-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 06 May 2015 22:37:44 +0100 Source: tiff Binary: libtiff4 libtiffxx0c2 libtiff4-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: source all i386 Version: 3.9.4-5+squeeze12 Distribution: squeeze-lts Urgency: high Maintainer: Jay Berkenbilt <qjb@debian.org> Changed-By: Ben Hutchings <ben@decadent.org.uk> Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff4 - Tag Image File Format (TIFF) library libtiff4-dev - Tag Image File Format library (TIFF), development files libtiffxx0c2 - Tag Image File Format (TIFF) library -- C++ interface Closes: 773987 Changes: tiff (3.9.4-5+squeeze12) squeeze-lts; urgency=high . * Non-maintainer upload by the Squeeze LTS team * Fixes for most of CVE-2014-8127 (out-of-bounds reads; bugs #2484, #2485, #2486) * Fixes for CVE-2014-8128 (out-of-bounds writes; bugs #2489, #2492, #2493, #2495, #2499, #2501) * Fix for CVE-2014-8129 (out-of-bounds read and write in NeXT 2-bit Grey Scale Compression Algorithm decoder; bugs #2487, #2488) * Fix for CVE-2014-9330 (out-of-bounds read in bmp2tiff; bug #2494) (Closes: #773987) * Fix for CVE-2014-9655 (out-of-bounds reads in NeXT 2-bit Grey Scale Compression Algorithm decoder and YCbCr-RGB converters) Checksums-Sha1: b47fae13bec01e9eca5a33a193f7df63a8146845 1853 tiff_3.9.4-5+squeeze12.dsc e2d53b28493575568a8b918ddc516939fea0ad1e 41899 tiff_3.9.4-5+squeeze12.debian.tar.gz 60a2c9fe17312c52b66406742dfd70283e332f7b 403450 libtiff-doc_3.9.4-5+squeeze12_all.deb d32ea263eb3e4d23d79cccb81de74ec68b4b5650 184302 libtiff4_3.9.4-5+squeeze12_i386.deb ea697802f8ae9ad06a63db86d1b2880ef6460c1e 60124 libtiffxx0c2_3.9.4-5+squeeze12_i386.deb a9c519d893badc482f70c908dfe0649fb36e8ab7 301954 libtiff4-dev_3.9.4-5+squeeze12_i386.deb 48b0dcc43a08c38dfc99f942152890d767e72dce 289738 libtiff-tools_3.9.4-5+squeeze12_i386.deb 58c14309fb873111a18963d3a606ccfddbf9ff19 64486 libtiff-opengl_3.9.4-5+squeeze12_i386.deb Checksums-Sha256: b4df3e9b0ecb209756175a92f92caab2f7e30366d48f05241cde3db8d3297091 1853 tiff_3.9.4-5+squeeze12.dsc 1a9619f5ec33692a1adc1b3db220f749b8d5e6af15d716bd4c8142a82ba32fad 41899 tiff_3.9.4-5+squeeze12.debian.tar.gz 10f794934fbbf7fda4d36b4e421974ea0a8026f5ef4afcbaf86dfa0813086139 403450 libtiff-doc_3.9.4-5+squeeze12_all.deb 0446fa9378538b832fe0942c435ec29be9bad4f8ec707d83aa624c3eb3dfbcf8 184302 libtiff4_3.9.4-5+squeeze12_i386.deb ba301d61a3d4d83decaf65bc78a37133ede1f17643b00d402d71b76b6f3f22ae 60124 libtiffxx0c2_3.9.4-5+squeeze12_i386.deb 42cf6c9cfd1d815fcf33c4558207c27f1d2b8735bb1016a9662afae7ad21ab54 301954 libtiff4-dev_3.9.4-5+squeeze12_i386.deb 9248275599cb7ee365027bb3bb8a935caea2b49463bb7bf1abbbd8dbd6e24e87 289738 libtiff-tools_3.9.4-5+squeeze12_i386.deb 7d494a0faf076103dc448330b5ed506e8ad807e4502a17b702f2bc3d44aa497a 64486 libtiff-opengl_3.9.4-5+squeeze12_i386.deb Files: a55318d03cb77d7d130fb308a064facc 1853 libs optional tiff_3.9.4-5+squeeze12.dsc 250b78a23663d20ef936f8b03b998d90 41899 libs optional tiff_3.9.4-5+squeeze12.debian.tar.gz 150deaa293181ba1df4b436c1156b34e 403450 doc optional libtiff-doc_3.9.4-5+squeeze12_all.deb 1735310e7235b97433a8d204d5791f06 184302 libs optional libtiff4_3.9.4-5+squeeze12_i386.deb 3a52f05a87c5f2bf8f6aee384b07f300 60124 libs optional libtiffxx0c2_3.9.4-5+squeeze12_i386.deb 2a1af22c4710062bd8dc32013176538d 301954 libdevel optional libtiff4-dev_3.9.4-5+squeeze12_i386.deb e2242143f3c0d3aefab1e21c26a22a5d 289738 graphics optional libtiff-tools_3.9.4-5+squeeze12_i386.deb 26b78de1750fb760420400a9504df33a 64486 graphics optional libtiff-opengl_3.9.4-5+squeeze12_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBVVaMiee/yOyVhhEJAQoE6A/8Dn239K8S2kSE+C7AyZXCJBEZBMHgwuSn oN2ZlK5G6wYbmtfXlR8vD0iRlKqYxRnG1M893znDDczMiFaQxnovG4VxEBPTNXzE UpGTDhJJ5mNJRIdWvdRu4UwIgPGahXweX3lfD7IOgvF017sYWLK4oWhSBRCI9KRc sWhO3QSBPb2JsPJziNCg6DmTMWXgDk4PyFBPTgDcZpAvP/DxzUSQG5WnNrR3oroX F5H+7qVSE0vtjMA087QGTSpjiWr0mZ6aa9YGcdgKaublifm8oM9GkrFk8Bp/2tOQ B71g5ywI+RrxHFqEj3CB2zREC4rteoxZY6ArKCc7Jfq67828OgGbQq6kpNNDNRxA Fi+acRHWY9MES/OkzG6dF8jrruqOW1JnMljlYtc1IhgKlho3zHGN4SRuTrSevaYc /FPeJ/eEXUAzuXOJwVk+B15+nY/0BMigKJgC+b3OZnjrgZwVD7r3/LEN5mouf+DB QBQe/m1XQ7ZXIo3asERiB+JDX1WmbVU/sUNX6Ga2rq760NxT1Xi/a5Nk7Cb07by6 SNdLWt/3FGJLoqgEUDs0O7XJZvz5GvllUD9YmawF1gyIvr2VAZTL7S+WeOWIr9qx PXYcCJlbOabu7kAjltEzKF5bcuejcubZOuzJovLFOxqDOc9UlpO5omhab3Z43lID XAdNRjoAtao= =uKHV -----END PGP SIGNATURE-----