libtiff-4.0.9-31.el8

エラータID: AXSA:2024-8169:02

Release date: 
Friday, June 14, 2024 - 20:01
Subject: 
libtiff-4.0.9-31.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c (CVE-2022-4645)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.10 Release Notes linked from the References section.

CVE-2022-4645
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

Solution: 

Update packages.

CVEs: 
CVE-2022-4645
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-4.0.9-31.el8.src.rpm
    MD5: 34334c99daa2243abfd862dd30f5b9a3
    SHA-256: c9bd7f54f585e2a92d4332b7c003c81f1785d61affbdaa3109b2653cf6534620
    Size: 2.27 MB

Asianux Server 8 for x86_64
  1. libtiff-4.0.9-31.el8.i686.rpm
    MD5: 406407a94fe388474a0f48755dfe31aa
    SHA-256: 5309e20b1e227a7464c888bd532dfd8441faa64616a1b32fe4c94df33be8e919
    Size: 203.38 kB
  2. libtiff-4.0.9-31.el8.x86_64.rpm
    MD5: 570babd1bbd047744d43d77625fd8eeb
    SHA-256: cffe7c6d4098238bf55d3d9940ea9a0f7e23baa4e193efa0ee2c2acb6d2ed74a
    Size: 188.64 kB
  3. libtiff-devel-4.0.9-31.el8.i686.rpm
    MD5: f02d50e2e6ad98a10bd43fce1e0ae9e5
    SHA-256: 78e210de85285eefea80958c33c57c65d32e1d392a1f96e60b1df5e54d7cadc3
    Size: 511.43 kB
  4. libtiff-devel-4.0.9-31.el8.x86_64.rpm
    MD5: 39133542833d8168e94285a7ca49eba1
    SHA-256: 5ecad320c6e240936ec43b0e8547fc3e27caf7f316bbf8ecfe465ffe5b761188
    Size: 511.42 kB
  5. libtiff-tools-4.0.9-31.el8.x86_64.rpm
    MD5: 0397b9c5f9544a61026417592e3e9d10
    SHA-256: 41330ad8616fc619683fa5582a2e0178abd737d1cefd6be07edee66be0d44524
    Size: 254.74 kB