Skip to navigation

Security Advisory Moderate: libtiff security update

Advisory: RHSA-2009:1159-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-07-16
Last updated on: 2009-07-16
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux Long Life (v. 5.3 server)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-2285
CVE-2009-2347

Details

Updated libtiff packages that fix several security issues are now available
for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.

Several integer overflow flaws, leading to heap-based buffer overflows,
were found in various libtiff color space conversion tools. An attacker
could create a specially-crafted TIFF file, which once opened by an
unsuspecting user, would cause the conversion tool to crash or,
potentially, execute arbitrary code with the privileges of the user running
the tool. (CVE-2009-2347)

A buffer underwrite flaw was found in libtiff's Lempel-Ziv-Welch (LZW)
compression algorithm decoder. An attacker could create a specially-crafted
LZW-encoded TIFF file, which once opened by an unsuspecting user, would
cause an application linked with libtiff to access an out-of-bounds memory
location, leading to a denial of service (application crash).
(CVE-2009-2285)

The CVE-2009-2347 flaws were discovered by Tielei Wang from ICST-ERCIS,
Peking University.

All libtiff users should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing this update,
all applications linked with the libtiff library (such as Konqueror) must
be restarted for the update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 29c79cceba6dd08afea16e9ee5d90c14
 
x86_64:
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 29c79cceba6dd08afea16e9ee5d90c14
libtiff-devel-3.8.2-7.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 138dbfd6b1c0d86e8ea3539fde8926a4
 
Red Hat Desktop (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm
File outdated by:  RHSA-2010:0520		     MD5: 1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: 36a562e5fd80daaa85a9b83a41f36745
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Desktop (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: c672facd049b3bc1c08abb8417e3fd4f
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 541c561950c13d322e1c5c423b733079
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 29c79cceba6dd08afea16e9ee5d90c14
 
IA-64:
libtiff-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: e3ad122340543d7e226b6616d016b83d
libtiff-devel-3.8.2-7.el5_3.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: fb8ca7befdae554d0a9705eb1d26e08b
 
PPC:
libtiff-3.8.2-7.el5_3.4.ppc.rpm
File outdated by:  RHSA-2011:0392		     MD5: 75206c6e7e89d94fc14090dbad53d220
libtiff-3.8.2-7.el5_3.4.ppc64.rpm
File outdated by:  RHSA-2011:0392		     MD5: fb3e49ff37e92ce8ff604f0f096f188a
libtiff-devel-3.8.2-7.el5_3.4.ppc.rpm
File outdated by:  RHSA-2011:0392		     MD5: 380b95d06c415091b840a5bdfcebca22
libtiff-devel-3.8.2-7.el5_3.4.ppc64.rpm
File outdated by:  RHSA-2011:0392		     MD5: d1f7a1514cc1e831a99c349e18da6de0
 
s390x:
libtiff-3.8.2-7.el5_3.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9208451c5b58eb16cabc85f14659c9d7
libtiff-3.8.2-7.el5_3.4.s390x.rpm
File outdated by:  RHSA-2011:0392		     MD5: c25cb80005ac81f0e9f75d1bec1d54ef
libtiff-devel-3.8.2-7.el5_3.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 1f3416d04862def33cd0393fb9fce009
libtiff-devel-3.8.2-7.el5_3.4.s390x.rpm
File outdated by:  RHSA-2011:0392		     MD5: 449929637ed5d5b9afe2b5ba4d37e798
 
x86_64:
libtiff-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 1159c51926975d12d10b98efe065a344
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 29c79cceba6dd08afea16e9ee5d90c14
libtiff-devel-3.8.2-7.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 138dbfd6b1c0d86e8ea3539fde8926a4
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm
File outdated by:  RHSA-2010:0520		     MD5: 1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: 36a562e5fd80daaa85a9b83a41f36745
 
IA-64:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.ia64.rpm
File outdated by:  RHSA-2010:0520		     MD5: e66109f3de280520830bc2df6dc8502f
libtiff-devel-3.5.7-33.el3.ia64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 4965d7f73afeea09afbee3136355e84f
 
