Marc Deslauriers <marc.deslauri...@ubuntu.com> wrote: > *** /tmp/tmpgGHwFf/bug_body > In Ubuntu, the attached patch was applied to achieve the following: > > * SECURITY UPDATE: possible arbitrary code execution via heap overflow > in tiff2pdf. > - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in > tools/tiff2pdf.c. > - CVE-2012-3401 > > > Thanks for considering the patch.
I will try to get this patch in this weekend. Thanks. Note that tiff2pdf from the tiff3 package is not actually installed (it comes from the tiff package, which is 4.x), but I'll still apply the patch to avoid confusion. I'll certainly apply the patch to the tiff package. -- Jay Berkenbilt <q...@debian.org> -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
