tiff (4.0.2-6+deb7u16) wheezy-security; urgency=high

  * Non-maintainer upload by the Debian LTS Team.
  * Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf
    (Closes: #868513)
  * Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec()
    (Closes: #873880)
  * Fix CVE-2017-13727: reachable assertion abort in
    TIFFWriteDirectoryTagSubifd() (Closes: #873879)
  * Fix CVE-2017-12944: mishandled memory allocation for short files, which
    allows remote attackers to cause a denial of service (allocation failure
    and application crash) in the TIFFFetchStripThing() (Closes: #872607)

 -- Roberto C. Sanchez <roberto@debian.org>  Sat, 09 Sep 2017 18:36:08 -0400

tiff (4.0.2-6+deb7u15) wheezy-security; urgency=medium

  * Non-maintainer upload by the Debian LTS team.
  * CVE-2017-9936: memory leak in error code path of JBIGDecode()
    (closes: #866113)
  * CVE-2017-10688, assertion failure in TIFFWriteDirectoryTagCheckedXXXX()
    (closes: #866611)

 -- Roberto C. Sanchez <roberto@debian.org>  Tue, 11 Jul 2017 08:32:49 -0400

tiff (4.0.2-6+deb7u14) wheezy-security; urgency=medium

  * Non-maintainer upload by the Debian LTS team.
  * Switch to upstream-provided patch to fix the numerous CVE related
    to _TIFFVGetField(). Drop
    0042-Make-more-tag-fields-known-to-TIFFReadDirectoryFindF.patch and
    0063-Handle-properly-CODEC-specific-tags.patch and replace them with
    CVE-2016-10095_CVE-2017-9147.patch
    Fixes CVE-2016-10095 and CVE-2017-9147 (on top of the older similar
    CVE).
  * CVE-2017-9403: Fix memory leak in TIFFReadDirEntryLong8Array.
  * CVE-2017-9404: Fix multiple memory leaks in tif_ojpeg.c.

 -- Raphaël Hertzog <hertzog@debian.org>  Tue, 13 Jun 2017 12:34:25 +0200

tiff (4.0.2-6+deb7u13) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2016-3658 and CVE-2016-10371:
    Two issues were discovered that would allow remote attackers to cause a
    denial of service via a crafted TIFF file.

 -- Markus Koschany <apo@debian.org>  Tue, 30 May 2017 22:02:16 +0200

tiff (4.0.2-6+deb7u12) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix the following security vulnerabilities:
  * CVE-2017-7592:
    The putagreytile function in tif_getimage.c has a left-shift undefined
    behavior issue, which might allow remote attackers to cause a denial of
    service (application crash) or possibly have unspecified other impact via a
    crafted image.
  * CVE-2017-7593:
    tif_read.c in LibTIFF does not ensure that tif_rawdata is properly
    initialized, which might allow remote attackers to obtain sensitive
    information from process memory via a crafted image.
  * CVE-2017-7594:
    The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF
    allows remote attackers to cause a denial of service (memory leak) via a
    crafted image.
  * CVE-2017-7595:
    The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF allows remote
    attackers to cause a denial of service (divide-by-zero error and
    application crash) via a crafted image.
  * CVE-2017-7596, CVE-2017-7597, CVE-2017-7599, CVE-2017-7600:
    LibTIFF has an "outside the range of representable values of type float"
    undefined behavior issue, which might allow remote attackers to cause a
    denial of service (application crash) or possibly have unspecified other
    impact via a crafted image.
  * CVE-2017-7598:
    tif_dirread.c in LibTIFF might allow remote attackers to cause a denial of
    service (divide-by-zero error and application crash) via a crafted image.
  * CVE-2017-7601:
    LibTIFF has a "shift exponent too large for 64-bit type long" undefined
    behavior issue, which might allow remote attackers to cause a denial of
    service (application crash) or possibly have unspecified other impact via a
    crafted image.
  * CVE-2017-7602:
    LibTIFF has a signed integer overflow, which might allow remote attackers
    to cause a denial of service (application crash) or possibly have
    unspecified other impact via a crafted image.

 -- Markus Koschany <apo@debian.org>  Mon, 24 Apr 2017 09:53:51 +0200

tiff (4.0.2-6+deb7u11) wheezy-security; urgency=medium

  * Non-maintainer upload by the LTS team.
  * CVE-2016-10266: Fix integer overflow that can lead to divide-by-zero
    in TIFFReadEncodedStrip (tif_read.c).
  * CVE-2016-10267: Avoid a divide-by-zero error in OJPEGDecodeRaw
    (tif_ojpeg.c) that can be triggered by a crafted TIFF file.
  * CVE-2016-10268: Fix heap-based buffer overflow in TIFFReverseBits
    (tif_swab.c).
  * CVE-2016-10269: Fix heap-based buffer overflow in _TIFFmemcpy
    (tif_unix.c).

 -- Raphaël Hertzog <hertzog@debian.org>  Tue, 28 Mar 2017 12:11:07 +0200

tiff (4.0.2-6+deb7u10) wheezy-security; urgency=medium

  * Non-maintainer upload by the LTS team.
  * When writing out a TIFF file, skip codec-specific tags that are not
    relevant for the current codec (compression scheme). Closes: #852610
    This fixes a regression introduced by
    0042-Make-more-tag-fields-known-to-TIFFReadDirectoryFindF.patch

