libtiff-3.8.2-19.AXS3

エラータID: AXSA:2014-240:01

Release date: 
Thursday, April 10, 2014 - 18:57
Subject: 
libtiff-3.8.2-19.AXS3
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF format image files.

Security issues fixed with this release:

• CVE-2013-1960
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.

• CVE-2013-1961
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.

• CVE-2013-4231
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

• CVE-2013-4232
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possible execute arbitrary code via a crafted TIFF image.

• CVE-2013-4243
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.

• CVE-2013-4244
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.

Solution: 

Update packages.

CVEs: 
CVE-2013-1960
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
CVE-2013-1961
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.
CVE-2013-4231
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.
CVE-2013-4232
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.
CVE-2013-4243
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
CVE-2013-4244
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.




Additional Info: 

N/A

Download: 

SRPMS
  1. libtiff-3.8.2-19.AXS3.src.rpm
    MD5: 23cc0fdc8d78d0cfd09bd8354da9170d
    SHA-256: b38182becda53763182e6ba418a2b87b19cc27cd57979d9dd181a0877b577a9f
    Size: 1.32 MB

Asianux Server 3 for x86
  1. libtiff-3.8.2-19.AXS3.i386.rpm
    MD5: 81ab92d5cc9a1b0d17006243a05acd2a
    SHA-256: cd812a22d540a571a542fa1734f61f1ee2d48087348d462445635e276c5ded16
    Size: 310.63 kB
  2. libtiff-devel-3.8.2-19.AXS3.i386.rpm
    MD5: 61f761d1d66768a3dc29b3499a7fbfc3
    SHA-256: 999c627376fb0f293f496dcee4c55dae61e499de187d410108e983ba2876dd70
    Size: 465.99 kB

Asianux Server 3 for x86_64
  1. libtiff-3.8.2-19.AXS3.x86_64.rpm
    MD5: 6983d4b2bc52ebfefcaab1a2d04b86d3
    SHA-256: f4941359174b56a9dd217155eaa258a864387f15b0de65b56b5513bf8a3eb246
    Size: 315.63 kB
  2. libtiff-devel-3.8.2-19.AXS3.x86_64.rpm
    MD5: 54b0870176ae26dd1172940bc0c7f992
    SHA-256: 3eb847e5ba33663dca920daec45d16a50127bf68831fac412906b97ab0590de5
    Size: 466.00 kB