FS#36635 - [libtiff] Two security bugs (with patches)

Attached to Project: Arch Linux
Opened by Steven (Stebalien) - Thursday, 22 August 2013, 03:14 GMT
Last edited by Eric Belanger (Snowman) - Thursday, 22 August 2013, 21:20 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Eric Belanger (Snowman)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

There are two new security bugs in libtiff. Patches are available:

CVE-2013-4231: http://bugzilla.maptools.org/show_bug.cgi?id=2450
CVE-2013-4232: http://bugzilla.maptools.org/show_bug.cgi?id=2449

If this was the wrong place to report this, please tell me. I have attached a package diff.
This task depends upon

Closed by  Eric Belanger (Snowman)
Thursday, 22 August 2013, 21:20 GMT
Reason for closing:  Fixed
Additional comments about closing:  libtiff-4.0.3-3
Comment by Steven (Stebalien) - Thursday, 22 August 2013, 03:18 GMT
Disclaimer: I don't actually know if these patches work (blindly applied from upstream).

Loading...