Subject: CVS commit: pkgsrc/graphics/tiff
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <email@example.com>
Date: 06/08/2006 11:05:14
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 8 11:05:14 UTC 2006
pkgsrc/graphics/tiff: Makefile distinfo
Security fix for CVE-2006-2193:
"A vulnerability in LibTIFF can be exploited by malicious people to
cause a DoS (Denial of Service) and potentially compromise a user's
The vulnerability is caused due to a boundary error within tiff2pdf
when handling a TIFF file with a "DocumentName" tag that contains
UTF-8 characters. This can be exploited to cause a stack-based buffer
overflow and may allow arbitrary code execution."
Patch from Ubuntu.
To generate a diff of this commit:
cvs rdiff -r1.81 -r1.82 pkgsrc/graphics/tiff/Makefile
cvs rdiff -r1.37 -r1.38 pkgsrc/graphics/tiff/distinfo
cvs rdiff -r0 -r1.5 pkgsrc/graphics/tiff/patches/patch-au
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.