 -- Raphaël Hertzog <hertzog@debian.org>  Tue, 07 Feb 2017 11:23:23 +0100

tiff (4.0.2-6+deb7u9) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Security Team.
  * CVE-2016-3622: The fpAcc function in tif_predict.c in the tiff2rgba
    tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a
    denial of service (divide-by-zero error) via a crafted TIFF image.
  * CVE-2016-3623: The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows
    remote attackers to cause a denial of service (divide-by-zero) by
    setting the (1) v or (2) h parameter to 0. (Fixed along with CVE-2016-3624.)
  * CVE-2016-3624: The cvtClump function in the rgb2ycbcr tool in
    LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial
    of service (out-of-bounds write) by setting the "-v" option to -1.
  * CVE-2016-3945: Multiple integer overflows in the (1) cvt_by_strip
    and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6
    and earlier, when -b mode is enabled, allow remote attackers to
    cause a denial of service (crash) or execute arbitrary code via a
    crafted TIFF image, which triggers an out-of-bounds write.
  * CVE-2016-3990: Heap-based buffer overflow in the
    horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6
    and earlier allows remote attackers to cause a denial of service
    (crash) or execute arbitrary code via a crafted TIFF image to
    tiffcp.
  * CVE-2016-9533: tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write
    vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka
    "PixarLog horizontalDifference heap-buffer-overflow."
  * CVE-2016-9534: tif_write.c in libtiff 4.0.6 has an issue in the error
    code path of TIFFFlushData1() that didn't reset the tif_rawcc and
    tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1
    heap-buffer-overflow."
  * CVE-2016-9535: tif_predict.h and tif_predict.c in libtiff 4.0.6 have
    assertions that can lead to assertion failures in debug mode, or
    buffer overflows in release mode, when dealing with unusual tile size
    like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor
    heap-buffer-overflow."
  * CVE-2016-9536: tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds
    write vulnerabilities in heap allocated buffers in
    t2p_process_jpeg_strip(). Reported as MSVR 35098, aka
    "t2p_process_jpeg_strip heap-buffer-overflow."
  * CVE-2016-9537: tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds
    write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096,
    and MSVR 35097.
  * CVE-2016-9538: tools/tiffcrop.c in libtiff 4.0.6 reads an undefined
    buffer in readContigStripsIntoBuffer() because of a uint16 integer
    overflow. Reported as MSVR 35100.
  * CVE-2016-9540: tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds
    write on tiled images with odd tile width versus image width.
    Reported as MSVR 35103, aka cpStripToTile heap-buffer-overflow.
  * CVE-2016-10092: heap-buffer-overflow in tiffcrop
  * CVE-2016-10093: uint32 underflow/overflow that can cause heap-based
    buffer overflow in tiffcp
  * CVE-2017-5225: LibTIFF version 4.0.7 is vulnerable to a heap buffer
    overflow in the tools/tiffcp resulting in DoS or code execution via
    a crafted BitsPerSample value.
  * heap-based buffer overflow in TIFFFillStrip (tif_read.c) (Closes:
    846837)

 -- Antoine Beaupré <anarcat@debian.org>  Tue, 17 Jan 2017 15:05:14 -0500

tiff (4.0.2-6+deb7u8) wheezy-security; urgency=high

  * Non-maintainer upload by the Debian Long Term Support Team.
  * Add 3 patches to fix:
    - CVE-2016-9273: heap-buffer-overflow in cpStrips
      Closes: #844013
    - CVE-2016-9297: read outside buffer in _TIFFPrintField
      Closes: #844226
    - CVE-2016-9532: heap buffer overflow via writeBufferToSeparateStrips
      Closes: #844057

 -- Raphaël Hertzog <hertzog@debian.org>  Tue, 22 Nov 2016 12:03:09 +0100

tiff (4.0.2-6+deb7u7) wheezy-security; urgency=high

  * Non-maintainer upload by the Debian Long Term Support Team.
  * 0042-Make-more-tag-fields-known-to-TIFFReadDirectoryFindF.patch:
    - CVE-2014-8128, CVE-2015-7554, CVE-2016-5318: memory corruption.
    Closes: #842043
  * Drop libtiff tools that are no longer supported upstream:
    bmp2tiff gif2tiff ras2tiff sgi2tiff sgisv ycbcr rgb2ycbcr thumbnail
    Fixes CVE-2016-3619, CVE-2016-3620, CVE-2016-3621, CVE-2016-5319,
    CVE-2015-8668, issues in bmp2tiff.
    Fixes CVE-2016-3186, CVE-2016-5102, issue in gif2tiff.
    Fixes CVE-2016-3631, CVE-2016-3632, CVE-2016-3633, CVE-2016-3634,
    CVE-2016-8331, issues in thumbnail.
    Fixes CVE-2016-3623, CVE-2016-3624, issues in rgb2ycbcr.
    Closes: #842046
  * Apply upstream patch for CVE-2016-6223: information leak in
    libtiff/tif_read.c. Closes: #842270
  * Backport upstream patch for CVE-2016-5652: heap based buffer overflow in
    tiff2pdf. Closes: #842361

 -- Raphaël Hertzog <hertzog@debian.org>  Wed, 02 Nov 2016 12:25:56 +0100

tiff (4.0.2-6+deb7u6) wheezy-security; urgency=medium

  * Non-maintainer upload by the Security Team.
  * 0038-libtiff-tif_pixarlog.c-fix-potential-buffer-write-ov.patch:
    - CVE-2016-5314, CVE-2016-5315, CVE-2016-5316, CVE-2016-5317,
      CVE-2016-5320, CVE-2016-5875: heap based buffer overflow.
  * 0039-tools-tiffcrop.c-Avoid-access-outside-of-stack-alloc.patch,
    0040-CVE-2016-5321-CVE-2016-5323-bugzilla-2558-2559.patch:
    - CVE-2016-5321, CVE-2016-5323: program crash via crafted image.
  * 0041-tools-tiffcrop.c-Fix-out-of-bounds-write-in-loadImag.patch:
    - CVE-2016-3991, CVE-2016-5322: fix out of bounds write in tiffcrop.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Thu, 28 Jul 2016 23:44:27 +0200

tiff (4.0.2-6+deb7u5) wheezy-security; urgency=high

  * Backport upstream fixes for:
    - CVE-2015-8665 an out-of-bound read in TIFFRGBAImage interface
      (closes: #808968),
    - CVE-2015-8683 an out-of-bounds read in CIE Lab image format
      (closes: #809021),
    - CVE-2015-8781 out of bounds write at tif_luv.c:208,
    - CVE-2015-8782 potential out-of-bound writes in decode,
    - CVE-2015-8783 potential out-of-bound reads in case of short input data,
    - CVE-2015-8784 potential out-of-bound write in NeXTDecode().

