Security fix for CVE-2006-2193:

"A vulnerability in LibTIFF can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerability is caused due to a boundary error within tiff2pdf when handling a TIFF file with a "DocumentName" tag that contains UTF-8 characters. This can be exploited to cause a stack-based buffer overflow and may allow arbitrary code execution." http://secunia.com/advisories/20488/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193 Patch from Ubuntu.
author: salo <salo> 2006-06-08 11:05:14 +0000
committer: salo <salo> 2006-06-08 11:05:14 +0000
commit: 46f2a56369c2f5b6a12d0d9645cf24644f8f3ad6 (patch)
tree: 4b0ae7670683eba7301fccf2d91a16a5c5a924b2 /graphics/tiff/distinfo
parent: fb2e83a0c8d2ba1da2e9ab099403c2d73a572a90 (diff)
download: pkgsrc-46f2a56369c2f5b6a12d0d9645cf24644f8f3ad6.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo
index dc438891d05..d5be039a8e6 100644
--- a/graphics/tiff/distinfo
+++ b/graphics/tiff/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.37 2006/03/31 14:31:03 drochner Exp $
+$NetBSD: distinfo,v 1.38 2006/06/08 11:05:14 salo Exp $
 
 SHA1 (tiff-3.8.2.tar.gz) = 549e67b6a15b42bfcd72fe17cda7c9a198a393eb
 RMD160 (tiff-3.8.2.tar.gz) = 1b4d825e3be08764e953fc58246d0c25ab4dd17d
@@ -6,3 +6,4 @@ Size (tiff-3.8.2.tar.gz) = 1336295 bytes
 SHA1 (patch-aa) = edac79a6f3b61e9fc787fe14f750d88023a29bfa
 SHA1 (patch-ab) = b517cb8bc2212d3e6c5a70db1bdf45b85b78fc72
 SHA1 (patch-at) = 4006ed90f6ab88aff30e2537d613a1b44b5c7347
+SHA1 (patch-au) = c53ed7521c3918081526ad63cd0c1c45c9a0b9ff
author	salo <salo>	2006-06-08 11:05:14 +0000
committer	salo <salo>	2006-06-08 11:05:14 +0000
commit	46f2a56369c2f5b6a12d0d9645cf24644f8f3ad6 (patch)
tree	4b0ae7670683eba7301fccf2d91a16a5c5a924b2 /graphics/tiff/distinfo
parent	fb2e83a0c8d2ba1da2e9ab099403c2d73a572a90 (diff)
download	pkgsrc-46f2a56369c2f5b6a12d0d9645cf24644f8f3ad6.tar.gz