Accepted tiff 4.0.3-12.3+deb8u10 (source all amd64) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted tiff 4.0.3-12.3+deb8u10 (source all amd64) into oldoldstable
From: Thorsten Alteholz <debian@alteholz.de>
Date: Tue, 26 Nov 2019 18:50:26 +0000
Message-id: <[🔎] E1iZfus-0007YM-7M@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 26 Nov 2019 19:03:02 +0100
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source all amd64
Version: 4.0.3-12.3+deb8u10
Distribution: jessie-security
Urgency: high
Maintainer: Ondřej Surý <ondrej@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
 tiff (4.0.3-12.3+deb8u10) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-17546
     The RGBA interface contains an integer overflow that might lead
     to heap buffer overflow write.
   * CVE-2019-6128
     memory leak due to missing cleanup code
   * CVE-2018-18661
     In case of exhausted memory there is a null pointer dereference
     in tiff2bw.
   * CVE-2018-12900
     Fix for heap-based buffer overflow, that could be used to crash an
     application or even to execute arbitrary code (with the permission
     of the user running this application).
   * CVE-2017-17095
     A crafted tiff file could lead to a heap buffer overflow in pal2rgb.
Checksums-Sha1:
 40b4d56834083c0559cc4bac44a43642a63efdf2 2403 tiff_4.0.3-12.3+deb8u10.dsc
 652e97b78f1444237a82cbcfe014310e776eb6f0 2051630 tiff_4.0.3.orig.tar.gz
 ed904353e6a61b09d5fc5ca5c9cebd0f67a7bff9 72116 tiff_4.0.3-12.3+deb8u10.debian.tar.xz
 6367ff031ec213b8ab0709191f627582821ceeab 372476 libtiff-doc_4.0.3-12.3+deb8u10_all.deb
 4c619bbe1f9952fbdbbbc9736d0d37d42bd97e14 223498 libtiff5_4.0.3-12.3+deb8u10_amd64.deb
 9621fbb927656f09e334189e4034e0dd8c056641 82050 libtiffxx5_4.0.3-12.3+deb8u10_amd64.deb
 0a85f9a539d7a7ee15f5dde3318c949bf5789e24 345678 libtiff5-dev_4.0.3-12.3+deb8u10_amd64.deb
 5e84ed105d6ea3fba9a21999b73f804777ba717b 275510 libtiff-tools_4.0.3-12.3+deb8u10_amd64.deb
 efe9ce68e80e2b709f28bf4907a005ec161e3020 86958 libtiff-opengl_4.0.3-12.3+deb8u10_amd64.deb
Checksums-Sha256:
 40404d8248af7d7747f4e26e7f565309a101b5c319a6c83e98f255418d47a0f1 2403 tiff_4.0.3-12.3+deb8u10.dsc
 ea1aebe282319537fb2d4d7805f478dd4e0e05c33d0928baba76a7c963684872 2051630 tiff_4.0.3.orig.tar.gz
 82cb1167bd84eb8583c4b937a7c7a8d37fe78c2a2392a167b16c40dd02dfc62b 72116 tiff_4.0.3-12.3+deb8u10.debian.tar.xz
 4e066bbefaf0b6360ab1cd498946d3ba132766e4c2fd10315812452bc83b6b54 372476 libtiff-doc_4.0.3-12.3+deb8u10_all.deb
 361c9ec4e673482bbc7537c2c3a4d6b3c9b40874b2646e79c1c2bd46cdc14baa 223498 libtiff5_4.0.3-12.3+deb8u10_amd64.deb
