Package: tiff3 Severity: important Tags: security upstream Hi,
the following vulnerabilities were published for tiff3. CVE-2013-4231[0]: Stack-based buffer overflow CVE-2013-4232[1]: use after free These where found by Pedro Ribeiro[2] and are found all in the tools part and apply also to tiff3. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-4231 [1] http://security-tracker.debian.org/tracker/CVE-2013-4232 [2] http://www.asmail.be/msg0055359936.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
