Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora Core 3: Critical libtiff Update for Buffer Overflow Exploit

fedora
Calendar Grey December 22, 2004
Dist Fedora Esm H88
Addresses several memory overflow vulnerabilities within the libtiff library for Fedora Core 3. Urgent security notice provided.
Fix several buffer overflow problems that could be used as an exploit

Summary

The libtiff package contains a library of functions for manipulating

TIFF (Tagged Image File Format) image format files. TIFF is a widely

used file format for bitmapped images. TIFF files usually end in the

.tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF

format image files.

Fix several buffer overflow problems that could be used as an exploit.

Fixes the following security advisory: CAN-2004-1308

- fix some integer and buffer overflows (#143506)

0370e65c66788b4476863b29d697247e SRPMS/libtiff-3.6.1-8.fc3.src.rpm

2475b693e8188e003a54e94fca748031 x86_64/libtiff-3.6.1-8.fc3.x86_64.rpm

ba0f1e89001372552094f55dfe05fa66 x86_64/libtiff-devel-3.6.1-8.fc3.x86_64.rpm

43f170c08e8a6c1c53083d98469d5428 x86_64/debug/libtiff-debuginfo-3.6.1-8.fc3.x86_64.rpm

eca9284e795fcfe8e43f7fe7c15f8ee4 x86_64/libtiff-3.6.1-8.fc3.i386.rpm

eca9284e795fcfe8e43f7fe7c15f8ee4 i386/libtiff-3.6.1-8.fc3.i386.rpm

59492e392e5b0bd9e66ca8ee82627967 i386/libtiff-devel-3.6.1-8.fc3.i386.rpm

58ff2cbc072afc35eea2efc2bac42ea4 i386/debug/libtiff-debuginfo-3.6.1-8.fc3.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

--fedora-announce-list mailing list

fedora-announce-list@redhat.com

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libtiff
Version: 3.6.1
Release: 8.fc3
Summary: A library of functions for manipulating TIFF format image

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here