Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2
allows context-dependent attackers to cause a denial of service
(crash) via a crafted TIFF image, a different vulnerability than
Created attachment 196475 [details, diff]
Patch as applied in upstream HEAD, refreshed to 3.8.2 release. Note that another patch has been applied to 3.9 branch but upstream considers this a cleaner patch.
bumped in cvs.
*tiff-3.8.2-r7 (04 Jul 2009)
04 Jul 2009; Markus Meier <email@example.com> +tiff-3.8.2-r7.ebuild,
version bump wrt security bug #276339. this ebuild is based on
tiff-3.8.2-r5.ebuild as opengl-support is currently broken in -r6.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
amd64 stable, all arches done.