Accepted tiff 4.0.3-12.3+deb8u4 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted tiff 4.0.3-12.3+deb8u4 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Date: Sat, 15 Jul 2017 20:48:11 +0000
Message-id: <[🔎] E1dWTz1-000HuC-Oj@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 02 Jul 2017 08:35:22 +0000
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source all amd64
Version: 4.0.3-12.3+deb8u4
Distribution: jessie-security
Urgency: high
Maintainer: Ondřej Surý <ondrej@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Closes: 850316 863185 866113 866611
Changes:
 tiff (4.0.3-12.3+deb8u4) jessie-security; urgency=high
 .
   * Backport fix for the following vulnerabilities:
     - CVE-2017-9403: fix memory leak in non DEFER_STRILE_LOAD mode,
     - CVE-2017-9404: memory leak vulnerability was found in the function
       OJPEGReadHeaderInfoSecTablesQTable(),
     - CVE-2016-10095 and CVE-2017-9147: add _TIFFCheckFieldIsValidForCodec()
       and use it in TIFFReadDirectory() (closes: #850316, #863185),
     - CVE-2017-9936: memory leak in error code path of JBIGDecode()
       (closes: #866113),
     - prevent out of memory in gtTileContig() on corrupted files,
     - CVE-2017-10688, assertion failure in TIFFWriteDirectoryTagCheckedXXXX()
       (closes: #866611).
   * Add required _TIFFCheckFieldIsValidForCodec@LIBTIFF_4.0 and
     _TIFFReadEncodedStripAndAllocBuffer@LIBTIFF_4.0 symbols to the
     libtiff5 package.
Checksums-Sha1:
 464c9062f2e1c187bfc62fbf2c0685501a8000f8 2240 tiff_4.0.3-12.3+deb8u4.dsc
 96cd34b33632ff0e0c902ea556565b9f2a5684cc 59668 tiff_4.0.3-12.3+deb8u4.debian.tar.xz
 f2773fa8656c505d13cd3bb04cbf6060572f370c 370656 libtiff-doc_4.0.3-12.3+deb8u4_all.deb
 ca29c3ba817fe0938857cfb67aec2ce840cfc99b 221088 libtiff5_4.0.3-12.3+deb8u4_amd64.deb
 e55762a11f627a677e7540cdfb21749354cd5bc3 80488 libtiffxx5_4.0.3-12.3+deb8u4_amd64.deb
 cac90abaa7cf91638b9f44f25f2d9fb61fa47076 343602 libtiff5-dev_4.0.3-12.3+deb8u4_amd64.deb
 43e39ceb07173dcdc3a484514c2b9d3f23debafc 274296 libtiff-tools_4.0.3-12.3+deb8u4_amd64.deb
 81b05e7aaf2c6ec362e3fd180efce9228df731da 85398 libtiff-opengl_4.0.3-12.3+deb8u4_amd64.deb
Checksums-Sha256:
 50e944559c1588ac8cdaca8034a3a74e9178d6f026edc5f48e9c4ab77540e82f 2240 tiff_4.0.3-12.3+deb8u4.dsc
 3e637b2784715aa3a4b6e9111d9265682b73997eed0750460afe29662166595f 59668 tiff_4.0.3-12.3+deb8u4.debian.tar.xz
 42c92b854a55df5e6fd394dd9ffef2dfcb62cbfa23c26e4e4d676d8c3683dade 370656 libtiff-doc_4.0.3-12.3+deb8u4_all.deb
