Changes in TIFF v3.9.4 ====================== .. table:: References :widths: auto ====================== ========================================== Current Version v3.9.4 (:tag:`Release-v3-9-4`) Previous Version :doc:`v3.9.3 ` Master Download Site ``_ Master HTTP Site ``_ ====================== ========================================== This document describes the changes made to the software between the *previous* and *current* versions (see above). If you don't find something listed here, then it was not done in this timeframe, or it was not considered important enough to be mentioned. The following information is located here: Major changes ------------- * Complete the fixes for :cve:`2009-2347`. * :program:`tiffcrop` now supports custom page sizes. Software configuration changes ------------------------------ * None. Library changes --------------- * Fixed inadequate validation of the ``SubjectDistance`` field. * Fixed bad handling of out of order tags definated late by a codec. * Avoid re-preparing jpeg tables unnecessarily. Tools changes ------------- * :program:`tiffcrop`: Added an option to allow the user to specify a custom page size on the command line. Fix the case where a page size specified with a fractional part was being coerced to an integer by retyping the variables that define the paper size. Corrected European page size dimensions. * :program:`tiff2rgba`: Completed fixes for ":cve:`2009-2347` libtiff: integer overflows in various inter-color space conversion tools". :bugzilla:`2079` * :program:`tiff2pdf`: Fix assorted bugs in :program:`tiff2pdf`: missing ``return`` in :c:func:`t2p_read_tiff_size` causes ``t2p->tiff_datasize`` to be set entirely wrong for :c:macro:`COMPRESSION_JPEG` case, resulting in memory stomp if actual size is larger. Also, there are a bunch of places that try to :c:func:`memset` a malloc'd buffer before checking for malloc failure, which would result in core dump if there actually were a failure. Contributed software changes ---------------------------- * None