-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 09 Sep 2017 18:36:08 -0400 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff5-alt-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: source all amd64 Version: 4.0.2-6+deb7u16 Distribution: wheezy-security Urgency: high Maintainer: Ondřej Surý <ondrej@debian.org> Changed-By: Roberto C. Sanchez <roberto@debian.org> Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-alt-dev - Tag Image File Format library (TIFF), alternative development fil libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 868513 872607 873879 873880 Changes: tiff (4.0.2-6+deb7u16) wheezy-security; urgency=high . * Non-maintainer upload by the Debian LTS Team. * Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf (Closes: #868513) * Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec() (Closes: #873880) * Fix CVE-2017-13727: reachable assertion abort in TIFFWriteDirectoryTagSubifd() (Closes: #873879) * Fix CVE-2017-12944: mishandled memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing() (Closes: #872607) Checksums-Sha1: 65b697a1c2319704102e95e0d14b3b7670d0a469 2196 tiff_4.0.2-6+deb7u16.dsc 924ef0a81157d9886ad03cce70ea9f6c31b950cf 80937 tiff_4.0.2-6+deb7u16.debian.tar.gz dcadac21efd87a104ff94d1fe6255d7306effbd1 414840 libtiff-doc_4.0.2-6+deb7u16_all.deb 6fb2ba3988f06b10b17817b8fb8c4f409d8f1848 240086 libtiff5_4.0.2-6+deb7u16_amd64.deb 32d9755ad9e13e757872f3de62b3baa0061bd10f 77150 libtiffxx5_4.0.2-6+deb7u16_amd64.deb cae6225d2ae0e8d81b97a06b17d60435d971e777 382786 libtiff5-dev_4.0.2-6+deb7u16_amd64.deb ee27ef7c271d95069a8cbf7c711721d3bbbe9fbc 302246 libtiff5-alt-dev_4.0.2-6+deb7u16_amd64.deb 14aefcccabe96f5542c0d1ef13dd834c184e9aac 308130 libtiff-tools_4.0.2-6+deb7u16_amd64.deb afd3ab66d0990a892e7db07042fd1d482ca222fb 82400 libtiff-opengl_4.0.2-6+deb7u16_amd64.deb Checksums-Sha256: 72c17d9c5d4385291e5869bc1c8c2a1d283421f144ea9ca4f9676c70e4cefc34 2196 tiff_4.0.2-6+deb7u16.dsc 11871b62b2832bdc4a6cf35024c949caa4dbcdc73d4b0bbbbbb65ea13fe98026 80937 tiff_4.0.2-6+deb7u16.debian.tar.gz 703c2a7cf6f4de403a473bbc55e855b956823787a500299249f72c3538074cc5 414840 libtiff-doc_4.0.2-6+deb7u16_all.deb 3b1204312aeb788caa068b06d74a9e7ac50df3079a110c44177272d155ffe0ea 240086 libtiff5_4.0.2-6+deb7u16_amd64.deb 0ba836f1bea9fb25528cb06c5ad3abef7cc50d7dfe9cdd7b8be20ff77c0a1701 77150 libtiffxx5_4.0.2-6+deb7u16_amd64.deb c696f665981e5f9d938de8d7b4df125a20cbef232a160838313e35a66a20c5f3 382786 libtiff5-dev_4.0.2-6+deb7u16_amd64.deb 0fadcae1ef86bd9ae0738c583e568f51c1fcd3d01b50431fe3c4c85faaaf0b8b 302246 libtiff5-alt-dev_4.0.2-6+deb7u16_amd64.deb d9ec48959b41950c81c98ef2aeae558a231635193b692f740853bbaef6e42882 308130 libtiff-tools_4.0.2-6+deb7u16_amd64.deb 476e0eb3b373fc1601902523292dcf805865b097aa8604eefc9ed7bc69d5d4b0 82400 libtiff-opengl_4.0.2-6+deb7u16_amd64.deb Files: 4c197cfc9f9072c1f1265074e476b212 2196 libs optional tiff_4.0.2-6+deb7u16.dsc 1a23f8e81cfc945c8bdf18b65994c3ae 80937 libs optional tiff_4.0.2-6+deb7u16.debian.tar.gz 763c97814868e49c3a29fbeb24484bd9 414840 doc optional libtiff-doc_4.0.2-6+deb7u16_all.deb d59ac615538b63bcc5d5f828bbc07cbe 240086 libs optional libtiff5_4.0.2-6+deb7u16_amd64.deb 769b1cf7af7132b2c5cec12bb49af254 77150 libs optional libtiffxx5_4.0.2-6+deb7u16_amd64.deb d27d6a5079b0f8f39edf4c011b0d351c 382786 libdevel optional libtiff5-dev_4.0.2-6+deb7u16_amd64.deb b4bde036565c1f6714dc3b1419625a81 302246 libdevel optional libtiff5-alt-dev_4.0.2-6+deb7u16_amd64.deb 7f6db50a1ddcafde6f8b7a48dc820586 308130 graphics optional libtiff-tools_4.0.2-6+deb7u16_amd64.deb 441101f08251a3a094cac8ffadd6f46c 82400 graphics optional libtiff-opengl_4.0.2-6+deb7u16_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJZtIRLAAoJECzXeF7dp7IPYooQAJI+hYAPRE8lgL1YWnmrFArP 4BTvxjD0PSomW78d4c2yLhh2ePDdTok520AsuXOVgxzDKXRIABNz4sIC0MF8ftyN vnZ241bUJUpAL2+IKUxn5GyTVY7YPcolVXhgc6SZFqlvfTMGPTMOr8KNexzF7yNA dOCdRiGmiSHPf7Z/G3ZxLHI3QDC3vbwxAxiLQ4sfywQ7MQIMUVsKwx6t7Qf0ZzAK LDeuUEsZ1nDcimA+mHmuDfhstrvIXqzcAO0i9iFvBANScJb0NIIakY4MHeARPS24 K1rJrNUYZxg6e020UXBt554PcPT7A9kFNWIy3no/ZpdguJgVsK67/AYF4ZoVM/yh 7kux1KngmUmVY4Xk3YdZTnPesvoGb4PTyR5pgCdO5QM0lSZG4feAsntJrvQiXFfN 7EHLkHDGUYMteFRShwbY1jnYjf61gOw7tnXdrZOoaZhTvSJgUUlbqFNnpi3wUon/ dUxUTO4esWbe99CLa9KNaEm7UCVCLOF8nIh3LZMhrsJJo7e0TA7C2sEbyPE8MNxy o0nOfArLJqIez3NDFc5DTN0ll3+zXv4pA9QK0GmoSp7LMORmEEs7iJd1p+FTbBk+ fWx+YZFOirrgkdDDNKHhFeIuuw5LhoV0qDvZhe49OyTgtR3s8+f5I9Tgf/+6kYzX 8xQdtvsH07+v50ksZEjL =78Dd -----END PGP SIGNATURE-----