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Sat, 02 Jan 2016 09:51:18 +0100

tiff (4.0.2-6+deb7u4) wheezy-security; urgency=medium

  * Pull upstream security bugs from git cvsimported sources, this fixes
    many security bugs (CVE-2014-9330, CVE-2014-8127, CVE-2014-8129,
    CVE-2014-8128, CVE-2014-9655) (Closes: #773987, #776185)
  * The tiff package has a new maintainer

 -- Ondřej Surý <ondrej@debian.org>  Fri, 27 Mar 2015 16:05:23 +0100

tiff (4.0.2-6+deb7u3) stable-security; urgency=high

  * Fix for CVE-2013-4243 (validation for gif2tiff) from Red Hat. (Closes:
    #742917)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 21 Jun 2014 18:12:58 -0400

tiff (4.0.2-6+deb7u2) stable-security; urgency=high

  * Incorporated fixes to security issues CVE-2013-4231, CVE-2013-4232.
    (Closes: #719303)
  * Incorporated fix to CVE-2013-4244.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 24 Aug 2013 11:25:11 -0400

tiff (4.0.2-6+deb7u1) stable-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix cve-2013-1960: heap-based buffer overlow in tiff2pdf
    (closes: #706675).
  * Fix cve-2013-1961: stack-based buffer overflow in tiff2pdf
    (closes: #706674). 

 -- Michael Gilbert <mgilbert@debian.org>  Mon, 17 Jun 2013 01:27:17 +0000

tiff (4.0.2-6) unstable; urgency=high

  * Fix /usr/share/doc symlink to directory transition.  When upgrading
    from very old versions (pre 3.8.2-8), /usr/share/doc may contain
    symbolic links that should be removed.  (Closes: #687645)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 26 Jan 2013 12:28:19 -0500

tiff (4.0.2-5) unstable; urgency=high

  * Add fix for CVE-2012-4564, a heap-buffer overflow.  Thanks Adrian La
    Duca for doing all the work to prepare this upload.  (Closes: #692345)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 17 Nov 2012 12:40:25 -0500

tiff (4.0.2-4) unstable; urgency=high

  * Previous change was uploaded with the wrong CVE number.  I updated the
    last changelog entry.  The correct CVE number is CVE-2012-4447.

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 05 Oct 2012 17:33:44 -0400

tiff (4.0.2-3) unstable; urgency=high

  * Add fix for CVE-2012-4447, a buffer overrun.  (Closes: #688944)

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 05 Oct 2012 17:04:38 -0400

tiff (4.0.2-2) unstable; urgency=high

  * SECURITY UPDATE: possible arbitrary code execution via heap overflow
    in tiff2pdf.  (Closes: #682115)
    - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in
      tools/tiff2pdf.c.
    - CVE-2012-3401
    Changes prepared by Marc Deslauriers for Ubuntu.  Thanks!

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 21 Jul 2012 21:27:34 -0400

tiff (4.0.2-1) unstable; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 24 Jun 2012 13:45:42 -0400

tiff (4.0.1-8) unstable; urgency=low

  * Call glFlush() in tiffgt to fix display problems.  From
    https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/797166.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 16 Jun 2012 21:20:04 -0400

tiff (4.0.1-7) unstable; urgency=low

  * Add new temporary package libtiff5-alt-dev, which provides libtiff5
    development files in a location that doesn't conflict with
    libtiff4-dev.  See README.Debian for details.

 -- Jay Berkenbilt <qjb@debian.org>  Thu, 24 May 2012 15:24:36 -0400

tiff (4.0.1-6) unstable; urgency=low

  * Include pkg-config files

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 13 May 2012 12:53:38 -0400

tiff (4.0.1-5) unstable; urgency=low

  * Fix shlibs again.

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 22 Apr 2012 11:41:44 -0400

tiff (4.0.1-4) unstable; urgency=low

  * Use >= instead of > in shlibs file.

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 22 Apr 2012 10:57:02 -0400

tiff (4.0.1-3) unstable; urgency=low

  * Support JBIG now that patents have expired. (Closes: #667835)
  * Support LZMA.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 14 Apr 2012 19:03:04 -0400

tiff (4.0.1-2) unstable; urgency=high

  * Incorporated fix to CVE-2012-1173, a problem in the parsing of the
    TileSize entry, which could result in the execution of arbitrary code
    if a malformed image is opened.
  * Updated standards to 3.9.3

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 06 Apr 2012 10:10:48 -0400

tiff (4.0.1-1) unstable; urgency=low

  * New upstream release
  * Point watch file to new download location

 -- Jay Berkenbilt <qjb@debian.org>  Mon, 20 Feb 2012 09:43:54 -0500

tiff (4.0.0-2) experimental; urgency=low

  * Rename libtiff-dev -> libtiff5-dev to avoid premature transition for
    packages that explicitly depend on libtiff-dev.  At some future time,
    libtiff5-dev will provide or be renamed back to libtiff-dev.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 04 Feb 2012 09:41:19 -0500

tiff (4.0.0-1) experimental; urgency=low

  * New upstream release
  * Enable versioned symbols

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 28 Jan 2012 10:56:23 -0500

tiff (4.0.0~beta7-2) experimental; urgency=low

  * Incorporated changes from 3.9.5-2: security hardening and multiarch

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 17 Sep 2011 10:28:53 -0400

tiff (4.0.0~beta7-1) experimental; urgency=low

  * New upstream release including many security fixes and other
    improvements
  * Updated changelog with changes from 3.x series.
  * Updated standards version to 3.9.2.  No changes required.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 16 Apr 2011 13:45:33 -0400

tiff (4.0.0~beta6-3) experimental; urgency=low

  * Incorporated fix to CVE-2010-2483, "fix crash on OOB reads in
    putcontig8bitYCbCr11tile", from 3.9.4-4.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 02 Oct 2010 13:31:41 -0400

tiff (4.0.0~beta6-2) experimental; urgency=low

  * Incorporate changes from 3.9.4-{2,3} including updating standards
    version to 3.9.1 along with associated fixes.  (CVE-2010-2233 was
    already fixed in this version.)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 14 Aug 2010 16:36:44 -0400

tiff (4.0.0~beta6-1) experimental; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 18 Jun 2010 21:42:57 -0400

tiff (4.0.0~beta5-2) experimental; urgency=low

  * Depend on libjpeg-dev instead of libjpeg62-dev.
  * Change source format to '3.0 (quilt)'
  * Update standards version to 3.8.4.  No changes required.

