Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2005-4
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 20 Jan 2005
 Last revised: 02 Feb 2005

 Package: libtiff

 Summary: Multiple vulnerabilities in libtiff

 More information:
    The libtiff package contains a library of functions for manipulating TIFF
    (Tagged Image File Format) image format files.

    Multiple issues exist in libtiff:
    - Multiple vulnerabilities in libtiff's RLE (run length encoding) decoders
    - Vulnerability in tif_dirread.c
    - Multiple integer overflows
    - Integer overflow in tif_dirread.c and tif_fax3.c

 Impact:
    These vulnerabilities may allow remote attackers to execute arbitrary
    code via malformed TIFF image files.

 Affected Products:
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution:
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 [Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home]
 # turbopkg
 or
 # zabom -u libtiff

 [other]
 # turbopkg
 or
 # zabom update libtiff
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   libtiff-3.5.7-7.src.rpm
       972878 ed8bd0ef2bf2a1931610e91713a8d7c4

   Binary Packages
   Size: MD5

   libtiff-3.5.7-7.i586.rpm
       316109 2653e065f0c5fbc95c850a1dbf8ce385

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   libtiff-3.5.7-7.src.rpm
       972878 0fd2512f0caa91f27d80619bdd246d51

   Binary Packages
   Size: MD5

   libtiff-3.5.7-7.i586.rpm
       316422 00d6b827b50c02990eec3768ae92d4c9
   libtiff-devel-3.5.7-7.i586.rpm
       595910 7685f97d91f33c600a76163ef2e147a8

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/libtiff-3.6.1-4.src.rpm
      1093717 362993a9fe4c86ebe19b244210a2b6cf

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libtiff-3.6.1-4.i586.rpm
       232659 0f1d0d2fb52c72d38cd9a4964d50ba25
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libtiff-debug-3.6.1-4.i586.rpm
       256539 3dfa5531c4c29444b7ee939f97ad8f35
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libtiff-devel-3.6.1-4.i586.rpm
       509454 8c312bee14f08dca7f2dde75766ab191


 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/libtiff-3.5.7-7.src.rpm
       972878 ad86cfa9f29064a6457eae596dbe0020

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libtiff-3.5.7-7.i586.rpm
       222710 7e3dc3844942811aee6aea8c405e3628
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libtiff-devel-3.5.7-7.i586.rpm
       469753 4918c1f7b75335f9bfe3d96d322a0961

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/libtiff-3.5.7-7.src.rpm
       972878 ecea2012e0d8eaea72d27141e3b112bf

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libtiff-3.5.7-7.i586.rpm
       316627 cad5ce73c1d9e515f390461cf4a72126
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libtiff-devel-3.5.7-7.i586.rpm
       595504 13bcf43c5208b27d485eb6e096cca14b

 <Turbolinux 8 Workstation>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/libtiff-3.5.5-7.src.rpm
       918710 d507119975f6299adf197181f4eda89a

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libtiff-3.5.5-7.i586.rpm
       738427 a3bc600c346754b83b8e5932908955e7
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libtiff-devel-3.5.5-7.i586.rpm
       632579 6ab0c04ac7ef41df03073e56d622da8f

 <Turbolinux 7 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/libtiff-3.5.5-7.src.rpm
       918710 9fd2675fa8d5146faf3bffab02ae08ab

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libtiff-3.5.5-7.i586.rpm
       702575 958636e2ddf39b68b77f346671c7d10c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libtiff-devel-3.5.5-7.i586.rpm
       621763 05e2d24f8f16e3f10c690b03929db76f

 <Turbolinux 7 Workstation>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/libtiff-3.5.5-7.src.rpm
       918710 b0b307c92d092a8dec1f5bb58ba81802

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libtiff-3.5.5-7.i586.rpm
       702616 616c97ff0678e34a646f2d18b2f0b0d9
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libtiff-devel-3.5.5-7.i586.rpm
       622017 4c1e95f277cc72f9dadc76e10da85eb8


 References:

 CVE
   [CAN-2004-0803]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
   [CAN-2004-0804]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
   [CAN-2004-0886]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
   [CAN-2004-1183]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1183
   [CAN-2004-1308]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308

 --------------------------------------------------------------------------
 Revision History
    20 Jan 2005 Initial release
    02 Feb 2005 Added libtiff-devel package for Turbolinux Appliance Server 1.0 Workgroup Edition
 --------------------------------------------------------------------------

 Copyright(C) 2005 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCAJZPK0LzjOqIJMwRAsq+AJ9u8Z0Bd1223PL4174Diz0BmQep3ACfcYT6
6XB/O6+jeLg83FbP1WvY51U=
=JyDG
-----END PGP SIGNATURE-----




© 1998-2024 E-Soft Inc. All rights reserved.