[SECURITY] Fedora Core 4 Update: libtiff-3.7.1-6.fc4.3

Matthias Clasen mclasen at redhat.com
Wed Aug 2 15:11:42 UTC 2006


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-878
2006-08-02
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : libtiff
Version     : 3.7.1
Release     : 6.fc4.3
Summary     : A library of functions for manipulating TIFF format image files.
Description :
The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) image format files.  TIFF is a widely
used file format for bitmapped images.  TIFF files usually end in the
.tif extension and they are often quite large.

The libtiff package should be installed if you need to manipulate TIFF
format image files.

---------------------------------------------------------------------
Update Information:

The libtiff package contains a library of functions for
manipulating TIFF (Tagged Image File Format) files.

Tavis Ormandy of Google discovered a number of flaws in
libtiff during a security audit. An attacker could create a
carefully crafted TIFF file in such a way that it was
possible to cause an application linked with libtiff to
crash or possibly execute arbitrary code. (CVE-2006-3459,
CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463,
CVE-2006-3464, CVE-2006-3465)

All users are advised to upgrade to these updated packages,
which contain backported fixes for these issues. 
---------------------------------------------------------------------
* Tue Aug  1 2006 Matthias Clasen <mclasen at redhat.com>
- Fix several vulnerabilities (CVE-2006-3460 CVE-2006-3461
  CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

e25a0090188f4a25e04b23d9dabf8618dcd5560a  SRPMS/libtiff-3.7.1-6.fc4.3.src.rpm
e25a0090188f4a25e04b23d9dabf8618dcd5560a  noarch/libtiff-3.7.1-6.fc4.3.src.rpm
0d920d3854947dd1b5ea6035f6462763e252d6c4  ppc/libtiff-3.7.1-6.fc4.3.ppc.rpm
f39962656b7efcc8e657427ed2ef51df590aa216  ppc/libtiff-devel-3.7.1-6.fc4.3.ppc.rpm
5f7f56f8e3c0f504a2dc5960cb5d884e54f9c349  ppc/debug/libtiff-debuginfo-3.7.1-6.fc4.3.ppc.rpm
6e45b6be8f666e508e3de4b9c30aab09b57378a2  x86_64/libtiff-3.7.1-6.fc4.3.x86_64.rpm
cee15750ace41bfa7e5a3b22d3883010a837febd  x86_64/libtiff-devel-3.7.1-6.fc4.3.x86_64.rpm
9d9f9b1ceb5db2ac47667644eb5bd43944d69ea7  x86_64/debug/libtiff-debuginfo-3.7.1-6.fc4.3.x86_64.rpm
12dcfb0c2a959d9da7f581b4c1b93aca0861567d  i386/libtiff-3.7.1-6.fc4.3.i386.rpm
ad5847f0d6196a9782fc72e80a1b14fabfbffa93  i386/libtiff-devel-3.7.1-6.fc4.3.i386.rpm
6d158f79ae88e9e9fe44e776064bd108532b07f9  i386/debug/libtiff-debuginfo-3.7.1-6.fc4.3.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the Fedora-package-announce mailing list