 -- Jay Berkenbilt <qjb@debian.org>  Wed, 10 Feb 2010 19:36:43 -0500

tiff (4.0.0~beta5-1) experimental; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 06 Nov 2009 22:58:07 -0500

tiff (4.0.0~beta4-1) experimental; urgency=low

  * New upstream release.  All debian patches incorporated among many
    other fixes and enhancements.

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 28 Aug 2009 11:30:09 -0400

tiff (4.0.0~beta3-2) experimental; urgency=low

  * Fixed previously incorrect patch to lzw problem.

 -- Jay Berkenbilt <qjb@debian.org>  Mon, 24 Aug 2009 14:45:10 -0400

tiff (4.0.0~beta3-1) experimental; urgency=low

  * New upstream release.  This version is not binary compatible with the
    3.x series, nor is it entirely source compatible, but most
    applications should port easily.

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 21 Aug 2009 13:39:37 -0400

tiff (3.9.5-2) unstable; urgency=low

  * Implemented mulitarch and and PIE build for security hardening by
    integrating the changes from the Ubuntu tiff packages.  Thanks to Marc
    Deslauriers and anyone else who did the actual work.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 17 Sep 2011 10:15:39 -0400

tiff (3.9.5-1) unstable; urgency=low

  * New upstream release.  All security patches are fully incorporated
    into this version, as are many other bug fixes.
  * Updated standards version to 3.9.2.  No changes needed.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 16 Apr 2011 13:15:51 -0400

tiff (3.9.4-9) unstable; urgency=high

  * CVE-2011-1167: correct potential buffer overflow with thunder encoded
    files with wrong bitspersample set.  (Closes: #619614)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 02 Apr 2011 10:59:38 -0400

tiff (3.9.4-8) unstable; urgency=low

  * Enable PIE (position independent executable) build for security
    hardening.  Patch from Ubuntu.  (Closes: #613759)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 19 Mar 2011 10:22:32 -0400

tiff (3.9.4-7) unstable; urgency=high

  * Incorporate revised fix to CVE-2011-0192.

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 13 Mar 2011 14:33:38 -0400

tiff (3.9.4-6) unstable; urgency=high

  * Incorporated fix to CVE-2011-0192, "Buffer overflow in Fax4Decode".

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 26 Feb 2011 18:44:23 -0500

tiff (3.9.4-5) unstable; urgency=high

  * Incorporated fix to CVE-2010-3087, a potential denial of service
    exploitable with a specially crafted TIFF file.  (Closes: #600188)

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 17 Oct 2010 16:44:08 -0400

tiff (3.9.4-4) unstable; urgency=high

  * Incorporated fix to CVE-2010-2483, "fix crash on OOB reads in
    putcontig8bitYCbCr11tile".  (Closes: #595064)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 02 Oct 2010 13:17:12 -0400

tiff (3.9.4-3) unstable; urgency=low

  * Updated control file to remove obsolete Conflicts/Replaces for ancient
    packages.
  * Empty dependency_libs in all .la files as part of the .la file.  This
    also resolves the problem of having hard-coded paths in the .la file.
    (Closes: #509016)
  * Updated standards version to 3.9.1.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 14 Aug 2010 16:28:49 -0400

tiff (3.9.4-2) unstable; urgency=high

  * Incorporated patch to fix CVE-2010-2233, which fixes a specific
    failure of tif_getimage on 64-bit platforms.

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 13 Aug 2010 20:16:29 -0400

tiff (3.9.4-1) unstable; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 18 Jun 2010 21:28:11 -0400

tiff (3.9.2-3) unstable; urgency=low

  * Depend on libjpeg-dev instead of libjpeg62-dev.  (Closes: #569242)
  * Change source format to '3.0 (quilt)'
  * Update standards version to 3.8.4.  No changes required.

 -- Jay Berkenbilt <qjb@debian.org>  Wed, 10 Feb 2010 19:20:20 -0500

tiff (3.9.2-2) unstable; urgency=low

  * Include patch from upstream to fix problems with TIFFReadScanline()
    and ycbcr-encoded JPEG images.  (Closes: #510792)
  * Fix some manual page spelling errors found by lintian.

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 10 Jan 2010 10:56:32 -0500

tiff (3.9.2-1) unstable; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 06 Nov 2009 22:52:06 -0500

tiff (3.9.1-1) unstable; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 28 Aug 2009 15:44:23 -0400

tiff (3.9.0-2) unstable; urgency=low

  * Fix critical bug that could cause corrupt files to be written in some
    cases.  (Closes: #543079)

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 28 Aug 2009 13:38:03 -0400

tiff (3.9.0-1) unstable; urgency=low

  * New upstream release.  All previous security patches have been
    integrated.

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 21 Aug 2009 11:40:49 -0400

tiff (3.9.0beta+deb1-1) experimental; urgency=low

  * New upstream release (binary compatible with 3.8.2) -- release based
    on 3.9 branch from upstream CVS; see README.Debian for details.
    (Closes: #537118)
  * Updated standards to 3.8.3; no changes required.
  * Stopped using tarball in tarball packaging.  (Closes: #538565)

 -- Jay Berkenbilt <qjb@debian.org>  Wed, 19 Aug 2009 20:33:10 -0400

tiff (3.8.2-13) unstable; urgency=high

  * Apply patches to fix CVE-2009-2347, which covers two integer overflow
    conditions.
  * LZW patch from last update addressed CVE-2009-2285.  Renamed the patch
    to make this clearer.