 9f2c317767adb5d1f5849f74f718ca1b9d37a3aa9ada80103d2023b928a3f45a 82050 libtiffxx5_4.0.3-12.3+deb8u10_amd64.deb
 3c6ca9bd64083e2a70f508af0987b025039b4114337f1f3d12f91d1655106b8d 345678 libtiff5-dev_4.0.3-12.3+deb8u10_amd64.deb
 ef1b0cd0f146b7024118cd0be7e2ec97a2a1009d78f198e567b264445a85889d 275510 libtiff-tools_4.0.3-12.3+deb8u10_amd64.deb
 75e1a992bd88121d714133204ac78944549d1fd39e3aaf395d1b3cc6eac83770 86958 libtiff-opengl_4.0.3-12.3+deb8u10_amd64.deb
Files:
 8f7a10bae98738f29ea9dff0cd4a516b 2403 libs optional tiff_4.0.3-12.3+deb8u10.dsc
 051c1068e6a0627f461948c365290410 2051630 libs optional tiff_4.0.3.orig.tar.gz
 8a9206cb295b8088f106343bd82f50c7 72116 libs optional tiff_4.0.3-12.3+deb8u10.debian.tar.xz
 2b74bf89bf388fa695228391d4d04682 372476 doc optional libtiff-doc_4.0.3-12.3+deb8u10_all.deb
 917ceb6df119b623f573bff9e8f30696 223498 libs optional libtiff5_4.0.3-12.3+deb8u10_amd64.deb
 65c17650f0a9aa937d006f343672c32a 82050 libs optional libtiffxx5_4.0.3-12.3+deb8u10_amd64.deb
 b309aebd75252898f4d62d89c0194744 345678 libdevel optional libtiff5-dev_4.0.3-12.3+deb8u10_amd64.deb
 360e8f273ae34bb3d694adad9578a293 275510 graphics optional libtiff-tools_4.0.3-12.3+deb8u10_amd64.deb
 5c78cf69f07cfff61f75c42e0d3ae46a 86958 graphics optional libtiff-opengl_4.0.3-12.3+deb8u10_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl3dbyxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYRzMpD/9kn72yViq5Jw3gCVgQSr/McZLFIVQk
LEXEr9YBKhxbSXvZm8VlhGWcRalDO2V+6c0URzQnTAiShG2ojEua886I2w967h5M
w996Lof7frEpGaVxy/Mzt5xcatpxUJTYQjUVFr4Mx4/ji3iV4uCQx77htqlqYMiZ
T3/vokeMIbXQYESysN7GjYodEAeByS1VB/9Crw4oy2KhlPVSSx+PDbHMTByukvXj
6IzllDfNk5malJVrBlECprh5oR/+VLD3RTACLi0hivPgzXdSrFv1zd8K+Kc6OD+m
pkzlqzBjTsF0epNKz8Z3rEkiyGGfdlUEAx0tMJMMwE17CO+Z9nkyCwW2tmoz67nT
xgSBhbrGrajfvcJY4/UDyaK9h+FpI7EVkCjFq+R4Jeex+T3olLLtXTCIzNhnGwRk
eWhIOiMr8fC9+nThbm5n+LbJmHyGlVWxqVyhnxGOoPtFSc9zsbQ3s2XHMJVeWKCb
LbvayU66EZi8bDks5SrHKM/pq6WdHKpdsGKK8ZipecaP+k1Ws6R1fHS1WYxA8THN
nIzAZc6dFNG2JhHEy2MsHUKCCLvxPj5ctFN5GAzQh6TegJ60Ar2iaLuI1OKrywrQ
PWCTGy/Nu4bxy9El9ofTs8zFNjFxxUsbRaMn0pNAzT0/L2HHzdNV0OENt3P5p8N1
GpK9ze5kaBF5rA==
=H4/a
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted xmlrpc-epi 0.54.2-1.1+deb8u1 (source amd64) into oldoldstable
Next by Date: Accepted bsdiff 4.3-15+deb8u1 (source amd64) into oldoldstable
Previous by thread: Accepted xmlrpc-epi 0.54.2-1.1+deb8u1 (source amd64) into oldoldstable
Next by thread: Accepted bsdiff 4.3-15+deb8u1 (source amd64) into oldoldstable
Index(es):
- Date
- Thread