Accepted tiff 4.0.7-1 (source all amd64) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted tiff 4.0.7-1 (source all amd64) into unstable
From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Date: Sun, 20 Nov 2016 13:50:43 +0000
Message-id: <[🔎] E1c8SW3-000HtI-Lb@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 19 Nov 2016 18:05:24 +0000
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source all amd64
Version: 4.0.7-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Closes: 800124 820365 844013 844226
Changes:
 tiff (4.0.7-1) unstable; urgency=high
 .
   * New upstream release.
   * Fixes the following vulnerabilities:
     - CVE-2015-7313, OOM when parsing crafted tiff files (closes: #800124),
     - CVE-2016-3622, denial of service (divide-by-zero error) via
       the fpAcc function in tif_predict.c (closes: #820365),
     - CVE-2016-3945, multiple integer overflows in the tiff2rgba tool,
     - CVE-2016-3990, write buffer overflow in PixarLogEncode,
     - CVE-2016-3991 and CVE-2016-5322, heap-based buffer overflow in the
       loadImage function,
     - CVE-2016-9273, heap-buffer-overflow in cpStrips (closes: #844013),
     - CVE-2016-9297, segfault in _TIFFPrintField() (closes: #844226),
     - CVE-2016-9448, in TIFFFetchNormalTag(), do not dereference NULL pointer
       (regression of CVE-2016-9297),
     - heap buffer overflow via writeBufferToSeparateStrips() in tiffcrop.
   * Remove backported vulnerability fixes, this release contains those.
   * Update libtiff5 symbols.
Checksums-Sha1:
 131d573ae0277cea17434c21db280e8c5e33aca4 2125 tiff_4.0.7-1.dsc
 2c1b64478e88f93522a42dd5271214a0e5eae648 2076392 tiff_4.0.7.orig.tar.gz
 6d7d690b8f543c319f2d3b5cc98dd06506fdc2ac 15144 tiff_4.0.7-1.debian.tar.xz
 917dfbdd62cab09291a670c92c33b6b25d46ae87 387232 libtiff-doc_4.0.7-1_all.deb
 8b70c390e913b263f12f1f50a71c27f9be0fc2fe 14178 libtiff-opengl-dbgsym_4.0.7-1_amd64.deb
 9db569d883859f115cd129ee178f2eeda94c808b 94074 libtiff-opengl_4.0.7-1_amd64.deb
 77910b9deb6272bfe0a110a6ce08283882ba92fc 351152 libtiff-tools-dbgsym_4.0.7-1_amd64.deb
 5a80e9be5aaea8866f9b858d739cd1881cb4e866 277304 libtiff-tools_4.0.7-1_amd64.deb
 70272614882dc1aadb57c752c11c6f0b0e567e3a 365614 libtiff5-dbgsym_4.0.7-1_amd64.deb
 87df8f00e6f5ef2691313c54c7cc2ee8efc4770e 350242 libtiff5-dev_4.0.7-1_amd64.deb
 99a6188e5adf67ad1a2dde1bb5a5804594bd7e81 228122 libtiff5_4.0.7-1_amd64.deb
 e61728cef5ddaa1f5163051cab329d1b7a5c3323 21030 libtiffxx5-dbgsym_4.0.7-1_amd64.deb
 20edd62656132b0b5d547a795a85df11c83083f1 89376 libtiffxx5_4.0.7-1_amd64.deb
 3ef82cae9c80be3019e7dfab0b7daca21d1bb563 10066 tiff_4.0.7-1_amd64.buildinfo
Checksums-Sha256:
 7b066eec518b8d8f4f5bcd06dd3dda672194bb37b7f8ad9c46630b8031fa41d5 2125 tiff_4.0.7-1.dsc
 9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019 2076392 tiff_4.0.7.orig.tar.gz
 add4fbb212a89f967f38285f0adb5b976a60a52e2efff3004de83610e51339dc 15144 tiff_4.0.7-1.debian.tar.xz
 c706a429913008113f36a8b3fb7990ad91efca71c8f8d417ce23a4737356239e 387232 libtiff-doc_4.0.7-1_all.deb
 1baffb10565a25d66fed74e115d33130e37dae4ff2e48fc7b55462d6e4752d79 14178 libtiff-opengl-dbgsym_4.0.7-1_amd64.deb
 b12146e7d9ddbf9ac504407a939b008d637d0b49d7a9bc500f0bc3e3b8aceafe 94074 libtiff-opengl_4.0.7-1_amd64.deb