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 12 Jul 2009 18:03:33 -0400

tiff (3.8.2-12) unstable; urgency=low

  * Apply patch to fix crash in lzw decoder that can be caused by certain
    invalid image files.  (Closes: #534137)
  * No longer ignore errors in preinst
  * Fixed new lintian warnings; updated standards version to 3.8.2.

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 28 Jun 2009 13:17:44 -0400

tiff (3.8.2-11) unstable; urgency=high

  * Apply security patches (CVE-2008-2327)
  * Convert patch system to quilt
  * Create README.source
  * Set standards version to 3.8.0

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 17 Aug 2008 13:16:37 -0400

tiff (3.8.2-10+lenny1) testing-security; urgency=high

  * Apply patches from Drew Yao of Apple Product Security to fix
    CVE-2008-2327, a potential buffer underflow in the LZW decoder
    (tif_lzw.c).

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 17 Aug 2008 11:56:01 -0400

tiff (3.8.2-10) unstable; urgency=low

  * Fix segmentation fault on subsequent parts of a file with an invalid
    directory tag.  (Closes: #475489)

 -- Jay Berkenbilt <qjb@debian.org>  Mon, 09 Jun 2008 11:02:53 -0400

tiff (3.8.2-9) unstable; urgency=low

  * Backported tiff2pdf from 4.0.0 beta 2.  This fixes many tiff2pdf bugs,
    though unfortunately none of the ones opened in the debian bug
    database!
  * Added upstream homepage to debian control file.

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 07 Jun 2008 22:52:27 -0400

tiff (3.8.2-8) unstable; urgency=low

  * Accepted tmpfile patch tiff2pdf to fix bug that has been fixed
    upstream since upstream release appears stalled.  Thanks Jesse Long.
    (Closes: #419773)
  * Update standards version to 3.7.3; no changes required.
  * ${Source-Version} -> ${binary:Version} in control
  * Split documentation into separate libtiff-doc package.  (Closes:
    #472189)

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 22 Mar 2008 12:30:38 -0400

tiff (3.8.2-7+etch1) stable-security; urgency=high

  * Apply patches from Drew Yao of Apple Product Security to fix
    CVE-2008-2327, a potential buffer underflow in the LZW decoder
    (tif_lzw.c).

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 17 Aug 2008 11:56:01 -0400

tiff (3.8.2-7) unstable; urgency=high

  * Replace empty directories in /usr/share/doc with links during package
    upgrade.  (Closes: #404631)

 -- Jay Berkenbilt <qjb@debian.org>  Tue,  2 Jan 2007 15:50:50 -0500

tiff (3.8.2-6) unstable; urgency=high

  * Add watch file
  * Tavis Ormandy of the Google Security Team discovered several problems
    in the TIFF library.  The Common Vulnerabilities and Exposures project
    identifies the following issues:
     - CVE-2006-3459: a stack buffer overflow via TIFFFetchShortPair() in
       tif_dirread.c
     - CVE-2006-3460: A heap overflow vulnerability was discovered in the
       jpeg decoder
     - CVE-2006-3461: A heap overflow exists in the PixarLog decoder
     - CVE-2006-3462: The NeXT RLE decoder was also vulnerable to a heap
       overflow
     - CVE-2006-3463: An infinite loop was discovered in
       EstimateStripByteCounts()
     - CVE-2006-3464: Multiple unchecked arithmetic operations were
       uncovered, including a number of the range checking operations
       deisgned to ensure the offsets specified in tiff directories are
       legitimate.
     - A number of codepaths were uncovered where assertions did not hold
       true, resulting in the client application calling abort()
     - CVE-2006-3465: A flaw was also uncovered in libtiffs custom tag
       support

 -- Jay Berkenbilt <qjb@debian.org>  Mon, 31 Jul 2006 18:14:59 -0400

tiff (3.8.2-5) unstable; urgency=low

  * Fix logic error that caused -q flag to be ignored when doing jpeg
    compression with tiff2pdf.  (Closes: #373102)

 -- Jay Berkenbilt <qjb@debian.org>  Mon, 19 Jun 2006 18:55:38 -0400

tiff (3.8.2-4) unstable; urgency=high

  * SECURITY UPDATE: Arbitrary command execution with crafted TIF files.
    Thanks to Martin Pitt.  (Closes: #371064)
  * Add debian/patches/tiff2pdf-octal-printf.patch:
    - tools/tiff2pdf.c: Fix buffer overflow due to wrong printf for octal
      signed char (it printed a signed integer, which overflew the buffer and
      was wrong anyway).
    - CVE-2006-2193

 -- Jay Berkenbilt <qjb@debian.org>  Wed,  7 Jun 2006 17:52:12 -0400

tiff (3.8.2-3) unstable; urgency=high

  * SECURITY UPDATE: Arbitrary command execution with crafted long file
    names.  Thanks to Martin Pitt for forwarding this.
    Add debian/patches/tiffsplit-fname-overflow.patch:
    - tools/tiffsplit.c: Use snprintf instead of strcpy for copying the
      user-specified file name into a statically sized buffer.
    CVE-2006-2656.  (Closes: #369819)
  * Update standards version to 3.7.2.  No changes required.
  * Moved doc-base information to libtiff4 instead of libtiff4-dev.

 -- Jay Berkenbilt <qjb@debian.org>  Thu,  1 Jun 2006 21:24:21 -0400

tiff (3.8.2-2) unstable; urgency=low

  * Fix build dependencies to get OpenGL utility libraries after new Xorg
    packaging.  (Closes: #365722)
  * Updated standards version to 3.7.0; no changes required to package.