PPC:
libtiff-3.5.7-33.el3.ppc.rpm
File outdated by:  RHSA-2010:0520		     MD5: 0c88e77b345b49083d498dd03903d583
libtiff-3.5.7-33.el3.ppc64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 5f627d10ebc1df5319dab8f7c3be89d2
libtiff-devel-3.5.7-33.el3.ppc.rpm
File outdated by:  RHSA-2010:0520		     MD5: a8c33f7b9737b8ac84734db253452385
 
s390:
libtiff-3.5.7-33.el3.s390.rpm
File outdated by:  RHSA-2010:0520		     MD5: ac3488c36336cc9099fdba053ebe8fc5
libtiff-devel-3.5.7-33.el3.s390.rpm
File outdated by:  RHSA-2010:0520		     MD5: 16e1d4103aae0d491e9aae4c6c0baff9
 
s390x:
libtiff-3.5.7-33.el3.s390.rpm
File outdated by:  RHSA-2010:0520		     MD5: ac3488c36336cc9099fdba053ebe8fc5
libtiff-3.5.7-33.el3.s390x.rpm
File outdated by:  RHSA-2010:0520		     MD5: a5ff56ce58c1daa1d995e7e63efac904
libtiff-devel-3.5.7-33.el3.s390x.rpm
File outdated by:  RHSA-2010:0520		     MD5: 2d6114dc3f6e26c4127ccc8a465289e1
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 3fa67efa966f0520fc7ee1758c81245c
 
PPC:
libtiff-3.6.1-12.el4_8.4.ppc.rpm
File outdated by:  RHSA-2011:0392		     MD5: b221eafc4649d8b06f175fbadd237847
libtiff-3.6.1-12.el4_8.4.ppc64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 64a85d3a854733992c17993beb97f680
libtiff-devel-3.6.1-12.el4_8.4.ppc.rpm
File outdated by:  RHSA-2011:0392		     MD5: adb2a89658f978332fdcd31aeddea823
 
s390:
libtiff-3.6.1-12.el4_8.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 4cd353d30a95f9466ce93a7466661c8c
libtiff-devel-3.6.1-12.el4_8.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9a6f79fabfc92a260bc6231718dc3c0d
 
s390x:
libtiff-3.6.1-12.el4_8.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 4cd353d30a95f9466ce93a7466661c8c
libtiff-3.6.1-12.el4_8.4.s390x.rpm
File outdated by:  RHSA-2011:0392		     MD5: 82eedd6068b1641ae6aa53db75a33cb5
libtiff-devel-3.6.1-12.el4_8.4.s390x.rpm
File outdated by:  RHSA-2011:0392		     MD5: 852087285bb8b37c6455c00f268373b1
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux AS (v. 4.8.z)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 3fa67efa966f0520fc7ee1758c81245c
 
PPC:
libtiff-3.6.1-12.el4_8.4.ppc.rpm
File outdated by:  RHSA-2011:0392		     MD5: b221eafc4649d8b06f175fbadd237847
libtiff-3.6.1-12.el4_8.4.ppc64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 64a85d3a854733992c17993beb97f680
libtiff-devel-3.6.1-12.el4_8.4.ppc.rpm
File outdated by:  RHSA-2011:0392		     MD5: adb2a89658f978332fdcd31aeddea823
 
s390:
libtiff-3.6.1-12.el4_8.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 4cd353d30a95f9466ce93a7466661c8c
libtiff-devel-3.6.1-12.el4_8.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9a6f79fabfc92a260bc6231718dc3c0d
 
s390x:
libtiff-3.6.1-12.el4_8.4.s390.rpm
File outdated by:  RHSA-2011:0392		     MD5: 4cd353d30a95f9466ce93a7466661c8c
libtiff-3.6.1-12.el4_8.4.s390x.rpm
File outdated by:  RHSA-2011:0392		     MD5: 82eedd6068b1641ae6aa53db75a33cb5
libtiff-devel-3.6.1-12.el4_8.4.s390x.rpm
File outdated by:  RHSA-2011:0392		     MD5: 852087285bb8b37c6455c00f268373b1
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 541c561950c13d322e1c5c423b733079
 
x86_64:
libtiff-3.8.2-7.el5_3.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 1159c51926975d12d10b98efe065a344
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm
File outdated by:  RHSA-2010:0520		     MD5: 1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: 36a562e5fd80daaa85a9b83a41f36745
 
