-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 28 Jul 2016 23:44:27 +0200 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff5-alt-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: source all amd64 Version: 4.0.2-6+deb7u6 Distribution: wheezy-security Urgency: medium Maintainer: Ondřej Surý <ondrej@debian.org> Changed-By: Emilio Pozuelo Monfort <pochu@debian.org> Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-alt-dev - Tag Image File Format library (TIFF), alternative development fil libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Changes: tiff (4.0.2-6+deb7u6) wheezy-security; urgency=medium . * Non-maintainer upload by the Security Team. * 0038-libtiff-tif_pixarlog.c-fix-potential-buffer-write-ov.patch: - CVE-2016-5314, CVE-2016-5315, CVE-2016-5316, CVE-2016-5317, CVE-2016-5320, CVE-2016-5875: heap based buffer overflow. * 0039-tools-tiffcrop.c-Avoid-access-outside-of-stack-alloc.patch, 0040-CVE-2016-5321-CVE-2016-5323-bugzilla-2558-2559.patch: - CVE-2016-5321, CVE-2016-5323: program crash via crafted image. * 0041-tools-tiffcrop.c-Fix-out-of-bounds-write-in-loadImag.patch: - CVE-2016-3991, CVE-2016-5322: fix out of bounds write in tiffcrop. Checksums-Sha1: 12206a2b3a371570d1a03fd2fc2513ab2b3c44b3 2174 tiff_4.0.2-6+deb7u6.dsc dd30e3766030c1297d9ca3a599d4e15a2933f1f8 47928 tiff_4.0.2-6+deb7u6.debian.tar.gz 036603cdef568e63a7873e8f77118c895cc891d7 411620 libtiff-doc_4.0.2-6+deb7u6_all.deb 5c5c391e49aad4525fe37363266a3ca7962210bf 235250 libtiff5_4.0.2-6+deb7u6_amd64.deb ef87f65874842a3167ff66730f796deb118c06ef 74576 libtiffxx5_4.0.2-6+deb7u6_amd64.deb 8034f4df573de7fe89e7615bd76aaea653480f4b 378088 libtiff5-dev_4.0.2-6+deb7u6_amd64.deb 8d720d050d88c9a31808c90c17fdc17a19266c61 298420 libtiff5-alt-dev_4.0.2-6+deb7u6_amd64.deb 41e0e14b5717520215e3b964bd5ff98b4d05a3fe 339782 libtiff-tools_4.0.2-6+deb7u6_amd64.deb 8b9d96e169902e63760e812560bcc3c449e323ea 80196 libtiff-opengl_4.0.2-6+deb7u6_amd64.deb Checksums-Sha256: f227cb049776506e51e7047e4f274134c6f878e795f04d33cbb46cf89b8c3a72 2174 tiff_4.0.2-6+deb7u6.dsc e149211886bfa1adbb03dbc9e2723e24e25de6e701c903b113e68e72feccb3ee 47928 tiff_4.0.2-6+deb7u6.debian.tar.gz 11e94979350cc74718a3d116bb79e98fcad91b6fea58d489af754cf5090ccb6d 411620 libtiff-doc_4.0.2-6+deb7u6_all.deb 52ef8154e0666c2b754e636815d37bcd7d6a373ff8bc53aba066eccfbc2e015c 235250 libtiff5_4.0.2-6+deb7u6_amd64.deb 8a88e399741b15375248d747cd85be77262981cbab46338a0d14c13951e2bbec 74576 libtiffxx5_4.0.2-6+deb7u6_amd64.deb ccd23d8daae505b8265b1ee1a64edd87e7751b4facfe8c161ae995170a9d11b3 378088 libtiff5-dev_4.0.2-6+deb7u6_amd64.deb ae79fbc3b93706f916c337d60131068cb7ac9d65c8ef048436a3493d70f34195 298420 libtiff5-alt-dev_4.0.2-6+deb7u6_amd64.deb 25857c0e4009034a571861251072ca0b0e5920131b51e0b1ba985d05130e9f8f 339782 libtiff-tools_4.0.2-6+deb7u6_amd64.deb 6c1e1859479e092b64348384faa9f03a49c5a79d9cef6bdb8a9f73183a2dd517 80196 libtiff-opengl_4.0.2-6+deb7u6_amd64.deb Files: 9894f9291a8a13378e65db03ac37067d 2174 libs optional tiff_4.0.2-6+deb7u6.dsc 1df5d0592ef2807a806222b204c367a9 47928 libs optional tiff_4.0.2-6+deb7u6.debian.tar.gz 1f93c2a7ab01bf29c066e86d125932f8 411620 doc optional libtiff-doc_4.0.2-6+deb7u6_all.deb cc5550850132619cd46e7f2e0e2d2550 235250 libs optional libtiff5_4.0.2-6+deb7u6_amd64.deb 5e1ae0ba54c0c764f9ede2febfdb9da7 74576 libs optional libtiffxx5_4.0.2-6+deb7u6_amd64.deb 9e504426c3e4bd61a987eadf85d4289c 378088 libdevel optional libtiff5-dev_4.0.2-6+deb7u6_amd64.deb a6fcdbb62a12e7a62a5fc3a95109eb21 298420 libdevel optional libtiff5-alt-dev_4.0.2-6+deb7u6_amd64.deb 5de1e3997eb3f3c111f20075dd8e3947 339782 graphics optional libtiff-tools_4.0.2-6+deb7u6_amd64.deb 86431684c1ddf9c876286e48fd814bd1 80196 graphics optional libtiff-opengl_4.0.2-6+deb7u6_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJXxf+iAAoJEJ1GxIjkNoMCRd0P+QHaBe+nvTen+/nlVNOScn2D tCt7GHq5HOvSnkgp4lofigtIw0rnAk+Qi6igtaInNu7HSb4KIGzTndyhudISxHMk nrqDh6ZwnbvYdGO2cRRiUh96i2Lh3Y0lwKrio2Kqjt98Y+vOWTAQtXxYfbBVpj0V WGAv5DnjfOGQVCvv798SY4Du+5nhh5Y05q0OInKRfqtRJIwoxoR814bmu1bhrqzG f92a/kfj2KdY+1MXFY+6M/Ftusb0QUpUnCIl+q0iYQK959jonFYYHeIgGE8hgCLB F1QLYEIZcVDD3PZM2ucebSLqi+PO6bRHd7n/QFiK9yLC5lsGDqMFHa5jYxRp7ZLz lAwBrowJGV52UaSB0JTxb4ruBQ4b9MegxIHv9/EpCh7MT3kBrmfpA+tzEKggEnP4 YruYNcTpLO6N7jqkPUIp7BhFPnY2/dHD9GntzmCEhbvoiSmKrE0RXo3UlJmFgMAG 2in55O+QK/Zvqfd1yWcWgKAWdpFeI+y49ikZ6x6XD3wfHFtlboxgfO1Vkxcn5SAE yo5xV/hZPb0/yDkF7VQGegEur3Ad/uKCiIRxN9kyHRi0jS0JvA/Wbw9/43APpYL+ 0909x+Q1lxIleManuEhBD+ajAAZ4kRDiVtDYkgTWRhUgjirZR7XOvNVKJ5eMwcnP RjoosYCrfY8hBt8dvTYB =eoaH -----END PGP SIGNATURE-----