 -- Jay Berkenbilt <qjb@debian.org>  Tue,  2 May 2006 10:10:45 -0400

tiff (3.8.2-1) unstable; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Tue, 28 Mar 2006 21:42:33 -0500

tiff (3.8.0-3) unstable; urgency=low

  * Switched build dependency from xlibmesa-gl-dev to libgl1-mesa-dev
    (incorporating Ubunutu patch)
  * Incorporated patch from upstream to fix handling of RGBA tiffs in
    tiff2pdf.  (Closes: #352849)

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 26 Feb 2006 13:21:17 -0500

tiff (3.8.0-2) unstable; urgency=low

  * Applied fixes from upstream to address a memory access violation
    [CVE-2006-0405].  (Closes: #350715, #351223)

 -- Jay Berkenbilt <qjb@debian.org>  Fri,  3 Feb 2006 21:48:39 -0500

tiff (3.8.0-1) unstable; urgency=low

  * New upstream release.  (Closes: #349921)
  * NOTE: The debian version of 3.8.0 includes a patch to correct a binary
    incompatibility in the original 3.8.0 release.  This libtiff package
    is binary compatible with 3.7.4 and will be binary compatible with the
    upcoming 3.8.1 release.

 -- Jay Berkenbilt <qjb@debian.org>  Fri, 27 Jan 2006 21:38:58 -0500

tiff (3.7.4-1) unstable; urgency=low

  * New upstream release
  * Fix typos in manual page (Closes: #327921, #327922, #327923, #327924)

 -- Jay Berkenbilt <qjb@debian.org>  Fri,  7 Oct 2005 10:25:49 -0400

tiff (3.7.3-1) unstable; urgency=low

  * New upstream release
  * g++ 4.0 transition: libtiffxx0 is now libtiffxx0c2.

 -- Jay Berkenbilt <qjb@debian.org>  Sat,  9 Jul 2005 12:00:44 -0400

tiff (3.7.2-3) unstable; urgency=high

  * Fix for exploitable segmentation fault on files with bad BitsPerSample
    values.  (Closes: #309739)
    [libtiff/tif_dirread.c, CAN-2005-1544]
    Thanks to Martin Pitt for the report.

 -- Jay Berkenbilt <qjb@debian.org>  Thu, 19 May 2005 05:41:28 -0400

tiff (3.7.2-2) unstable; urgency=high

  * Fix zero pagesize bug with tiff2ps -a2 and tiff2ps -a3.  Thanks to
    Patrice Fournier for the patch.  (Closes: #303583)
  * Note: uploading with urgency=high since this very small fix impacts
    tools only (not the library), and we don't want to block tiff's many
    reverse dependencies from transitioning to sarge.

 -- Jay Berkenbilt <qjb@debian.org>  Sun, 10 Apr 2005 10:12:37 -0400

tiff (3.7.2-1) unstable; urgency=low

  * New upstream release

 -- Jay Berkenbilt <qjb@debian.org>  Sat, 19 Mar 2005 14:51:06 -0500

tiff (3.7.1-4) unstable; urgency=low

  * Fix from upstream: include a better workaround for tiff files with
    invalid strip byte counts.  (Closes: #183268)

 -- Jay Berkenbilt <qjb@debian.org>  Tue, 22 Feb 2005 19:20:14 -0500

tiff (3.7.1-3) unstable; urgency=low

  * Disable C++ new experimental interfaces for now; will reappear in a
    future version in the separate libtiffxx0 package.

 -- Jay Berkenbilt <ejb@ql.org>  Sat, 29 Jan 2005 13:32:37 -0500

tiff (3.7.1+pre3.7.2-1) experimental; urgency=low

  * New upstream release
  * Separate experimental C++ interface into separate libtiffxx library.

 -- Jay Berkenbilt <ejb@ql.org>  Sat, 29 Jan 2005 13:03:19 -0500

tiff (3.7.1-2) unstable; urgency=low

  * Make -dev package depend upon other -dev packages referenced in the
    .la file created by libtool.  (Closes: #291136)
  * tiff2ps: Allow one of -w and -h without the other.  (Closes: #244247)

 -- Jay Berkenbilt <ejb@ql.org>  Wed, 19 Jan 2005 10:45:00 -0500

tiff (3.7.1-1) unstable; urgency=low

  * New upstream release
  * Correct error in doc-base file (Closes: #285652)

 -- Jay Berkenbilt <ejb@ql.org>  Wed,  5 Jan 2005 16:54:12 -0500

tiff (3.7.0-2) experimental; urgency=low

  * Replace hard-coded libc6-dev dependency with something friendlier to
    porters (libc6-dev | libc-dev).  (Closes: #179727)
  * Fixed upstream: proper netbsdelf*-gnu support in configure.  Actually
    fixed in 3.7.0-1 but left out of changelog.  (Closes: #179728)
  * Include opengl support; adds new libtiff-opengl package. (Closes: #219456)
  * Fixed upstream: fax2ps now allows access to first page. (Closes: #244251)

 -- Jay Berkenbilt <ejb@ql.org>  Sat, 11 Dec 2004 09:51:52 -0500

tiff (3.7.0-1) experimental; urgency=low

  * New upstream release (Closes: #276996)
  * New maintainer (Thanks Joy!)
  * Repackage using cdbs and simple-patchsys to fix some errors and
    simplify patch management
  * Fixed upstream: tiff2pdf ignores -z and -j (Closes: #280682)
  * Fixed upstream: Memory leak in TIFFClientOpen (Closes: #256657)

 -- Jay Berkenbilt <ejb@ql.org>  Fri, 26 Nov 2004 13:50:13 -0500

tiff (3.6.1-5) unstable; urgency=high

  * New maintainer (thanks Joy!)
  * Applied patch by Dmitry V. Levin to fix a segmentation fault
    [tools/tiffdump.c, CAN-2004-1183]
    Thanks to Martin Schulze for forwarding the patch.
  * Fixed section of -dev package (devel -> libdevel)

 -- Jay Berkenbilt <ejb@ql.org>  Wed,  5 Jan 2005 16:27:26 -0500

tiff (3.6.1-4) unstable; urgency=high

  * Fix heap overflow security bug [CAN-2004-1308].  (Closes: #286815)

 -- Jay Berkenbilt <ejb@ql.org>  Wed, 22 Dec 2004 10:20:52 -0500

tiff (3.6.1-3) unstable; urgency=medium

  * Patches from upstream to fix zero-size tile and integer overflow
    problems created by previous security patches, closes: #276783.
  * Added Jay Berkenbilt as co-maintainer. Jay thanks Joy for letting him
    help and eventually take over maintenance of these packages!

