tags 366588 +pending found 366588 3.7.2-3sarge1 notfound 366588 3.8.2-1 notfound 366588 3.8.2-2 thanks
I have sent a patch to the security team for the sarge version. If they agree, presumably a new version will be upload soon and a woody version will also be prepared. Here is the patch. It is basically the changes from revision 1.11 to 1.12 of tif_color.c I have also attempted to use the found and notfound commands to keep this bug from counting against the transition of 3.8.2-2 to etch, though I'm not sure I've done it right. -- Jay Berkenbilt <[EMAIL PROTECTED]>
--- libtiff/tif_color.c.qdist 2005-01-15 10:42:50.000000000 -0500 +++ libtiff/tif_color.c 2006-05-14 09:47:02.115457504 -0400 @@ -92,6 +92,11 @@ Yg = TIFFmax( Yg, cielab->display.d_Y0G ); Yb = TIFFmax( Yb, cielab->display.d_Y0B ); + /* Avoid overflow in case of wrong input values */ + Yr = TIFFmin(Yr, cielab->display.d_YCR); + Yg = TIFFmin(Yg, cielab->display.d_YCG); + Yb = TIFFmin(Yb, cielab->display.d_YCB); + /* Turn luminosity to colour value. */ i = TIFFmin(cielab->range, (int)((Yr - cielab->display.d_Y0R) / cielab->rstep));
