[FLSA-2005:152815] Updated libtiff packages fix security issues

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [FLSA-2005:152815] Updated libtiff packages fix security issues
From: Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
Date: Wed, 18 May 2005 16:48:46 -0400
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Mozilla Thunderbird 1.0.2-1.3.2 (X11/20050324)

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated libtiff packages fix security issues
Advisory ID: FLSA:152815
Issue date: 2005-05-18
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CAN-2004-0803 CAN-2004-0804 CAN-2004-0886
CAN-2004-1308 CAN-2004-1183
---------------------------------------------------------------------

---------------------------------------------------------------------
1. Topic:

Updated libtiff packages that fix various buffer and integer overflows
are now available.

The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) image format files.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386

3. Problem description:

During a source code audit, Chris Evans discovered a number of integer
overflow bugs that affect libtiff. An attacker who has the ability to
trick a user into opening a malicious TIFF file could cause the
application linked to libtiff to crash or possibly execute arbitrary
code. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CAN-2004-0886 and CAN-2004-0804 to these issues.

Additionally, a number of buffer overflow bugs that affect libtiff have
been found. An attacker who has the ability to trick a user into opening
a malicious TIFF file could cause the application linked to libtiff to
crash or possibly execute arbitrary code. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0803 to
this issue.

iDEFENSE has reported an integer overflow bug that affects libtiff. An
attacker who has the ability to trick a user into opening a malicious
TIFF file could cause the application linked to libtiff to crash or
possibly execute arbitrary code. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-1308 to
this issue.

Dmitry V. Levin reported another integer overflow in the tiffdump
utility. An atacker who has the ability to trick a user into opening a
malicious TIFF file with tiffdump could possibly execute arbitrary code.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-1183 to this issue.

All users are advised to upgrade to these updated packages, which
contain backported fixes for these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which
are not installed but included in the list will not be updated. Note
that you can also use wildcards (*.rpm) if your current directory *only*
contains the desired RPMs.

Please note that this update is also available via yum and apt. Many
people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/docs for directions on how to
configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152815

6. RPMs required:

Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/libtiff-3.5.7-2.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/libtiff-3.5.7-2.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/libtiff-devel-3.5.7-2.2.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/libtiff-3.5.7-11.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/libtiff-3.5.7-11.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/libtiff-devel-3.5.7-11.2.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/libtiff-3.5.7-14.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/libtiff-3.5.7-14.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/libtiff-devel-3.5.7-14.2.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name
---------------------------------------------------------------------

524fd6c80901dbd665cfbf0b4ba1eea276a95cca
redhat/7.3/updates/i386/libtiff-3.5.7-2.2.legacy.i386.rpm
3ced2ba5eac07c60515a41d73dbfb0df36cfc962
redhat/7.3/updates/i386/libtiff-devel-3.5.7-2.2.legacy.i386.rpm
864581d2f1d76fcc5d0540173338a84a7a3ffe80
redhat/7.3/updates/SRPMS/libtiff-3.5.7-2.2.legacy.src.rpm
a17298a3be3e3d6f7fce2108ac226ff8ef26ee39
redhat/9/updates/i386/libtiff-3.5.7-11.2.legacy.i386.rpm
b35700b8e8ee819565998a033f484ebd7e837646
redhat/9/updates/i386/libtiff-devel-3.5.7-11.2.legacy.i386.rpm
2024a97a377a37851d3a4be92403eaad0a7b1be2
redhat/9/updates/SRPMS/libtiff-3.5.7-11.2.legacy.src.rpm
8dd2d8035eaf4b0e41cc7ac68536b752387a1cc8
fedora/1/updates/i386/libtiff-3.5.7-14.2.legacy.i386.rpm
4475fb4f26ab358d1c9bf8b6e8da060eace1a8dd
fedora/1/updates/i386/libtiff-devel-3.5.7-14.2.legacy.i386.rpm
f854a97125ca806b9a1c04c985f9939c6b6f7611
fedora/1/updates/SRPMS/libtiff-3.5.7-14.2.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1183

9. Contact:

The Fedora Legacy security contact is <secnotice@xxxxxxxxxxxxxxxx>. More
project details at http://www.fedoralegacy.org

---------------------------------------------------------------------

Attachment: signature.asc
Description: OpenPGP digital signature

Prev by Date: UNICODE BUFFER OVERFLOW IN MS-WORD
Next by Date: phpATM arbitrary PHP code inclusion
Previous by thread: UNICODE BUFFER OVERFLOW IN MS-WORD
Next by thread: phpATM arbitrary PHP code inclusion
Index(es):
- Date
- Thread