 -- Josip Rodin <joy-packages@debian.org>  Mon, 01 Nov 2004 12:28:27 +0100

tiff (3.6.1-2) unstable; urgency=low

  * Included security fixes for:
    + CAN-2004-0803
      - libtiff/tif_luv.c
      - libtiff/tif_next.c
      - libtiff/tif_thunder.c
    + CAN-2004-0804 (but this one is already applied upstream, it seems)
      - libtiff/tif_dirread.c
    + CAN-2004-0886
      - libtiff/tif_aux.c
      - libtiff/tif_compress.c
      - libtiff/tif_dir.c
      - libtiff/tif_dirinfo.c
      - libtiff/tif_dirread.c
      - libtiff/tif_dirwrite.c
      - libtiff/tif_extension.c
      - libtiff/tif_fax3.c
      - libtiff/tiffiop.h
      - libtiff/tif_getimage.c
      - libtiff/tif_luv.c
      - libtiff/tif_pixarlog.c
      - libtiff/tif_strip.c
      - libtiff/tif_tile.c
      - libtiff/tif_write.c
    Thanks to Martin Schulze for forwarding the patches.

 -- Josip Rodin <joy-packages@debian.org>  Thu, 14 Oct 2004 16:13:11 +0200

tiff (3.6.1-1.1) unstable; urgency=medium

  * Non-maintainer upload; thanks to Jay Berkenbilt <ejb@ql.org> for
    preparing the patches
  * Rename shared library and development packages to resolve accidental
    upstream ABI change.  Closes: #236247
  * Include patch from upstream to fix multistrip g3 fax bug.
    Closes: #243405
  * Include LZW support.  Closes: #260242, #248490
  * Fix URL in copyright file.  Closes: #261357
  * Install missing documentation files.  Closes: #261356

 -- Steve Langasek <vorlon@debian.org>  Sun, 25 Jul 2004 10:28:06 -0400

tiff (3.6.1-1) unstable; urgency=low

  * New upstream version, closes: #231977.
  * Slightly fixed up the static lib build rules so that the build process
    does the normal stuff for the dynamic lib and then does the static with
    the same tiffvers.h.

 -- Josip Rodin <joy-packages@debian.org>  Mon, 23 Feb 2004 18:23:34 +0100

tiff (3.5.7-2) unstable; urgency=high

  * Added back the patch that used -src static/libtiff.a in the install
    rule. Wonder how that disappeared... closes: #170914.
  * Fake it's a GNU system in order for the configure script to use our
    toolchain stuff on the NetBSD port, thanks to Joel Baker, closes: #130636.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Tue, 10 Dec 2002 17:18:28 +0100

tiff (3.5.7-1) unstable; urgency=low

  * New upstream version, closes: #144940.
  * A whole new set of patches for the breakage in the build system :)

 -- Josip Rodin <jrodin@jagor.srce.hr>  Sun,  6 Oct 2002 22:54:08 +0200

tiff (3.5.5-6) unstable; urgency=low

  * It appears that the general 64-bit detection code, isn't.
    We have to include all of those three conditions, feh.
    This really closes: #106706.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Wed,  8 Aug 2001 23:09:55 +0200

tiff (3.5.5-5) unstable; urgency=low

  * Changed two Alpha/Mips-isms into general 64-bit detection code,
    patch from John Daily <jdaily@progeny.com>, closes: #106706.
  * Patched man/Makefile.in to generate a manual page file for
    TIFFClientOpen(3t), as a .so link to TIFFOpen(3t), closes: #99577.
  * Used /usr/share/doc in the doc-base file, closes: #74122.
  * Changed libtiff3g-dev's section back to devel, since graphics was,
    according to elmo, "hysterical raisins". :))

 -- Josip Rodin <jrodin@jagor.srce.hr>  Fri, 27 Jul 2001 01:43:04 +0200

tiff (3.5.5-4) unstable; urgency=low

  * Updated config.* files, closes: #94696.
  * Fixed libtiff3g-dev's section, closes: #85533.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Wed, 20 Jun 2001 18:29:24 +0200

tiff (3.5.5-3) unstable; urgency=low

  * Build shared library on Hurd, too, closes: #72482.
  * Upped Standards-Version to 3.5.0.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Sat, 30 Sep 2000 17:42:13 +0200

tiff (3.5.5-2) unstable; urgency=low

  * Make `dynamic shared object' on Linux unconditionally, fixes the problem
    with libc.so.6.1 on alpha, thanks Chris C. Chimelis.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Wed, 13 Sep 2000 21:44:00 +0200

tiff (3.5.5-1) unstable; urgency=low

  * New upstream version.
  * The upstream build system sucks. There, I said it. Back to work now. :)
  * Added a build dependencies on make (>= 3.77) (closes: #67747) and
    debhelper.
  * Standards-Version: 3.2.1:
    + added DEB_BUILD_OPTIONS checks in debian/rules

