|
ID: |
TLSA-2005-89 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 7 Workstation, Turbolinux 8 Server, Turbolinux 8 Workstation, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Di, 6. September 2005, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2452 |
|
Applikationen: |
libtiff |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2005-89
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 05 Sep 2005
Last revised: 05 Sep 2005
Package: libtiff
Summary: libtiff crash
More information:
The libtiff package contains a library of functions for manipulating TIFF
(Tagged Image File Format) image format files.
The vulnerability in the manner in which libtiff handle a TIFF image header
with a zero "YCbCr subsampling" value.
Impact:
The libtiff allows remote attackers to cause a denial of service (application crash)
via a TIFF image header with a zero "YCbCr subsampling" value.
Affected Products:
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
Solution:
Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
[Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F...,
Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal]
# turbopkg
or
# zabom -u libtiff libtiff-devel
[other]
# turbopkg
or
# zabom update libtiff libtiff-devel
---------------------------------------------
Source Packages
Size: MD5
libtiff-3.5.7-9.src.rpm
974329 716c62f8ee32410826760de977702aed
Binary Packages
Size: MD5
libtiff-3.5.7-9.i586.rpm
316938 1cbbd8798b8862c891e8b56ba5dc74e9
Source Packages
Size: MD5
libtiff-3.5.7-9.src.rpm
974329 bc3c7fdbd294d3dd820754cbfa65a3e0
Binary Packages
Size: MD5
libtiff-3.5.7-9.i586.rpm
317083 f78bbe59828e07dda0b1a8045da33cf7
libtiff-devel-3.5.7-9.i586.rpm
596043 cee24e67ad70e28b9c94fed29785e1e0
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/libtiff-3.6.1-6.src.rpm
1094911 2b1848890ef6d8001add75bfaf014699
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libtiff-3.6.1-6.i586.rpm
232954 e4d30e3fc3fd4eec4132356f2661542c
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libtiff-debug-3.6.1-6.i586.rpm
256635 1f99ed0e81ad961077b3eb3872bd721b
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libtiff-devel-3.6.1-6.i586.rpm
509801 517a91468797534b98f9e5b7ae98a87c
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/libtiff-3.5.7-9.src.rpm
974329 1af536ee9d0704eef8c61c151c5c5aeb
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libtiff-3.5.7-9.i586.rpm
223065 41300932e1b8a51835a487a911a7f601
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libtiff-devel-3.5.7-9.i586.rpm
470626 5bbeeb31a7c7c1aa58ae36dc3856810b
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/libtiff-3.5.7-9.src.rpm
974329 54747c18e16c67aca67442eb35251e2a
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libtiff-3.5.7-9.i586.rpm
317146 39aab2b70951487cbffa51053bc4a03e
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libtiff-devel-3.5.7-9.i586.rpm
595871 9acd20b145a134d2b09df3b1d88a638a
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/libtiff-3.5.5-9.src.rpm
920201 59a9d7ea3c10898bd0e87f5d9b926904
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libtiff-3.5.5-9.i586.rpm
739440 3242324bed80771cfcd4b78bb3db500b
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libtiff-devel-3.5.5-9.i586.rpm
632716 e3d3d0b9c2dbea2de612ac13f4eb5fd7
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/libtiff-3.5.5-9.src.rpm
920201 e23f38c9efbde538305abd2f6ac9574b
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libtiff-3.5.5-9.i586.rpm
704071 7e46bee4a6d6387621c1a2a3e60966e0
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libtiff-devel-3.5.5-9.i586.rpm
622416 680c24ba4c5f8b1aed78109e2bea19b6
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/libtiff-3.5.5-9.src.rpm
920201 0d5ff757a07d7ce515232c428b7910fc
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libtiff-3.5.5-9.i586.rpm
704169 4f6c73d033f797fa25869ce8789faa22
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libtiff-devel-3.5.5-9.i586.rpm
622233 86e6cd0fe01634d683c8f54899c3884a
References:
CVE
[CAN-2005-2452]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452
--------------------------------------------------------------------------
Revision History
05 Sep 2005 Initial release
--------------------------------------------------------------------------
Copyright(C) 2005 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDHB9jK0LzjOqIJMwRAiaEAKCEqzzshNhw9WLOHKkW3qg7C0b0UACeJkro
SUQ2uAxYxQHYMyM6RZWu43k=
=TSXG
-----END PGP SIGNATURE-----
|