[ubuntu/lunar-proposed] tiff 4.4.0-5ubuntu1 (Accepted)
Amin Bandali
amin.bandali at canonical.com
Wed Nov 23 13:35:14 UTC 2022
tiff (4.4.0-5ubuntu1) lunar; urgency=medium
* Merge from Debian unstable (LP #1997278). Remaining differences:
- Don't build with LERC on i386 because it requires numpy (Closes: #1017958)
- Add CVE-2022-2519_2520_2521_2953.patch (Closes: #1024670)
* Use Debian's patches for the fixes for the other recent CVEs
tiff (4.4.0-5) unstable; urgency=high
* Backport security fix for CVE-2022-3597, CVE-2022-3626 and CVE-2022-3627,
out of bounds write and denial of service via a crafted TIFF file.
* Backport security fix for CVE-2022-3570, multiple heap buffer overflows
via crafted TIFF file.
* Backport security fix for CVE-2022-3599, denial-of-service via a crafted
TIFF file.
* Backport security fix for CVE-2022-3598, denial-of-service via a crafted
TIFF file (closes: #1022555).
Date: Mon, 22 Nov 2022 09:45:00 -0500
Changed-By: Amin Bandali <amin.bandali at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jeremy Bicha <jeremy.bicha at canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.4.0-5ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 22 Nov 2022 09:45:00 -0500
Source: tiff
Built-For-Profiles: noudeb
Architecture: source
Version: 4.4.0-5ubuntu1
Distribution: lunar
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Amin Bandali <amin.bandali at canonical.com>
Closes: 1017958 1022555 1024670
Changes:
tiff (4.4.0-5ubuntu1) lunar; urgency=medium
.
* Merge from Debian unstable (LP #1997278). Remaining differences:
- Don't build with LERC on i386 because it requires numpy (Closes: #1017958)
- Add CVE-2022-2519_2520_2521_2953.patch (Closes: #1024670)
* Use Debian's patches for the fixes for the other recent CVEs
.
tiff (4.4.0-5) unstable; urgency=high
.
* Backport security fix for CVE-2022-3597, CVE-2022-3626 and CVE-2022-3627,
out of bounds write and denial of service via a crafted TIFF file.
* Backport security fix for CVE-2022-3570, multiple heap buffer overflows
via crafted TIFF file.
* Backport security fix for CVE-2022-3599, denial-of-service via a crafted
TIFF file.
* Backport security fix for CVE-2022-3598, denial-of-service via a crafted
TIFF file (closes: #1022555).
Checksums-Sha1:
bf82d2de7ba8b21b1ede19ee1fc56eb39cf915e0 2351 tiff_4.4.0-5ubuntu1.dsc
5f2c8aea7dd753b2d68683a70a8847ca67ffd076 2072723 tiff_4.4.0.orig.tar.bz2
2ef5e488ab02842e97570ac5ce003ddbd9e89461 33520 tiff_4.4.0-5ubuntu1.debian.tar.xz
f1d04a98d1988c03c261013e2ed3530731a38618 8503 tiff_4.4.0-5ubuntu1_source.buildinfo
Checksums-Sha256:
d88399eab643de11b9fcf823a100f957f4f0c77ddfde351360e19c69ff873a69 2351 tiff_4.4.0-5ubuntu1.dsc
ce0848109b627eb5442187b6362a8e4809728e4f28fcc5a04940e5afb464caba 2072723 tiff_4.4.0.orig.tar.bz2
d1120b0224ae558611fb1fae33025b2f773a5e0d7fa88f96b75c84353256b98e 33520 tiff_4.4.0-5ubuntu1.debian.tar.xz
bccb6810d2ca73b2626ff0ea9cbc6cf526f97626a339b4b0110d548d837310e9 8503 tiff_4.4.0-5ubuntu1_source.buildinfo
Files:
1d97a6fad1e2ad8766ce0bda7407b9e9 2351 libs optional tiff_4.4.0-5ubuntu1.dsc
ba175e36b1f6929da1c3c676b98c5db3 2072723 libs optional tiff_4.4.0.orig.tar.bz2
f2fbc3730c67cf3a085ea9e09c5f1a71 33520 libs optional tiff_4.4.0-5ubuntu1.debian.tar.xz
9be0f995159c5aa2a5adbcb1271fe41f 8503 libs optional tiff_4.4.0-5ubuntu1_source.buildinfo
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs at debian.org>
More information about the lunar-changes
mailing list