[ubuntu/lunar-proposed] tiff 4.5.0-5ubuntu1 (Accepted)

[Nathan Pratta Teodosio]

tiff (4.5.0-5ubuntu1) lunar; urgency=high

  * Merge from Debian unstable. Remaining differences:
    - Don't build with LERC on i386 because it requires numpy
      (Closes: #1017958, LP: #2012540)

tiff (4.5.0-5) unstable; urgency=high

  * Backport fix for tiffcrop correctly update buffersize after
    rotateImage() .
  * Backport fix for TIFFClose() avoid NULL pointer dereferencing.
  * Backport security fix for CVE-2023-0800, CVE-2023-0801, CVE-2023-0802,
    CVE-2023-0803 and CVE-2023-0804, an out-of-bounds write in tiffcrop
    allows attackers to cause a denial-of-service via a crafted tiff file.
  * Backport security fix for CVE-2023-0795, CVE-2023-0796, CVE-2023-0797,
    CVE-2023-0798 and CVE-2023-0799, an out-of-bounds read in tiffcrop allows
    attackers to cause a denial-of-service via a crafted tiff file.

Date: Fri, 24 Mar 2023 11:13:09 +0100
Changed-By: Nathan Pratta Teodosio <nathan.teodosio at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Sebastien Bacher <seb128 at ubuntu.com>
https://launchpad.net/ubuntu/+source/tiff/4.5.0-5ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 24 Mar 2023 11:13:09 +0100
Source: tiff
Built-For-Profiles: noudeb
Architecture: source
Version: 4.5.0-5ubuntu1
Distribution: lunar
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Nathan Pratta Teodosio <nathan.teodosio at canonical.com>
Closes: 1017958
Launchpad-Bugs-Fixed: 2012540
Changes:
 tiff (4.5.0-5ubuntu1) lunar; urgency=high
 .
   * Merge from Debian unstable. Remaining differences:
     - Don't build with LERC on i386 because it requires numpy
       (Closes: #1017958, LP: #2012540)
 .
 tiff (4.5.0-5) unstable; urgency=high
 .
   * Backport fix for tiffcrop correctly update buffersize after
     rotateImage() .
   * Backport fix for TIFFClose() avoid NULL pointer dereferencing.
   * Backport security fix for CVE-2023-0800, CVE-2023-0801, CVE-2023-0802,
     CVE-2023-0803 and CVE-2023-0804, an out-of-bounds write in tiffcrop
     allows attackers to cause a denial-of-service via a crafted tiff file.
   * Backport security fix for CVE-2023-0795, CVE-2023-0796, CVE-2023-0797,
     CVE-2023-0798 and CVE-2023-0799, an out-of-bounds read in tiffcrop allows
     attackers to cause a denial-of-service via a crafted tiff file.
Checksums-Sha1:
 0dccc79a2bc9cc6b102c3a64cc66be3e82ab632c 1728 tiff_4.5.0-5ubuntu1.dsc
 578158f731e39e486a960072d38180dc2cec0a5a 26780 tiff_4.5.0-5ubuntu1.debian.tar.xz
 bb9133d8ab551a937453a4c554174bc8adb0a331 11269 tiff_4.5.0-5ubuntu1_source.buildinfo
Checksums-Sha256:
 e6422399d497b54e236c419b0b88fc0655f0ad8b682e4526cf6a2560f1c9fad7 1728 tiff_4.5.0-5ubuntu1.dsc
 5af0f9e8c75f60b9f4d6cd0f70e1f9f2162d9cbe3185bbfd7a6e7378d76a1ebe 26780 tiff_4.5.0-5ubuntu1.debian.tar.xz
 e85822bc82ab3277e06b40aeea23e877430fdad75171c0fa70a211577ea0f9d1 11269 tiff_4.5.0-5ubuntu1_source.buildinfo
Files:
 af4b6ea77dbd18b8ef894b6b790030d5 1728 libs optional tiff_4.5.0-5ubuntu1.dsc
 14826799026eb3ea5956ab3ed3181bed 26780 libs optional tiff_4.5.0-5ubuntu1.debian.tar.xz
 40bc1d2c9a4c75b0a93e5919a4905f18 11269 libs optional tiff_4.5.0-5ubuntu1_source.buildinfo
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs at debian.org>