SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libtiff-3.8.2-2tr.i586.rpm :
Mon Feb 26 13:00:00 2007 Nived Gopalan
- Rebuilt

Mon Jun 19 14:00:00 2006 Nived Gopalan 3.8.2-1tr
- New Upstream.

Thu May 4 14:00:00 2006 Nived Gopalan 3.7.3-2tr
- SECURITY Fix: Tavis Ormandy has reported some vulnerabilities in LibTIFF,
which can be exploited by malicious people to cause a DoS and potentially
to compromise a user\'s system.
- Several unspecified errors in the \"TIFFFetchAnyArray()\" function and in
the cleanup functions can be exploited to crash an application linked
against LibTIFF when a specially crafted TIFF image is processed.
- Integer overflow in the TIFFFetchData function in tif_dirread.c allows
context-dependent attackers to cause a denial of service and possibly
execute arbitrary code via a crafted TIFF image.
- A double free error in tif_jpeg.c within the setfield/getfield methods
in the cleanup functions can be exploited to crash an application linked
against LibTIFF and may allow arbitrary code execution when a specially
crafted TIFF image is processed.
- The TIFFToRGB function in libtiff allows remote attackers to cause a
denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values
that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-2024, CVE-2006-2025, CVE-2006-2026 and
CVE-2006-2120 these issues.

Thu Jul 21 14:00:00 2005 Hasher Jamaludeen 3.7.3-1tr
- New Upstream
- Security Fix: Stack-based buffer overflow in libTIFF allows remote
attackers to execute arbitrary code via a TIFF file with a malformed
BitsPerSample tag.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-1544.

Thu Mar 17 13:00:00 2005 Bipin S 3.7.2-1tr
- New Upstream

Thu Jan 6 13:00:00 2005 Ajith Thampi 3.7.1-1tr
- New Upstream
- spec cleanup
- CAN-2004-1183, CAN-2004-1308

Tue Oct 12 14:00:00 2004 Oystein Viggen 3.6.1-1tr
- New upstream
- CAN-2004-0803, CAN-2004-0886

Wed Jun 18 14:00:00 2003 Erlend Midttun 3.5.7-2tr
- Big rebuild

Mon Apr 14 14:00:00 2003 Gerald Dachs 3.5.7-1gd
- initial release


 
ICM