This bug was fixed in the package tiff - 3.8.2-7ubuntu3.2
---------------
tiff (3.8.2-7ubuntu3.2) hardy-security; urgency=low
* SECURITY UPDATE: denial of service via buffer underflow in the
LZWDecodeCompat function (LP: #380149)
- debian/patches/CVE-2009-2285.patch: abort if code is bigger than
CODE_CLEAR in libtiff/tif_lzw.c.
- CVE-2009-2285
-- Marc Deslauriers <[email protected]> Fri, 03 Jul 2009
14:54:05 -0400
** Changed in: tiff (Ubuntu Hardy)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2285
** Changed in: tiff (Ubuntu Intrepid)
Status: Confirmed => Fix Released
--
tiff2ps crashed with SIGSEGV in TIFFReadScanline()
https://bugs.launchpad.net/bugs/380149
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
