHnNepPI=
=dihl
-----END PGP SIGNATURE-----