Changelog for
tiff3-3.9.5-2.1.x86_64.rpm :
Mon Jul 2 14:00:00 2012 pgajdosAATTsuse.com
- renamed to tiff3 package
Wed Jun 20 14:00:00 2012 pgajdosAATTsuse.com
- fixed
* CVE-2012-2113 [bnc#767852]
* CVE-2012-2088 [bnc#767854]
Mon Apr 2 14:00:00 2012 pgajdosAATTsuse.com
- fixed CVE-2012-1173 [bnc#753362]
Fri Aug 5 14:00:00 2011 crrodriguezAATTopensuse.org
- Do not use -fno-strict-aliasing, no longer needed
and will probably slow down the code.
- Fix self-obsoletion warning
Thu Apr 14 14:00:00 2011 pgajdosAATTsuse.cz
- updated to 3.9.5:
* fixed integer overflow CVE-2010-4665
* fixed buffer overflow in ojpeg decoder
* upstreamed:
- oob-read.patch
- CVE-2011-0192.patch
- getimage-64bit.patch
- CVE-2011-1167.patch
- scanlinesize.patch
Thu Mar 31 14:00:00 2011 pgajdosAATTsuse.cz
- fixed regression caused by previous update [bnc#682871]
* modified CVE-2011-0192.patch
- fixed buffer overflow in thunder decoder [bnc#683337]
* added CVE-2011-1167.patch
Thu Feb 17 13:00:00 2011 pgajdosAATTsuse.cz
- fixed buffer overflow [bnc#672510]
* CVE-2011-0192.patch
Mon Sep 6 14:00:00 2010 pgajdosAATTsuse.cz
- fixed \"Possibly exploitable memory corruption issue in libtiff\"
(see http://bugzilla.maptools.org/show_bug.cgi?id=2228)
[bnc#624215]
* scanlinesize.patch
- fixed crash while using libjpeg7 and higher
* dont-fancy-upsampling.patch
Mon Jul 12 14:00:00 2010 pgajdosAATTsuse.cz
- updated to 3.9.4: fixes CVE-2010-2065 -- obsoletes
* integer-overflow.patch
* NULL-deref.patch
- fixes CVE-2010-2067
Wed Jun 23 14:00:00 2010 pgajdosAATTsuse.cz
- fixed CVE-2010-2065
* integer-overflow.patch
* NULL-deref.patch
- fixed out of bounds read
* oob-read.patch
- fixed CVE-2010-2233
* getimage-64bit.patch
- [bnc#612879]
Mon Apr 26 14:00:00 2010 pgajdosAATTsuse.cz
- fixed tiff2pdf output [bnc#599475]
Fri Mar 26 13:00:00 2010 pgajdosAATTsuse.cz
- fixed typo
Tue Mar 16 13:00:00 2010 pgajdosAATTsuse.cz
- updated to 3.9.2: fixed many CVE\'s and obsoletes almost all
our patches (see ChangeLog for details)
Tue Dec 15 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- enable parallel building
Thu Aug 6 14:00:00 2009 pgajdosAATTsuse.cz
- fixed integer overflows [bnc#519796]
* CVE-2009-2347.patch
Thu Jul 2 14:00:00 2009 nadvornikAATTsuse.cz
- fixed lzw overflow CVE-2009-2285 [bnc#518698]