LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

The sad story of the em28xx driver

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

tiff: arbitrary code execution

Package(s):tiff CVE #(s):CVE-2008-2327
Created:August 26, 2008 Updated:October 3, 2008
Description: From the Debian alert: Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code.
Alerts:
Debian DSA-1632-1 2008-08-26
Red Hat RHSA-2008:0847-01 2008-08-28
Red Hat RHSA-2008:0848-01 2008-08-28
Red Hat RHSA-2008:0863-01 2008-08-28
CentOS CESA-2008:0863 2008-08-29
CentOS CESA-2008:0848 2008-08-30
Ubuntu USN-639-1 2008-09-02
Mandriva MDVSA-2008:184 2007-09-03
rPath rPSA-2008-0268-1 2008-09-04
Gentoo 200809-07 2008-09-08
Fedora FEDORA-2008-7388 2008-09-05
Fedora FEDORA-2008-7370 2008-09-05
SuSE SUSE-SR:2008:018 2008-09-19
CentOS CESA-2008:0847 2008-10-03
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds