[ubuntu/lunar-proposed] tiff 4.4.0-6ubuntu1 (Accepted)
Rico Tzschichholz
ricotz at ubuntu.com
Tue Nov 29 13:19:19 UTC 2022
tiff (4.4.0-6ubuntu1) lunar; urgency=critical
* Merge from Debian unstable. Remaining differences:
- Don't build with LERC on i386 because it requires numpy (Closes: #1017958)
tiff (4.4.0-6) unstable; urgency=high
* Backport security fix for CVE-2022-2519, double free or corruption in
rotateImage() (closes: #1024670).
* Backport security fix for CVE-2022-2520, sysmalloc assertion fail in
rotateImage().
* Backport security fix for CVE-2022-2521, invalid pointer free operation
in TIFFClose().
* Backport security fix for CVE-2022-2953, out-of-bounds read in
extractImageSection().
* Backport security fix for CVE-2022-3970, fix (unsigned) integer overflow
on strips/tiles > 2 GB in TIFFReadRGBATileExt() (closes: #1024737).
Date: Tue, 29 Nov 2022 12:14:06 +0100
Changed-By: Rico Tzschichholz <ricotz at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jeremy Bicha <jeremy.bicha at canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.4.0-6ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 29 Nov 2022 12:14:06 +0100
Source: tiff
Built-For-Profiles: noudeb
Architecture: source
Version: 4.4.0-6ubuntu1
Distribution: lunar
Urgency: critical
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Rico Tzschichholz <ricotz at ubuntu.com>
Closes: 1017958 1024670 1024737
Changes:
tiff (4.4.0-6ubuntu1) lunar; urgency=critical
.
* Merge from Debian unstable. Remaining differences:
- Don't build with LERC on i386 because it requires numpy (Closes: #1017958)
.
tiff (4.4.0-6) unstable; urgency=high
.
* Backport security fix for CVE-2022-2519, double free or corruption in
rotateImage() (closes: #1024670).
* Backport security fix for CVE-2022-2520, sysmalloc assertion fail in
rotateImage().
* Backport security fix for CVE-2022-2521, invalid pointer free operation
in TIFFClose().
* Backport security fix for CVE-2022-2953, out-of-bounds read in
extractImageSection().
* Backport security fix for CVE-2022-3970, fix (unsigned) integer overflow
on strips/tiles > 2 GB in TIFFReadRGBATileExt() (closes: #1024737).
Checksums-Sha1:
2dae9789ab634582142dbc7685ba32ac10453cce 2351 tiff_4.4.0-6ubuntu1.dsc
4623266ddadb5c8f7d4a01e6c9e7f7538819e8ef 33844 tiff_4.4.0-6ubuntu1.debian.tar.xz
30ff7dc8e60654d6652d3d9c5140011139af19a3 8521 tiff_4.4.0-6ubuntu1_source.buildinfo
Checksums-Sha256:
f17c711e5039cbf16bb9b549f18c65a20f93e7f80be8f9026c74f3414d3e8db7 2351 tiff_4.4.0-6ubuntu1.dsc
d6ddbb660176cb6a5d329ac707beeddac2cb57c0833d02b9e9aef384309725c6 33844 tiff_4.4.0-6ubuntu1.debian.tar.xz
77afef659638de5e45f81a6319d5edc02a3ce264ad90c0fa04930504b71a5fad 8521 tiff_4.4.0-6ubuntu1_source.buildinfo
Files:
77983722285a92f832cefe1ed82ab6dd 2351 libs optional tiff_4.4.0-6ubuntu1.dsc
bfab54b7f2613b31832728ae72faca6d 33844 libs optional tiff_4.4.0-6ubuntu1.debian.tar.xz
8cad31670c0cbaaf95efd744518e1cc8 8521 libs optional tiff_4.4.0-6ubuntu1_source.buildinfo
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs at debian.org>
More information about the lunar-changes
mailing list