The Dell Mini Project

Please update Libtiff to fix security vulnerabilities

Bug #399984 reported by Nicola Ferralis on 2009-07-15

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	The Dell Mini Project	Fix Committed	Undecided	Unassigned

Bug Description

Version 3.8.2-7ubuntu3.4 was just released on generic hardy (3.8.2-7ubuntu3.2 in dell-mini)

SECURITY UPDATE: arbitrary code execution via integer overflows in
    tiff2rgba and rgb2ycbcr
    - debian/patches/CVE-2009-2347.patch: check for integer overflows in
      tools/rgb2ycbcr.c and tools/tiff2rgba.c.
    - CVE-2009-2347

CVE References

2009-2347

Nicola Ferralis (feranick) on 2009-07-15

security vulnerability:

no → yes

Brian Chidester (brianchidester) on 2009-07-27

Changed in dell-mini:
status:	New → Confirmed

Revision history for this message

Nicola Ferralis (feranick) wrote on 2009-09-11:

In proposed repository.

Changed in dell-mini:
status:	Confirmed → Fix Committed

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.