 7a7c7b192cadde81e8618f0f8c2db5f365847ecdad71484df0203b380dabab71 351152 libtiff-tools-dbgsym_4.0.7-1_amd64.deb
 7a78b53b431b70ae4c6dc1334d53fb321cadc4a60bef6846a7214a5ee653f925 277304 libtiff-tools_4.0.7-1_amd64.deb
 c85aecd53cd820f24e6d3e896967b34cb525f0d3174d58a4e48ea54f71bb82d3 365614 libtiff5-dbgsym_4.0.7-1_amd64.deb
 e8d831eb4004e1072c2cd5e7b368afc30b7b5113a9c0230c508e886bcf6f0906 350242 libtiff5-dev_4.0.7-1_amd64.deb
 fb9fd61ea5645ff60ecf0e5b7276c0b15221b82c8ac79850b10c5038f7f0a9ed 228122 libtiff5_4.0.7-1_amd64.deb
 e241f4a59cdefdf6b058ea9014680e6691966bc7950187902409b3cf614263d1 21030 libtiffxx5-dbgsym_4.0.7-1_amd64.deb
 d5bf0fde9dbded7aba10dd68cf5add8b13d16f68a790985b1957d86a81675738 89376 libtiffxx5_4.0.7-1_amd64.deb
 da0ad7e2b622787e052090e9369cdda342d92a9e79276f9d42038c5d0294e8c4 10066 tiff_4.0.7-1_amd64.buildinfo
Files:
 58b3062e1403b1267f5b296b30b985db 2125 libs optional tiff_4.0.7-1.dsc
 77ae928d2c6b7fb46a21c3a29325157b 2076392 libs optional tiff_4.0.7.orig.tar.gz
 45e0d4909b965334be2253953da3a222 15144 libs optional tiff_4.0.7-1.debian.tar.xz
 f553d6a3a5a123fcb830aaa5ba69d4a1 387232 doc optional libtiff-doc_4.0.7-1_all.deb
 0638c39c60e98a153b0b8d48da8063b2 14178 debug extra libtiff-opengl-dbgsym_4.0.7-1_amd64.deb
 ff4bf4273ed313a5962dfbaef66c8b3b 94074 graphics optional libtiff-opengl_4.0.7-1_amd64.deb
 b5d8121d9a19bb338dc7826843e3bb02 351152 debug extra libtiff-tools-dbgsym_4.0.7-1_amd64.deb
 39cd8185ae21e14c9066e2f920d84ea2 277304 graphics optional libtiff-tools_4.0.7-1_amd64.deb
 0e0153ebade05b64a11fdafecc8f4418 365614 debug extra libtiff5-dbgsym_4.0.7-1_amd64.deb
 bf01669377a80b44b4e226f65e1d282a 350242 libdevel optional libtiff5-dev_4.0.7-1_amd64.deb
 b238b8fa668171aaba8d3188fcd78f89 228122 libs optional libtiff5_4.0.7-1_amd64.deb
 bd909227c047c5c3916a03ec525a8466 21030 debug extra libtiffxx5-dbgsym_4.0.7-1_amd64.deb
 79bf58db2473f035140fcc89855be73e 89376 libs optional libtiffxx5_4.0.7-1_amd64.deb
 7e9cf923f8ae8e36f45be27621ece79d 10066 libs optional tiff_4.0.7-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYMacNAAoJENzjEOeGTMi/LAwP/RsjPN/hdJuF93mPtqJA4Mcr
NgoerE4imaStmFkniAWVTo7tYS4jnuPDMEGhvvTDJ8iUbxbASFdZrb/ITz1LPEV+
4yZw0vqNY8dhDkjsinn+4gCDRye+xHb3dMl2WhfdM6DPWWHyAthquhKkVkCw8kvl
h9ymzFvgBKgd+ESrTax3EEeJDZOyiu6yr9v6dn3pvb8/Z3v1SPv5F6fD8facp0XR
O9h/X765RdMHGye9ox9bJX/LkHm3W5bigX0eK3yY4JKAmw30KDOvBvtsFb1hQSMi
zhSdXBc0xFCx2reO8nMdydeo9AteT8psAEQNB7w7xgzymsS9aktBgasH9d71LRwZ
xRjGxMk3IeNEr5t8HQX8zgqIa7jcmPgYGrPuazyUSL7M3kaSrEBwj/FCkegbDNMf
f4Azb3vyLFYRXd7j0oNJ5WcmmEhosZwgwS76TbKBoB47QtQR1cxTJ/KrtkIB09Z6
/MUBkKVJudbiwM2QFD8gzsftJ077cPHWSIrEgQwX2I34zZvgLa4GhZ2ke24Ozjw5
oXpTE3uhTl8Wz/ZUp4kQfq1T/4nW2vW5kfHpfLFDV1bIlwaz/BiTILH4W1aK0nr3
rWYgvG77Asb84YHeLwmel2cGhZsty5jFpmV1b4z6/8VLGu0SkE+6pJVCj3Y6TYwZ
TFQLdnHVHKjuhBRBrATc
=lE+v
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted gnome-shell-extension-taskbar 53.0-1 (source all) into unstable
Next by Date: Accepted gcc-snapshot 20161119-1 (source) into unstable
Previous by thread: Accepted gnome-shell-extension-taskbar 53.0-1 (source all) into unstable
Next by thread: Accepted gcc-snapshot 20161119-1 (source) into unstable
Index(es):
- Date
- Thread