Описание
ELSA-2010-0519: libtiff security update (IMPORTANT)
[3.8.2-7.el5.5]
- Add fixes for multiple SIGSEGV problems, including CVE-2010-1411 Resolves: #602552
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
libtiff
3.8.2-7.el5_5.5
libtiff-devel
3.8.2-7.el5_5.5
Oracle Linux x86_64
libtiff
3.8.2-7.el5_5.5
libtiff-devel
3.8.2-7.el5_5.5
Oracle Linux i386
libtiff
3.8.2-7.el5_5.5
libtiff-devel
3.8.2-7.el5_5.5
Ссылки на источники
Связанные уязвимости
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input."
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input."
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input."
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in Ima ...