libtiff-3.8.2-14.AXS3

エラータID: AXSA:2012-509:01

Release date: 
Thursday, April 19, 2012 - 10:21
Subject: 
libtiff-3.8.2-14.AXS3
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF format image files.

Security issues fixed with this release:

CVE-2012-1173
No description available at the time of writing, please use the CVE links below.

Solution: 

Update packages.

CVEs: 
CVE-2012-1173
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.


Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-3.8.2-14.AXS3.src.rpm
    MD5: 567cd0989f2d67e50dbb6665530a3f65
    SHA-256: 23fce778d7ed831da027901805ab3f007e6fd42bcaa1ceebf90eea308d07838f
    Size: 1.30 MB

Asianux Server 3 for x86
  1. libtiff-3.8.2-14.AXS3.i386.rpm
    MD5: 3bed205762595e48e3b57ff2cbb930d6
    SHA-256: c57ce060e5fcbc76a28bda23cd299272cd2f64901029d4e29fc342a474ff2e39
    Size: 309.54 kB
  2. libtiff-devel-3.8.2-14.AXS3.i386.rpm
    MD5: 3e65afdbb65773ca65b7ccf42b2d3cce
    SHA-256: f9a70558238ad8006380cc4a2041829d0281829eab74d3341395a783540b5bfc
    Size: 469.71 kB

Asianux Server 3 for x86_64
  1. libtiff-3.8.2-14.AXS3.x86_64.rpm
    MD5: ca5f197851856b8c02cdfe0731d799fd
    SHA-256: 49dd9007dd9537acadc0d27891747e7734d081215fa48c08dc3ecb33018fc49e
    Size: 315.00 kB
  2. libtiff-devel-3.8.2-14.AXS3.x86_64.rpm
    MD5: 1a44716ac623b3830c615c761c9dd22c
    SHA-256: d20a5dfd63c1ef968480555f48a2b32a93e27d0668f6a36918df3320a670fe6b
    Size: 469.60 kB