This update of libtiff is the result of a source-code audit done by Tavis Ormandy, Google Security Team. It fixes various bugs that can lead to denial-of-service conditions as well as to remote code execution while parsing a tiff image provided by an attacker.
No work-around known.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 10.1 | x86_64 | libtiff-32bit | < 3.8.2-5.9 | libtiff-32bit-3.8.2-5.9.x86_64.rpm |
openSUSE | 10.1 | i586 | libtiff | < 3.8.2-5.9 | libtiff-3.8.2-5.9.i586.rpm |
openSUSE | 10.0 | ppc | libtiff | < 3.7.3-2.6 | libtiff-3.7.3-2.6.ppc.rpm |
openSUSE | 9.2 | x86_64 | libtiff | < 3.6.1-47.12 | libtiff-3.6.1-47.12.x86_64.rpm |
SUSE Linux Enterprise Server | 10 | s390x | libtiff-devel-32bit | < 3.8.2-5.9 | libtiff-devel-32bit-3.8.2-5.9.s390x.rpm |
openSUSE | 9.3 | i586 | libtiff | < 3.7.1-7.8 | libtiff-3.7.1-7.8.i586.rpm |
openSUSE | 10.1 | ppc | libtiff-devel | < 3.8.2-5.9 | libtiff-devel-3.8.2-5.9.ppc.rpm |
openSUSE | 10.1 | i586 | libtiff-devel | < 3.8.2-5.9 | libtiff-devel-3.8.2-5.9.i586.rpm |
openSUSE | 10.0 | i586 | libtiff | < 3.7.3-2.6 | libtiff-3.7.3-2.6.i586.rpm |
openSUSE | 9.2 | i586 | libtiff-devel | < 3.6.1-47.12 | libtiff-devel-3.6.1-47.12.i586.rpm |