Nom du paquet
libtiff
Date
2012-12-27
Advisory ID
MDVSA-2012:184
Affected versions
MES5 i586 , 2011 i586 , MES5 x86_64 , 2011 x86_64

Problem description

A vulnerability was found and corrected in libtiff:

A stack-based buffer overflow was found in the way libtiff
handled DOTRANGE tags. An attacker could use this flaw to create
a specially-crafted TIFF file that, when opened, would cause an
application linked against libtiff to crash or, possibly, execute
arbitrary code (CVE-2012-5581).

The updated packages have been patched to correct this issue.

Updated packages

MES5 i586

 3639023296ad42f14876581bb44601c6  mes5/i586/libtiff3-3.8.2-12.10mdvmes5.2.i586.rpm
 a8f270389a84ddcffa4384b6f46592be  mes5/i586/libtiff3-devel-3.8.2-12.10mdvmes5.2.i586.rpm
 0739c37b055af7ab1b1d5ff444350348  mes5/i586/libtiff3-static-devel-3.8.2-12.10mdvmes5.2.i586.rpm
 b63d30cee2973e70c9f4bae2a9a73f32  mes5/i586/libtiff-progs-3.8.2-12.10mdvmes5.2.i586.rpm 
 4e36ad15fc628559cb2bf3706c95355e  mes5/SRPMS/libtiff-3.8.2-12.10mdvmes5.2.src.rpm

2011 i586

 701b5dc20a00f76975cfa959e273e374  2011/i586/libtiff3-3.9.5-1.5-mdv2011.0.i586.rpm
 c5e077aeab3099c78395bbf4b8c9c31c  2011/i586/libtiff-devel-3.9.5-1.5-mdv2011.0.i586.rpm
 c082e756feaab7d143989db2815b0f21  2011/i586/libtiff-progs-3.9.5-1.5-mdv2011.0.i586.rpm
 fe88ad826a992501f81b67326b0440e6  2011/i586/libtiff-static-devel-3.9.5-1.5-mdv2011.0.i586.rpm 
 e53ec07e3178ae3b9a60e0425b961321  2011/SRPMS/libtiff-3.9.5-1.5.src.rpm

MES5 x86_64

 09a5cd20b0dd7a98ce7b8f78dec6dab6  mes5/x86_64/lib64tiff3-3.8.2-12.10mdvmes5.2.x86_64.rpm
 99b4050efd1adc3911f1a1f845091d05  mes5/x86_64/lib64tiff3-devel-3.8.2-12.10mdvmes5.2.x86_64.rpm
 087bd7d1e2a97a828e0687e77c633a28  mes5/x86_64/lib64tiff3-static-devel-3.8.2-12.10mdvmes5.2.x86_64.rpm
 238bddcfbbec8e43366ad8ef9d3a19aa  mes5/x86_64/libtiff-progs-3.8.2-12.10mdvmes5.2.x86_64.rpm 
 4e36ad15fc628559cb2bf3706c95355e  mes5/SRPMS/libtiff-3.8.2-12.10mdvmes5.2.src.rpm

2011 x86_64

 72fd5242f5ac230541be60b84a30e159  2011/x86_64/lib64tiff3-3.9.5-1.5-mdv2011.0.x86_64.rpm
 cdc5163291a6a9bc0be639e3d9e833be  2011/x86_64/lib64tiff-devel-3.9.5-1.5-mdv2011.0.x86_64.rpm
 e598160457755a2400bb9f6c330b78a0  2011/x86_64/lib64tiff-static-devel-3.9.5-1.5-mdv2011.0.x86_64.rpm
 11ee95685a6736a115eb1920ee8f42c5  2011/x86_64/libtiff-progs-3.9.5-1.5-mdv2011.0.x86_64.rpm 
 e53ec07e3178ae3b9a60e0425b961321  2011/SRPMS/libtiff-3.9.5-1.5.src.rpm

References