Date: Fri, 28 Apr 2006 11:39:34 -0300 From: Marcus Alves Grando <mnag@FreeBSD.org> To: freebsd-emulation@FreeBSD.org Subject: [Fwd: [SA19838] LibTIFF Multiple Vulnerabilities] Message-ID: <44522926.7050400@FreeBSD.org>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Can someone update graphics/linux-tiff to fix this issue? Thanks - -------- Original Message -------- Subject: [SA19838] LibTIFF Multiple Vulnerabilities Date: 28 Apr 2006 09:33:52 -0000 From: Secunia Security Advisories <sec-adv@secunia.com> To: marcus@corp.grupos.com.br TITLE: LibTIFF Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19838 VERIFY ADVISORY: http://secunia.com/advisories/19838/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: - From remote SOFTWARE: LibTIFF 3.x http://secunia.com/product/4053/ DESCRIPTION: Tavis Ormandy has reported some vulnerabilities in LibTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. 1) Several unspecified errors in the "TIFFFetchAnyArray()" function and in the cleanup functions can be exploited to crash an application linked against LibTIFF when a specially crafted TIFF image is processed. 2) An integer overflow error in the "TIFFFetchData()" function in tif_dirread.c can be exploited to crash an application linked against LibTIFF and may allow arbitrary code execution when a specially crafted TIFF image is processed. 3) A double free error in tif_jpeg.c within the setfield/getfield methods in the cleanup functions can be exploited to crash an application linked against LibTIFF and may allow arbitrary code execution when a specially crafted TIFF image is processed. The vulnerabilities have been reported in version 3.8.0. Prior versions may also be affected. SOLUTION: Update to version 3.8.1 or later. http://www.remotesensing.org/libtiff/ PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy ORIGINAL ADVISORY: http://www.remotesensing.org/libtiff/v3.8.1.html http://bugzilla.remotesensing.org/show_bug.cgi?id=1102 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189933 - ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. - ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=marcus%40corp.grupos.com.br - ---------------------------------------------------------------------- - -- Marcus Alves Grando FreeBSD Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEUikli+5fOs3MJz8RAsNfAJ4uUn8CCjpAVTeBPUTbqKf4HfqumgCfXZd+ EsvaV6xjmgla8V9bvO4r2ks= =KkmQ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44522926.7050400>