-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 13 Dec 2020 07:52:33 +0100 Source: tiff Architecture: source Version: 4.1.0+git201212-1 Distribution: unstable Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changes: tiff (4.1.0+git201212-1) unstable; urgency=high . * Git snapshot, fixing the following security issues: - TIFFSetupStrips: enforce 2GB limitation of Strip/Tile Offsets/ByteCounts arrays, - tiff2ps: fix heap buffer read overflow in PSDataColorContig() , - tiff2pdf: palette bound check in t2p_sample_realize_palette() , - tiffcrop: fix asan runtime error caused by integer promotion, - raw2tiff: avoid divide by zero, - tif_fax3.c: check buffer overflow in Fax4Decode() , - tif_fax3: better fix for CVE-2011-0192, - TIFFReadCustomDirectory(): fix potential heap buffer overflow when reading a custom directory, after a regular directory where a codec was active, - tif_fax3.h: check for buffer overflow in EXPAND2D before "calling" CLEANUP_RUNS() , - contrib/win_dib/tiff2dib: fix uninitialized variable: lpBits, - Fax3SetupState(): check consistency of rowbytes and rowpixels, potential heap overflow in tiff2pdf, - tiff2pdf: avoid divide by zero, use-after-free in t2p_writeproc() function, - tiffcp/tiff2pdf/tiff2ps: enforce maximum malloc size, - tif_fax3: more buffer overflow checks in Fax3Decode2D() , - tiffset: check memory allocation, use of allocated memory without null pointer check, - tiffdump: avoid unaligned memory access, - tiff2pdf: normalizePoint() macro to normalize the white point, avoid divide by zero, - tif_fax3: quit Fax3Decode2D() when a buffer overflow occurs, - tiffcrop: enforce memory allocation limit, - tiffinfo: fix dump of Tiled images, heap out of bounds read in TIFFReadRawData() , - Fax3PreDecode(): reset curruns and refruns state variables, heap-buffer-overflow in Fax3Decode2D() , - tif_fax3.h: extra buffer overflow checks, heap-buffer-overflow in Fax3Decode2D() , - TIFFStartStrip(): avoid potential crash in WebP codec when using scanline access on corrupted files, - gtTileContig(): check Tile width for overflow, - avoid buffer overflow while writing jpeg end of file marker, - tiff2ps.c: fix buffer overread, heap-buffer-overflow in PSDataBW() , - fix potential overflow in gtStripContig() , - more overflow fixes for large width, - enforce (configurable) memory limit in tiff2rgba, - tiff2pdf: enforce memory limit for tiled pictures, - tiffcrop: fix buffer overrun in extractContigSamples24bits() . * Build with libdeflate support. * Update libtiff5 symbols. * Update debhelper level to 13 . * Update Standards-Version to 4.5.1 . Checksums-Sha1: b5b832471964154d0ac49534a140bc2f0aa2dfc5 2264 tiff_4.1.0+git201212-1.dsc f99ae00f17e051f1489152182351879b8cf45f5c 1723848 tiff_4.1.0+git201212.orig.tar.xz a7f8ec43b507f37b110e5650f250573e2b04a097 19512 tiff_4.1.0+git201212-1.debian.tar.xz Checksums-Sha256: 835ff106e859dc07d4ca18d9eef0109d646fb6b3324877a7716f9a1ae70a5327 2264 tiff_4.1.0+git201212-1.dsc bebb2ad5537638159ff026c933ae769ab720afb8cd7b9f3bf7533db673b8636c 1723848 tiff_4.1.0+git201212.orig.tar.xz 4a5a87e944b8028fc64d22be950bf6b69ed85d4bd9269c70b27f240ac8e2073c 19512 tiff_4.1.0+git201212-1.debian.tar.xz Files: 1040ebe54a671dbe9a6e9f01f3639cd6 2264 libs optional tiff_4.1.0+git201212-1.dsc 28a39c14bfa889a220a535b2b0d95e28 1723848 libs optional tiff_4.1.0+git201212.orig.tar.xz 320072303c73f50dce44682656b96957 19512 libs optional tiff_4.1.0+git201212-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl/WiQ4ACgkQ3OMQ54ZM yL8Y7A//dJxAnuL5CXRzXTaNY7Ocpc6f4kPlhvQTVF03I6KAncAN15tl3PvGeAjK nsjtnbBD6Y94vGp5CYGOvmSsfVvX5vh4lGpujowfeRJk700WZeGhOdjYRrJ1C9TT tqI2+EdKEJH0lxAF803wSsNfPgnsOyFvfx+us0XBWcz5lYbni8XRwcaYl+9DRUXI cT6xWklKkGJFKQYcytWqxDpkT2cfOkkm/S1tnN6olZI+To4EcWdvy7httn92BEoW iOAVY5xvC2jO3aknGgpvzX2hBPTLpabfYQSb9+YsaHMlv0lWyh5gpRid+udag73L xNxQm/6TBRkPiJasPUaKUXmw2g9Cdg2jwm1ACVmVMJjJAcqYCvBNPYYCU9EZYYSn +zTqYW1DqFWDmKDIpnKATOZAXZ/BEB6U51UiDIRc7/XVjYW6xx0mg/UqmhvmhVmM ykySasM0oANMAOb3rTpcsr2wlGGNUjKaPEW/Bl+Owda/43Bl4NxaYK6DBy1d7uwA 1Njiw46MWPt1yUoRAyIH4o73tszSlGIBHtyW9XRCMRg//QSSeTLbEvmQjwmeyxbE JNjRSYRn4B3aDgBeTBsFYNqnDl4LZj3zrZLQdteU6xPk9Vx5dKKI5QD5lmaQv/AJ kcelFJRwlVYLk1tQahCUWrtAmyBaqNGxt59dU7tgY1sEHnNepPI= =dihl -----END PGP SIGNATURE-----