Mageia alert MGASA-2013-0267 (libtiff) [LWN.net]


From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2013-0267: Updated libtiff packages fix CVE-2013-4244 
Date:
    	       Fri, 30 Aug 2013 19:40:23 +0200
Message-ID:
    	       <20130830174023.25D7E4878F@valstar.mageia.org>
Archive-link:
    	       Article, Thread
              
MGASA-2013-0267 - Updated libtiff packages fix CVE-2013-4244

Publication date: 30 Aug 2013
URL: http://advisories.mageia.org/MGASA-2013-0267.html
Type: security
Affected Mageia releases: 2, 3
CVE: CVE-2013-4244

Description:
Updated libtiff packages fix security vulnerability:

Pedro Ribeiro and Huzaifa S. Sidhpurwala discovered multiple vulnerabilities
in various tools shipped by the tiff library. Processing a malformed file may
lead to denial of service or the execution of arbitrary code (CVE-2013-4244).

References:
- http://www.debian.org/security/2013/dsa-2744
- https://bugs.mageia.org/show_bug.cgi?id=11099
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244

SRPMS:
- 3/core/libtiff-4.0.3-4.2.mga3
- 2/core/libtiff-4.0.1-2.8.mga2
(Log in to post comments)