User: Password:
Subscribe / Log in / New account

Ubuntu alert USN-330-1 (tiff)

From:  Martin Pitt <>
Subject:  [USN-330-1] tiff vulnerabilities
Date:  Wed, 2 Aug 2006 21:48:42 +0200

=========================================================== Ubuntu Security Notice USN-330-1 August 02, 2006 tiff vulnerabilities CVE-2006-3459, CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463, CVE-2006-3464, CVE-2006-3465 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libtiff4 3.6.1-5ubuntu0.6 Ubuntu 5.10: libtiff4 3.7.3-1ubuntu1.5 Ubuntu 6.06 LTS: libtiff4 3.7.4-1ubuntu3.2 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Tavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity. By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application's privileges. This library is used in many client and server applications, thus you should reboot your computer after the upgrade to ensure that all running programs use the new version of the library. Updated packages for Ubuntu 5.04: Source archives: Size/MD5: 30691 49722c5266cd7abd26af4e2930806b9c Size/MD5: 681 7ad4b09fd3ae17ac3469befee5a0bdbe Size/MD5: 848760 bd252167a20ac7910ab3bd2b3ee9e955 amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 172866 61bd186e530802e933781ec95ecc75a9 Size/MD5: 459690 585475d89d429435077cf76a1ea26137 Size/MD5: 113776 4780d38316de3537a1b55ba45f2fe735 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 155968 389e7151c6cea9cee5c4a5f95a13b77d Size/MD5: 441462 cb6274340b13def24594a42a90b68251 Size/MD5: 104694 16b136cb563918fd5cbea35772af378a powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 188188 6749e48524a1dae0a6ff5d7e3a2de413 Size/MD5: 464676 6074afb200b1b839eb612e195a9cdfa7 Size/MD5: 115188 956c9014eb02b96505808da786ad5a76 Updated packages for Ubuntu 5.10: Source archives: Size/MD5: 17432 462f974440018758467c211ae4287a38 Size/MD5: 756 588e4e00764c879078155ea33e75ff09 Size/MD5: 1268182 48fbef3d76a6253699f28f49c8f25a8b amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 48612 4963d3463e3dc627d7587bddaa49141c Size/MD5: 220048 34fbca2f7003642e99a2441ef83aabf7 Size/MD5: 282498 2b30fa42f5e443215af23faead443c9f Size/MD5: 472892 1b3f3aa4f34d2afc75ecece36ff5af09 Size/MD5: 43448 e60c1e20c08710c65445587d7735a231 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 48018 96eaa5eb44709bedeb613b9f1a22931a Size/MD5: 205062 5ed40e3a33a7d58775625f5da2971c32 Size/MD5: 258994 4b0faa18540b8850ac5994dae4d814c3 Size/MD5: 458804 347087a64d991f3379d826db0fac0599 Size/MD5: 43464 8331d867bf64e79ee2ab8a639f30fc9d powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 50334 0b0325a1c212e27821d0141c59ddc1fb Size/MD5: 239530 2478436b1ed5ddfdf18d077d5ec0212a Size/MD5: 287894 a0f95176643fb7126a967a61f106da73 Size/MD5: 473162 8be329a8ad8961071e712404b659b42c Size/MD5: 45670 f0e946707c7eb7bb3ce56730e27ae76a sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 48610 64c7435b7ce23b66b3a90e15f575845a Size/MD5: 210412 98e14a7b26a3d23a6416fa2b211ef1fe Size/MD5: 271428 3ef34fd17abbc5d261f998b4808f9cf3 Size/MD5: 464560 9d13ba6ded259ff29456328901bb00a6 Size/MD5: 43362 56ee90c0206249bd10c8b10f2948747f Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 19124 a1e98bba276f935aebd6ab7d2f757cf7 Size/MD5: 758 be3125f609008aeef14df7c3cd35a349 Size/MD5: 1280113 02cf5c3820bda83b35bb35b45ae27005 amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 49640 036260cccaf5422219611f29e541b9a8 Size/MD5: 220568 b370e81168090a997cdeec22ba2772ca Size/MD5: 282000 b1e1df69d96431d857f01e6efdf74b47 Size/MD5: 475234 01679bc8144b2cfc39f7e30817ebe895 Size/MD5: 44464 443d29a19341a9a3d8e8406543a0f879 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 48972 1487f93c4ae0b7d89a2ec20fc1cf7751 Size/MD5: 205728 a1c62563ff4f15720fe41dad46aa47c1 Size/MD5: 258772 a01fc13c7120e0470deb17bb4416b9df Size/MD5: 461560 66f17cac2fa69165f799e57c12ee53cb Size/MD5: 44438 25fcb41c5c348031eae48bd5ff837c22 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 51312 3fb7912024ac85a7c16f68d7f4064f27 Size/MD5: 239548 e5f378e86f46be643fd358926e61fd1f Size/MD5: 287558 8d93e194d4ba4e63bdbe8d5e0242cfe3 Size/MD5: 475648 7800d2741705bc25397094a5c8ee3148 Size/MD5: 46672 bb4698013afd1f6c86785e8cc28e4a6f sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 49520 e13fa9d1515fe5bc78ffface31611484 Size/MD5: 208396 d925feff7ff15ed4411708266cb53d2b Size/MD5: 269778 e08346a2f3bae86f419753f10350e617 Size/MD5: 466472 d3398c5e98ac9991550f3f3d0148025b Size/MD5: 44386 47bf6769b8cb9a87372cd5f25fd88338 -- ubuntu-security-announce mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds