Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora Core 3: FEDORA-2005-598 Critical: libtiff Buffer Overflow

fedora
Calendar Grey January 7, 2005
Dist Fedora Esm H88
The latest Fedora release includes a patch for libtiff, targeting a potential integer overflow vulnerability within the tiffdump tool, thereby bolstering system security.
The updated libtiff package fixes an integer overflow which could lead to a buffer overflow in the tiffdump utility.

Summary

The libtiff package contains a library of functions for manipulating

TIFF (Tagged Image File Format) image format files. TIFF is a widely

used file format for bitmapped images. TIFF files usually end in the

.tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF

format image files.

The updated libtiff package fixes an integer overflow which could lead

to a buffer overflow in the tiffdump utility.

- fix an integer overflow in tiffdump (#143576)

686f7df06f7a5efb9f7fb36d533d139f SRPMS/libtiff-3.6.1-9.fc3.src.rpm

b0a169c54349d497476664ab8ae2a6e7 x86_64/libtiff-3.6.1-9.fc3.x86_64.rpm

f340b6b840861c4eac0a8a07e40504fa x86_64/libtiff-devel-3.6.1-9.fc3.x86_64.rpm

cb09d5feca67e1edca67140f83880dfb x86_64/debug/libtiff-debuginfo-3.6.1-9.fc3.x86_64.rpm

6f314da0e2860231fd857e0e029d665c x86_64/libtiff-3.6.1-9.fc3.i386.rpm

6f314da0e2860231fd857e0e029d665c i386/libtiff-3.6.1-9.fc3.i386.rpm

414279b14a370e5d868687e7c853a55f i386/libtiff-devel-3.6.1-9.fc3.i386.rpm

0ccf0ddbdd93d1499da73184c80e0fee i386/debug/libtiff-debuginfo-3.6.1-9.fc3.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

--fedora-announce-list mailing list

fedora-announce-list@redhat.com

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libtiff
Version: 3.6.1
Release: 9.fc3
Summary: A library of functions for manipulating TIFF format image

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here