Ubuntu 5743-2: LibTIFF vulnerability | LinuxSecurity.com
==========================================================================
Ubuntu Security Notice USN-5743-2
December 01, 2022

tiff vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

LibTIFF could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
- tiff: Tag Image File Format (TIFF) library

Details:

USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the
corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS and Ubuntu 22.10.

Original advisory details:

  It was discovered that LibTIFF incorrectly handled certain malformed
  images. If a user or automated system were tricked into opening a 
specially
  crafted image, a remote attacker could crash the application, leading to a
  denial of service, or possibly execute arbitrary code with user 
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
   libtiff-tools                   4.4.0-4ubuntu3.2
   libtiff5                        4.4.0-4ubuntu3.2

Ubuntu 22.04 LTS:
   libtiff-tools                   4.3.0-6ubuntu0.3
   libtiff5                        4.3.0-6ubuntu0.3

Ubuntu 20.04 LTS:
   libtiff-tools                   4.1.0+git191117-2ubuntu0.20.04.7
   libtiff5                        4.1.0+git191117-2ubuntu0.20.04.7

Ubuntu 18.04 LTS:
   libtiff-tools                   4.0.9-5ubuntu0.9
   libtiff5                        4.0.9-5ubuntu0.9

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5743-2
   https://ubuntu.com/security/notices/USN-5743-1
   CVE-2022-3970

Package Information:
   https://launchpad.net/ubuntu/+source/tiff/4.4.0-4ubuntu3.2
   https://launchpad.net/ubuntu/+source/tiff/4.3.0-6ubuntu0.3
https://launchpad.net/ubuntu/+source/tiff/4.1.0+git191117-2ubuntu0.20.04.7
   https://launchpad.net/ubuntu/+source/tiff/4.0.9-5ubuntu0.9

Ubuntu 5743-2: LibTIFF vulnerability

December 1, 2022
LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - tiff: Tag Image File Format (TIFF) library Details: USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. Original advisory details:  It was discovered that LibTIFF incorrectly handled certain malformed  images. If a user or automated system were tricked into opening a specially  crafted image, a remote attacker could crash the application, leading to a  denial of service, or possibly execute arbitrary code with user privileges.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10:   libtiff-tools                   4.4.0-4ubuntu3.2   libtiff5                        4.4.0-4ubuntu3.2 Ubuntu 22.04 LTS:   libtiff-tools                   4.3.0-6ubuntu0.3   libtiff5                        4.3.0-6ubuntu0.3 Ubuntu 20.04 LTS:   libtiff-tools                   4.1.0+git191117-2ubuntu0.20.04.7   libtiff5                        4.1.0+git191117-2ubuntu0.20.04.7 Ubuntu 18.04 LTS:   libtiff-tools                   4.0.9-5ubuntu0.9   libtiff5                        4.0.9-5ubuntu0.9 In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-5743-2

  https://ubuntu.com/security/notices/USN-5743-1

  CVE-2022-3970

Severity
Ubuntu Security Notice USN-5743-2

Package Information

  https://launchpad.net/ubuntu/+source/tiff/4.4.0-4ubuntu3.2   https://launchpad.net/ubuntu/+source/tiff/4.3.0-6ubuntu0.3 https://launchpad.net/ubuntu/+source/tiff/4.1.0+git191117-2ubuntu0.20.04.7   https://launchpad.net/ubuntu/+source/tiff/4.0.9-5ubuntu0.9

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.