 -- Josip Rodin <jrodin@jagor.srce.hr>  Tue, 29 Aug 2000 14:06:02 +0200

tiff (3.5.4-5) frozen unstable; urgency=low

  * Fixed 16-bit/32-bit values bug in fax2ps from libtiff-tools, that
    also breaks printing from hylafax, using provided oneliner patch
    from Bernd Herd (accepted upstream), closes: #49232 and probably #62235.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Mon, 27 Mar 2000 17:12:10 +0200

tiff (3.5.4-4) frozen unstable; urgency=low

  * Weird dpkg-shlibdeps from dpkg 1.6.8-pre has done it again, this time
    with libz.so, making the packages depend on zlib1 (instead of zlib1g).
    Closes: #56134, #56137, #56140, #56155.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Tue, 25 Jan 2000 18:05:28 +0100

tiff (3.5.4-3) frozen unstable; urgency=low

  * Included libtiff.so file in libtiff3g-dev, dammit :( My eye hurts,
    a lot, but this was easy to fix, thank goodness :) (closes: #55814).
    This bugfix deserves to get into frozen because the bug cripples
    libtiff3g-dev, a lot.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Fri, 21 Jan 2000 19:02:22 +0100

tiff (3.5.4-2) unstable; urgency=low

  * Fixed upstream build system to use ${DESTDIR}, and with that working,
    created install: rule in debian/rules and used it.
  * Fixed the way rules file gets the version from upstream sources,
    and fixed dist/tiff.alpha, it didn't work.
  * Removed README file from libtiff3g binary package, useless.
  * Fixed configure script not to emit the wrong warning about
    zlib/jpeg dirs not specified (they're in /usr/include, stupid :).

 -- Josip Rodin <jrodin@jagor.srce.hr>  Thu, 30 Dec 1999 01:17:32 +0100

tiff (3.5.4-1) unstable; urgency=low

  * New upstream version, closes: #50338.
  * Disabled libc5 build, it wouldn't compile. :(

 -- Josip Rodin <jrodin@jagor.srce.hr>  Fri,  3 Dec 1999 20:49:25 +0100

tiff (3.5.2-4) unstable; urgency=low

  * Castrated the rules file, to make it actually work on !(i386 m68k).
    Closes: #49316.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Sat,  6 Nov 1999 13:22:54 +0100

tiff (3.5.2-3) unstable; urgency=low

  * Removed sparc from the libtiff3 arches list, as BenC advised.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Fri, 29 Oct 1999 23:29:23 +0200

tiff (3.5.2-2) unstable; urgency=low

  * Changed Architecture: line for libtiff3 from "any" to "i386 m68k sparc"
    as it is actually only built on those. Changed description a little bit.
  * Minor fixes to the rules file.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Thu, 28 Oct 1999 14:00:02 +0200

tiff (3.5.2-1) unstable; urgency=low

  * New upstream version.
  * Renamed source package to just "tiff", like upstream tarball name.
  * New maintainer (thanks Guy!). Renewed packaging, with debhelper,
    using Joey's nifty multi2 example, with several adjustments.
  * Ditched libtiff3-altdev, nobody's using that and nobody should be
    using that. Packaging for it still exists, it's just commented out.
  * Uses doc-base for -dev docs now. Uncompressed HTML docs, 100kb space
    saved is pointless when you can't use any links between documents.

 -- Josip Rodin <jrodin@jagor.srce.hr>  Tue, 26 Oct 1999 16:20:46 +0200

libtiff3 (3.4beta037-8) unstable; urgency=low

  * Argh, same bug in the prerm, closes: #36990, #36850, #36855,
    #36866, #36988.

 -- Guy Maor <maor@debian.org>  Sat,  1 May 1999 10:12:23 -0700

libtiff3 (3.4beta037-7) unstable; urgency=low

  * Don't error when dhelp is not installed, closes: #36879, #36922.

 -- Guy Maor <maor@debian.org>  Thu, 29 Apr 1999 19:17:55 -0700

libtiff3 (3.4beta037-6) unstable; urgency=low

  * Only build libc5 packages on appropriate archs, closes: #27083, #32007.
  * Apply NMU patch, closes: #26413, #26887.
  * Add dhelp support, closes: #35154.
  * Recompile removes invalid dependency, closes: #30961.

 -- Guy Maor <maor@debian.org>  Sat, 24 Apr 1999 15:17:51 -0700

libtiff3 (3.4beta037-5.1) frozen unstable; urgency=low

  * NMU to not use install -s to strip static .a libraries. Fixes: #26413
  * Build with recent libjpeg. Fixes: #26887
  * Add Section: and Priority: headers to debian/control.

 -- Ben Gertzfield <che@debian.org>  Mon, 26 Oct 1998 22:44:33 -0800

libtiff3 (3.4beta037-5) unstable; urgency=low

  * Explicit link with -lm (and don't need -lc now), fixes: #19167, #22180.

 -- Guy Maor <maor@ece.utexas.edu>  Tue, 11 Aug 1998 22:27:56 -0700

libtiff3 (3.4beta037-4) unstable; urgency=low

  * libtiff3-tools conflicts & replaces with libtiff3-gif (13521,15107).

 -- Guy Maor <maor@ece.utexas.edu>  Sun, 11 Jan 1998 13:09:28 -0800

libtiff3 (3.4beta037-3) unstable; urgency=low

  * New libjpegg contains shlibs file, so don't need shlibs.local.
  * Compile with -D_REENTRANT.
  * Add shlibs for libtiff3g (13423).

 -- Guy Maor <maor@ece.utexas.edu>  Sat, 27 Sep 1997 13:17:45 -0500

libtiff3 (3.4beta037-2) unstable; urgency=low

  * Add libjpegg6a to shlibs.local to correct for broken dependency.

 -- Guy Maor <maor@ece.utexas.edu>  Fri, 26 Sep 1997 11:23:55 -0500

libtiff3 (3.4beta037-1) unstable; urgency=low

  * New upstream version, libc6 compile, policy 2.3.0.0 (5136, 7470, 7627, 8166
    8312, 9479, 9492, 9531, 11700, 11702).
  * Fix check for shared lib support (10805).

 -- Guy Maor <maor@ece.utexas.edu>  Tue, 23 Sep 1997 16:55:56 -0500
