---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports. http://secunia.com/secunia_security_specialist/ ---------------------------------------------------------------------- TITLE: Ubuntu update for tiff SECUNIA ADVISORY ID: SA20501 VERIFY ADVISORY: http://secunia.com/advisories/20501/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Ubuntu Linux 5.04 http://secunia.com/product/5036/ Ubuntu Linux 5.10 http://secunia.com/product/6606/ DESCRIPTION: Ubuntu has issued an update for tiff. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA20488 A boundary error in tiffsplit has also been fixed. SOLUTION: Apply updated packages. -- Ubuntu 5.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1-5ubuntu0.5.diff.gz Size/MD5: 26319 e6f75f611b9c77ce07cb2cf513f654ad http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1-5ubuntu0.5.dsc Size/MD5: 681 57c2c112da454d86f49d8bf2e8e16d9b http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1.orig.tar.gz Size/MD5: 848760 bd252167a20ac7910ab3bd2b3ee9e955 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.6.1-5ubuntu0.5_amd64.deb Size/MD5: 172880 e890e7578915c4613cd7a74b184445bd http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1-5ubuntu0.5_amd64.deb Size/MD5: 459208 8817f18ad3ae963b4a74c716cf7bf0b8 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-5ubuntu0.5_amd64.deb Size/MD5: 112968 5646656fd78c0ff663866e74977bf78e i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.6.1-5ubuntu0.5_i386.deb Size/MD5: 155968 27e009d03b6a5d9a93eabde478dc9b1c http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1-5ubuntu0.5_i386.deb Size/MD5: 440508 f484f7e00cb7240a9c6f860ec5de9ade http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-5ubuntu0.5_i386.deb Size/MD5: 103886 0388682d81cc301ef2b83a4f4438a05c powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.6.1-5ubuntu0.5_powerpc.deb Size/MD5: 188188 6316125bd4d1a540957aa0cc9c60fa8d http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1-5ubuntu0.5_powerpc.deb Size/MD5: 463674 8f080f57ffc4cb3a0f116ce7c353c381 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-5ubuntu0.5_powerpc.deb Size/MD5: 114370 971a6be7879aaf5d92b55951b7cdd141 -- Ubuntu 5.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.3-1ubuntu1.4.diff.gz Size/MD5: 11378 17db8270668b8b0eefceb0d27e14bd11 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.3-1ubuntu1.4.dsc Size/MD5: 756 218a54ab0966c1b6204b27343b916093 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.7.3.orig.tar.gz Size/MD5: 1268182 48fbef3d76a6253699f28f49c8f25a8b amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.3-1ubuntu1.4_amd64.deb Size/MD5: 48184 eed2ddb6187b1717db2de95dbc590ec6 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.3-1ubuntu1.4_amd64.deb Size/MD5: 219688 79d9cf71f16a3a95c54b481bca648eab http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.3-1ubuntu1.4_amd64.deb Size/MD5: 281702 b5b1b261be7c047c3be3eeb2f8398b8a http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.3-1ubuntu1.4_amd64.deb Size/MD5: 472142 9cac886846d30589b05802fcc6e01f67 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.3-1ubuntu1.4_amd64.deb Size/MD5: 43014 1b71df913359a6b0bdd8d6ebb3e33d7a i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.3-1ubuntu1.4_i386.deb Size/MD5: 47562 0e08f054ec20d4e82d3d3f67cd384e69 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.3-1ubuntu1.4_i386.deb Size/MD5: 204690 278bc83c4fcc7701a7a25719b96a0a8d http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.3-1ubuntu1.4_i386.deb Size/MD5: 258346 46cff7452dbef76566b49220634f5d49 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.3-1ubuntu1.4_i386.deb Size/MD5: 458214 e0920dc944d05da1b010137cf0e4ed2f http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.3-1ubuntu1.4_i386.deb Size/MD5: 43012 749bfc0eeccb0b2b610751163b3cda3d powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-opengl_3.7.3-1ubuntu1.4_powerpc.deb Size/MD5: 49880 6697a3b6fd7a52042a85b527951c2b1a http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff-tools_3.7.3-1ubuntu1.4_powerpc.deb Size/MD5: 239116 8dd87fa3c6922a4e3a3fb5bf8317af09 http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.7.3-1ubuntu1.4_powerpc.deb Size/MD5: 286920 4531728171c4d58b730d84cd2999ddba http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.7.3-1ubuntu1.4_powerpc.deb Size/MD5: 472346 b9bbe1b684162fada01c1487876da1ba http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiffxx0c2_3.7.3-1ubuntu1.4_powerpc.deb Size/MD5: 45220 17c2240ce41c10b277c19e01772890c4 ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-289-1 OTHER REFERENCES: SA20488: http://secunia.com/advisories/20488/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------