Lucene search

K
osvGoogleOSV:DSA-2589-1
HistoryDec 16, 2012 - 12:00 a.m.

tiff - buffer overflow

2012-12-1600:00:00
Google
osv.dev
3

The tiff library for handling TIFF image files contained a stack-based
buffer overflow, potentially allowing attackers who can submit such
files to a vulnerable system to execute arbitrary code.

For the stable distribution (squeeze), this problem has been fixed in
version 3.9.4-5+squeeze8.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 4.0.2-1 of the tiff
package, and version 3.9.6-10 of the tiff3 package.

We recommend that you upgrade your tiff packages.