Slackware 14.0 Update: SSA:2013-290-01 Critical LibTiff Buffer Overflow
slackware
October 18, 2013
New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues
Summary
Here are the details from the Slackware 14.0 ChangeLog: patches/packages/libtiff-3.9.7-i486-1_slack14.0.txz: Upgraded. Patched overflows, crashes, and out of bounds writes. Thanks to mancha for the backported patches. For more information, see: https://www.cve.org/CVERecord?id=CVE-2012-2088 https://www.cve.org/CVERecord?id=CVE-2012-2113 https://www.cve.org/CVERecord?id=CVE-2012-4447 https://www.cve.org/CVERecord?id=CVE-2012-4564 https://www.cve.org/CVERecord?id=CVE-2013-1960 https://www.cve.org/CVERecord?id=CVE-2013-1961 https://www.cve.org/CVERecord?id=CVE-2013-4231 https://www.cve.org/CVERecord?id=CVE-2013-4232 https://www.cve.org/CVERecord?id=CVE-2013-4244 (* Security fix *)
Where Find New Packages
Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.
Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/libtiff-3.9.7-i486-1_slack12.1.tgz
Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/libtiff-3.9.7-i486-1_slack12.2.tgz
Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/libtiff-3.9.7-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/libtiff-3.9.7-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/libtiff-3.9.7-i486-1_slack13.1.txz
Updated package for Slackware x86_64 ...
MD5 Signatures
Slackware 12.1 package:
4119dd6983587cc822c926b87cabdda8 libtiff-3.9.7-i486-1_slack12.1.tgz
Slackware 12.2 package:
97736443343ba31c3d041eef3560b4ae libtiff-3.9.7-i486-1_slack12.2.tgz
Slackware 13.0 package:
cff78f2b00f74132a47a4e16ede860c9 libtiff-3.9.7-i486-1_slack13.0.txz
Slackware x86_64 13.0 package:
de4d32b50320fc281e735c25f1556450 libtiff-3.9.7-x86_64-1_slack13.0.txz
Slackware 13.1 package:
eacdd28fc4c28f3fb557f63bc8b91ceb libtiff-3.9.7-i486-1_slack13.1.txz
Slackware x86_64 13.1 package:
d09b713720b2405b46f275dbeb0cb44f libtiff-3.9.7-x86_64-1_slack13.1.txz
Slackware 13.37 package:
89bee8ce291da41be1b094820d339f36 libtiff-3.9.7-i486-1_slack13.37.txz
Slackware x86_64 13.37 package:
ff80be9f6782f5abd15fc8f61453671f libtiff-3.9.7-x86_64-1_slack13.37.txz
Slackware 14.0 package:
b46e7c734d91c5f244f29ddaf4e63575 libtiff-3.9.7-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
8f191ca18a44da5f0dbab9eefba93db6 libtiff-3.9.7-x86_64-1_slack14.0.txz
Slackware -current package:
68f02cadea225a0f1d1e085842bc9f43 l/libtiff-3.9.7-i486-1.txz
Slackware x86_64 -current package:
77b0fa68c52be40b5d9a1037a8925f70 l/libtiff-3.9.7-x86_64-1.txz
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Installation instructions: Upgrade the package as root: # upgradepkg libtiff-3.9.7-i486-1_slack14.0.txz
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!