 79eb932460fb975af5f0672201ec656eab1d1f2d0a5f25b0d5308de803b84c77 221088 libtiff5_4.0.3-12.3+deb8u4_amd64.deb
 56ccc8d1c899aaec398132747da046acf1d11f89facd4b3ff08d0400d118dbd8 80488 libtiffxx5_4.0.3-12.3+deb8u4_amd64.deb
 37a9da414935963a1ec63ecfa87fb3b473777aaaa946f8f176e8be80e19865c5 343602 libtiff5-dev_4.0.3-12.3+deb8u4_amd64.deb
 675be25b329c38aec7fd30a96fe73afe4c3b342da4d3d085c118221d1930002c 274296 libtiff-tools_4.0.3-12.3+deb8u4_amd64.deb
 7c6195738305c664d3c9cf63b1b3d5ebba4f8967abc1003e60b6ce4fe8418dfc 85398 libtiff-opengl_4.0.3-12.3+deb8u4_amd64.deb
Files:
 727a6acc201fc2abc6b5ac5764da0c82 2240 libs optional tiff_4.0.3-12.3+deb8u4.dsc
 9020cf788fbae80ed0343543a7d8842d 59668 libs optional tiff_4.0.3-12.3+deb8u4.debian.tar.xz
 c41c8eb083888f7e83d2295d7779acd5 370656 doc optional libtiff-doc_4.0.3-12.3+deb8u4_all.deb
 35a5b92c15fa9e3cf7963d65f740b07f 221088 libs optional libtiff5_4.0.3-12.3+deb8u4_amd64.deb
 4e5b64d38e719871710f9060c1f9ab5a 80488 libs optional libtiffxx5_4.0.3-12.3+deb8u4_amd64.deb
 bfe2ffdf111cdab5b378320c2a3f2b11 343602 libdevel optional libtiff5-dev_4.0.3-12.3+deb8u4_amd64.deb
 25a95583e54acc36e172edf6c62d09ec 274296 graphics optional libtiff-tools_4.0.3-12.3+deb8u4_amd64.deb
 8f825062eb394370e93a613d1b7bce46 85398 graphics optional libtiff-opengl_4.0.3-12.3+deb8u4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAllZE24ACgkQ3OMQ54ZM
yL+XuQ//fzg7slqtwL3wAmQpm4G0Q0Jy2iXHxvVmRN70GrsKdK9R4C+EKDf/Eqoi
G5BmKZllwcAX7ao5x4oo9IT5F9zbiRRRV5ZegkK8aUXvoFy22HLh1J1U8c08V7JN
NEttXvoHiNQLrzinwaavi2qRTYJWp7Ga7Ph3DG6PX/G1w8pDjcq0R1TIZZtkiQvY
XYeJ7mE/fapP6N7LlxfFBI6uE4lWa2Lq0e+3ACsFQ6ICylJCRAg1YLVAal1VJOdF
p2sHMtL5SdCAjtqRWGcuOC7NxIRVKpJid62fHWmWeoRLCvtuAT59v/2h5PHyzxwv
mZLeIeA+OjVzfSFzXsKyCaF5tTlsKyjjVs/SN5OmJZVXa2mb6pPZ1cXKl/d0oz4G
FtACpzp201SrW690E9wmUPacbbHc0JiFUv3UJqTFba4/hJ/Bf7tOAp3rBAwv1X01
HIUTecHa5unIVHCC4q2b6w7oL4rfOjIqTwwjZo1SC+R6DhkdWut1i2oWh7BSLFet
J3VoDq4SUhvesvz/jGfjHjR9nnNqYwLCnei74/CTqHkVitoM+hFj1YKYBOPIB5AM
Tg/C63z4k2CQ24Fvsnd10XRI/r9c9daoYNdxq3ap3EH2beHqbQhxXRBdM4QtPEQQ
KHR83iW82O+cyDa6amITuoXcMdo1UQ+p0ZF1RxkrqWLXBMa6BXw=
=2mHB
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted spice 0.12.5-1+deb8u5 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Next by Date: Accepted xorg-server 2:1.16.4-1+deb8u1 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Previous by thread: Accepted spice 0.12.5-1+deb8u5 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Next by thread: Accepted xorg-server 2:1.16.4-1+deb8u1 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Index(es):
- Date
- Thread