Subject: CVS commit: pkgsrc/graphics/tiff
To: None <>
From: Lubomir Sedlacik <>
List: pkgsrc-changes
Date: 06/08/2006 11:05:14
Module Name:	pkgsrc
Committed By:	salo
Date:		Thu Jun  8 11:05:14 UTC 2006

Modified Files:
	pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
	pkgsrc/graphics/tiff/patches: patch-au

Log Message:
Security fix for CVE-2006-2193:

"A vulnerability in LibTIFF can be exploited by malicious people to
 cause a DoS (Denial of Service) and potentially compromise a user's

 The vulnerability is caused due to a boundary error within tiff2pdf
 when handling a TIFF file with a "DocumentName" tag that contains
 UTF-8 characters.  This can be exploited to cause a stack-based buffer
 overflow and may allow arbitrary code execution."

Patch from Ubuntu.

To generate a diff of this commit:
cvs rdiff -r1.81 -r1.82 pkgsrc/graphics/tiff/Makefile
cvs rdiff -r1.37 -r1.38 pkgsrc/graphics/tiff/distinfo
cvs rdiff -r0 -r1.5 pkgsrc/graphics/tiff/patches/patch-au

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.