Package name
libtiff
Date
2011-04-23
Advisory ID
MDVSA-2011:078
Affected versions
2010.1 x86_64 , 2010.1 i586 , 2010.0 x86_64 , 2010.0 i586

Problem description

A vulnerability has been found and corrected in libtiff:

The libtiff OJPEG decoder contains a heap buffer overflow when decoding
certain malformed data (CVE-2009-5022).

The updated packages have been patched to correct this issue.

Updated packages

2010.1 x86_64

 1ce63cd7f03fe16b3102ec11837dc0bc  2010.1/x86_64/lib64tiff3-3.9.2-2.5mdv2010.2.x86_64.rpm
 2bf5c69232a80db7a33c5e9b2dc9b985  2010.1/x86_64/lib64tiff-devel-3.9.2-2.5mdv2010.2.x86_64.rpm
 50be134d1c47764a7bc0ffe9102f6eec  2010.1/x86_64/lib64tiff-static-devel-3.9.2-2.5mdv2010.2.x86_64.rpm
 85ab69bff389fe697ea79ff212d616de  2010.1/x86_64/libtiff-progs-3.9.2-2.5mdv2010.2.x86_64.rpm 
 f891b93309f0014bef4b98f2fdb1f451  2010.1/SRPMS/libtiff-3.9.2-2.5mdv2010.2.src.rpm

2010.1 i586

 7c8b520061e66c9127665190fd617f01  2010.1/i586/libtiff3-3.9.2-2.5mdv2010.2.i586.rpm
 5113de338fa1a1f7bb10b5e2a2787ba2  2010.1/i586/libtiff-devel-3.9.2-2.5mdv2010.2.i586.rpm
 402a16e674507124f81960a39277ec46  2010.1/i586/libtiff-progs-3.9.2-2.5mdv2010.2.i586.rpm
 4b9a7d665d38b4481d522acc2c724704  2010.1/i586/libtiff-static-devel-3.9.2-2.5mdv2010.2.i586.rpm 
 f891b93309f0014bef4b98f2fdb1f451  2010.1/SRPMS/libtiff-3.9.2-2.5mdv2010.2.src.rpm

2010.0 x86_64

 134243d2e76811bbd44c01d2b78a0e9d  2010.0/x86_64/lib64tiff3-3.9.1-4.5mdv2010.0.x86_64.rpm
 10e9e28ba162574c020a5bf9405a98d7  2010.0/x86_64/lib64tiff-devel-3.9.1-4.5mdv2010.0.x86_64.rpm
 3326ee29f69655147a272d8ecedb32c8  2010.0/x86_64/lib64tiff-static-devel-3.9.1-4.5mdv2010.0.x86_64.rpm
 bd9b80e752f4d93fae3f2841331eb08c  2010.0/x86_64/libtiff-progs-3.9.1-4.5mdv2010.0.x86_64.rpm 
 b64875e20ffc7ec59c53ba2dc39d217c  2010.0/SRPMS/libtiff-3.9.1-4.5mdv2010.0.src.rpm

2010.0 i586

 9ec055d6e65fc69a8d38018f9eb51186  2010.0/i586/libtiff3-3.9.1-4.5mdv2010.0.i586.rpm
 f35c40e4194cdcd1e256ea6f624a5027  2010.0/i586/libtiff-devel-3.9.1-4.5mdv2010.0.i586.rpm
 1552ac043a818f4c46867d718bb1ff1f  2010.0/i586/libtiff-progs-3.9.1-4.5mdv2010.0.i586.rpm
 901b333f9dde4e93395f20eeba7b7d47  2010.0/i586/libtiff-static-devel-3.9.1-4.5mdv2010.0.i586.rpm 
 b64875e20ffc7ec59c53ba2dc39d217c  2010.0/SRPMS/libtiff-3.9.1-4.5mdv2010.0.src.rpm

References