MDVSA-2012:174

Package name

libtiff

Date

2012-11-22

Advisory ID

MDVSA-2012:174

Affected versions

MES5 i586 , 2011 i586 , MES5 x86_64 , 2011 x86_64

Problem description

Multiple vulnerabilities was found and corrected in libtiff:

Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3
allows remote attackers to cause a denial of service (application
crash) and possibly execute arbitrary code via a crafted TIFF image
using the PixarLog Compression format (CVE-2012-4447).

ppm2tiff does not check the return value of the TIFFScanlineSize
function, which allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted PPM image
that triggers an integer overflow, a zero-memory allocation, and a
heap-based buffer overflow (CVE-2012-4564).

The updated packages have been patched to correct these issues.

Updated packages

MES5 i586

 157bb1f11666282583f7fccb899ea8d0  mes5/i586/libtiff3-3.8.2-12.9mdvmes5.2.i586.rpm
 5f674bd895134e591a9fa5e59b311d62  mes5/i586/libtiff3-devel-3.8.2-12.9mdvmes5.2.i586.rpm
 2bd89b0b77b0ec1ae01189baa798d522  mes5/i586/libtiff3-static-devel-3.8.2-12.9mdvmes5.2.i586.rpm
 c53d009a1d82b7be97e4405f422e2e0f  mes5/i586/libtiff-progs-3.8.2-12.9mdvmes5.2.i586.rpm 
 e5181e34b5feb4ca18a0498d29065cb5  mes5/SRPMS/libtiff-3.8.2-12.9mdvmes5.2.src.rpm

2011 i586

 1c3b7205e5c9c032c342b3cffdaaa4e0  2011/i586/libtiff3-3.9.5-1.4-mdv2011.0.i586.rpm
 01033b253d303aacc572a55202ecdbda  2011/i586/libtiff-devel-3.9.5-1.4-mdv2011.0.i586.rpm
 bfe4f6d0387874084596b8ba4d503229  2011/i586/libtiff-progs-3.9.5-1.4-mdv2011.0.i586.rpm
 fa39228d1a7ab0fea42beda812651976  2011/i586/libtiff-static-devel-3.9.5-1.4-mdv2011.0.i586.rpm 
 23dfc5da956a6b0a20fa8a22a9eeb3c0  2011/SRPMS/libtiff-3.9.5-1.4.src.rpm

MES5 x86_64

 62dd7b0a037b19d7d95aff18d8dd9291  mes5/x86_64/lib64tiff3-3.8.2-12.9mdvmes5.2.x86_64.rpm
 28a4bd37d769b3136fcc31f7d64bf67b  mes5/x86_64/lib64tiff3-devel-3.8.2-12.9mdvmes5.2.x86_64.rpm
 a19fd768a016968b5b733ee0e29f1bb9  mes5/x86_64/lib64tiff3-static-devel-3.8.2-12.9mdvmes5.2.x86_64.rpm
 bd7688430b424fcfdea1c73a2b5696de  mes5/x86_64/libtiff-progs-3.8.2-12.9mdvmes5.2.x86_64.rpm 
 e5181e34b5feb4ca18a0498d29065cb5  mes5/SRPMS/libtiff-3.8.2-12.9mdvmes5.2.src.rpm

2011 x86_64

 fd52f90d6f819996e58193b261cdb27b  2011/x86_64/lib64tiff3-3.9.5-1.4-mdv2011.0.x86_64.rpm
 d818311ad57d872948357a9265e1fbfa  2011/x86_64/lib64tiff-devel-3.9.5-1.4-mdv2011.0.x86_64.rpm
 fca4bcdb23487d73da93f88107d051e1  2011/x86_64/lib64tiff-static-devel-3.9.5-1.4-mdv2011.0.x86_64.rpm
 b7ebfba2f1c200c0946582fdff7bb1ff  2011/x86_64/libtiff-progs-3.9.5-1.4-mdv2011.0.x86_64.rpm 
 23dfc5da956a6b0a20fa8a22a9eeb3c0  2011/SRPMS/libtiff-3.9.5-1.4.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447