-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 02 Jan 2016 09:51:18 +0100 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff5-alt-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: source all amd64 Version: 4.0.2-6+deb7u5 Distribution: wheezy-security Urgency: high Maintainer: Ondřej Surý <ondrej@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org> Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-alt-dev - Tag Image File Format library (TIFF), alternative development fil libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 808968 809021 Changes: tiff (4.0.2-6+deb7u5) wheezy-security; urgency=high . * Backport upstream fixes for: - CVE-2015-8665 an out-of-bound read in TIFFRGBAImage interface (closes: #808968), - CVE-2015-8683 an out-of-bounds read in CIE Lab image format (closes: #809021), - CVE-2015-8781 out of bounds write at tif_luv.c:208, - CVE-2015-8782 potential out-of-bound writes in decode, - CVE-2015-8783 potential out-of-bound reads in case of short input data, - CVE-2015-8784 potential out-of-bound write in NeXTDecode(). Checksums-Sha1: 37b412cea797f9ae12de58268df27168cb5a1129 2192 tiff_4.0.2-6+deb7u5.dsc 5e780f0be90f96eefd9a148aaafbeda6f76998e0 44363 tiff_4.0.2-6+deb7u5.debian.tar.gz a42db511fb2030afbde458286b1cf18aa29ca4dc 398468 libtiff-doc_4.0.2-6+deb7u5_all.deb fb5d8f0879b85d9bacc78004fd94d67421746014 236182 libtiff5_4.0.2-6+deb7u5_amd64.deb 27f7059085a98cb7c7ee8e23fee87b8908ea11a2 75082 libtiffxx5_4.0.2-6+deb7u5_amd64.deb 2e9717f4666d74ca5fd987e422417cef341372f7 378408 libtiff5-dev_4.0.2-6+deb7u5_amd64.deb 8dbe8fa8a348fb3ac81900d544090fcc616d017e 298670 libtiff5-alt-dev_4.0.2-6+deb7u5_amd64.deb cca454c93b9def80ada6b6cd26b420411e2d3a9e 339828 libtiff-tools_4.0.2-6+deb7u5_amd64.deb 0643b77faf83470bfe01fca2db5251d4512723cf 80630 libtiff-opengl_4.0.2-6+deb7u5_amd64.deb Checksums-Sha256: c291e61dce03f613c72c9f2008ff607cb526a7514c4e54888cdd97bc0ce805b0 2192 tiff_4.0.2-6+deb7u5.dsc b9986831e9f641c58eaef828acf20e84c8463997fb28723f585d3c4dc21fe506 44363 tiff_4.0.2-6+deb7u5.debian.tar.gz 20418aaadef0bd1f9558a1f35abba0ed55bd3d55fd1d4e2410d4bcf093db24e0 398468 libtiff-doc_4.0.2-6+deb7u5_all.deb 6c6f4add37ab581574a26f71182bd5e138db285b81cd958d74741e379f4f3713 236182 libtiff5_4.0.2-6+deb7u5_amd64.deb d9a586623b55ec8be024c9f60b7c3f4366a87e202c4b26e6d65b88b2b5fe74ec 75082 libtiffxx5_4.0.2-6+deb7u5_amd64.deb af8913e1d306ad1e2ac1fe6ae0a829df43bc6573c6d97a6b06fac56635a6409a 378408 libtiff5-dev_4.0.2-6+deb7u5_amd64.deb 19249d821c9d843a76ab82b8d52f465156b60198b17528920980a8c6a74c0e21 298670 libtiff5-alt-dev_4.0.2-6+deb7u5_amd64.deb 07800a6441ecbe84086f30005267ea5369189dbba0031a1ccfa0870a1975c340 339828 libtiff-tools_4.0.2-6+deb7u5_amd64.deb 6ea6a5ddd5d6c416eec37657f7ccb4b68c03c304ecdfc89d395d2bf5bcc5dbea 80630 libtiff-opengl_4.0.2-6+deb7u5_amd64.deb Files: a1514eddfa8874c242fc0ee89f85090e 2192 libs optional tiff_4.0.2-6+deb7u5.dsc f694afc67acc820afe6dfdbee6e7ab55 44363 libs optional tiff_4.0.2-6+deb7u5.debian.tar.gz bed5915244cdbc00131f28e02bb80a8f 398468 doc optional libtiff-doc_4.0.2-6+deb7u5_all.deb ef0b90023ac9b1fc3a2ebb97a85bc861 236182 libs optional libtiff5_4.0.2-6+deb7u5_amd64.deb efc418fac1251f2616509cc88a0f58c6 75082 libs optional libtiffxx5_4.0.2-6+deb7u5_amd64.deb db06d4946aef5e466c994053e92da886 378408 libdevel optional libtiff5-dev_4.0.2-6+deb7u5_amd64.deb 005d86b8cf5958f2dd30f5b639acf17d 298670 libdevel optional libtiff5-alt-dev_4.0.2-6+deb7u5_amd64.deb 15aad523fb585e5aace410eec7a40331 339828 graphics optional libtiff-tools_4.0.2-6+deb7u5_amd64.deb 61529d5f1be3e287696bbc44953c7f85 80630 graphics optional libtiff-opengl_4.0.2-6+deb7u5_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWskyoAAoJENzjEOeGTMi/kRYP/RmQ3jt9OFh8NyhangszTi52 o1BYWQU2V1yYoU0SgD9JbhBXQu2JZ4PQ+U27w5enPgEygawCPqKSPhykqqsnAROX +ZOxxxdRE9i73zxkRz0wPMbwdiR6mQ6wubTxtME7i59mlkpswmNXCOt1Mw6vUrd9 lDQCE5NIQjzalbMHpd1X5r27g0bBcxpzJKRtWpUdjYPVTyVLyXQmUDiHIIZB4NQ4 05mbb36XLajySzlZbsI2Ggnj7UEpaI5Y5p2ZdM4QSvLudegbESfnhiKv+aynlUPh Ow79BD/DBIBlX/EGIqHIcfttoHND9M+PQPNQuqjIcdpxluWMxqhNK1lTMssvgSa6 hLVafkqT11BgC0VG+U5CbnDXUicgMldfjjIlpJlIU2pxtDBomamLmk+CCX1d0ow1 K5Nr/b71ibg9Os8N6ZqimZdkaIPyj4h6+Vo5rEENIHQgAZI3diU3XC3/VvorVUIy X/ECwrfQxMkxbGGV2sdb+ANbEuSc+7EyHOffEqPr7uHwBFU8kmzV1ka7h9U6rxMn IlIvTd2DPjsf4KE8iRKykF73BSKtleVhHPNztzlp+eKE9u4GyCXDT+05xqB2thUX MEim4E5hUMKMHOMutOH6smNzHoAk9TaIycQEgISANJ63gOhpDHGBnj64hgQaPMYl i2c74fo14j8k6VZgqWcF =CaD0 -----END PGP SIGNATURE-----