IA-64:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.ia64.rpm
File outdated by:  RHSA-2010:0520		     MD5: e66109f3de280520830bc2df6dc8502f
libtiff-devel-3.5.7-33.el3.ia64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 4965d7f73afeea09afbee3136355e84f
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 3fa67efa966f0520fc7ee1758c81245c
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux ES (v. 4.8.z)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 3fa67efa966f0520fc7ee1758c81245c
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-3.8.2-7.el5_3.4.i386.rpm     MD5: 541c561950c13d322e1c5c423b733079
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     MD5: 29c79cceba6dd08afea16e9ee5d90c14
 
IA-64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     MD5: 541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.ia64.rpm     MD5: e3ad122340543d7e226b6616d016b83d
libtiff-devel-3.8.2-7.el5_3.4.ia64.rpm     MD5: fb8ca7befdae554d0a9705eb1d26e08b
 
PPC:
libtiff-3.8.2-7.el5_3.4.ppc.rpm     MD5: 75206c6e7e89d94fc14090dbad53d220
libtiff-3.8.2-7.el5_3.4.ppc64.rpm     MD5: fb3e49ff37e92ce8ff604f0f096f188a
libtiff-devel-3.8.2-7.el5_3.4.ppc.rpm     MD5: 380b95d06c415091b840a5bdfcebca22
libtiff-devel-3.8.2-7.el5_3.4.ppc64.rpm     MD5: d1f7a1514cc1e831a99c349e18da6de0
 
s390x:
libtiff-3.8.2-7.el5_3.4.s390.rpm     MD5: 9208451c5b58eb16cabc85f14659c9d7
libtiff-3.8.2-7.el5_3.4.s390x.rpm     MD5: c25cb80005ac81f0e9f75d1bec1d54ef
libtiff-devel-3.8.2-7.el5_3.4.s390.rpm     MD5: 1f3416d04862def33cd0393fb9fce009
libtiff-devel-3.8.2-7.el5_3.4.s390x.rpm     MD5: 449929637ed5d5b9afe2b5ba4d37e798
 
x86_64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     MD5: 541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.x86_64.rpm     MD5: 1159c51926975d12d10b98efe065a344
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     MD5: 29c79cceba6dd08afea16e9ee5d90c14
libtiff-devel-3.8.2-7.el5_3.4.x86_64.rpm     MD5: 138dbfd6b1c0d86e8ea3539fde8926a4
 
Red Hat Enterprise Linux Long Life (v. 5.3 server)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-3.8.2-7.el5_3.4.i386.rpm     MD5: 541c561950c13d322e1c5c423b733079
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     MD5: 29c79cceba6dd08afea16e9ee5d90c14
 
IA-64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     MD5: 541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.ia64.rpm     MD5: e3ad122340543d7e226b6616d016b83d
libtiff-devel-3.8.2-7.el5_3.4.ia64.rpm     MD5: fb8ca7befdae554d0a9705eb1d26e08b
 
x86_64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     MD5: 541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.x86_64.rpm     MD5: 1159c51926975d12d10b98efe065a344
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     MD5: 29c79cceba6dd08afea16e9ee5d90c14
libtiff-devel-3.8.2-7.el5_3.4.x86_64.rpm     MD5: 138dbfd6b1c0d86e8ea3539fde8926a4
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm
File outdated by:  RHSA-2010:0520		     MD5: 1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: 36a562e5fd80daaa85a9b83a41f36745
 
IA-64:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.ia64.rpm
File outdated by:  RHSA-2010:0520		     MD5: e66109f3de280520830bc2df6dc8502f
libtiff-devel-3.5.7-33.el3.ia64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 4965d7f73afeea09afbee3136355e84f
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm
File outdated by:  RHSA-2010:0520		     MD5: a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm
File outdated by:  RHSA-2010:0520		     MD5: 944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm
File outdated by:  RHSA-2011:0392		     MD5: 7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 3fa67efa966f0520fc7ee1758c81245c
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm
File outdated by:  RHSA-2011:0392		     MD5: 84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm
File outdated by:  RHSA-2011:0392		     MD5: 9173e1bfa51625533559ca6025e2c47e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

507465 - CVE-2009-2285 libtiff: LZWDecodeCompat underflow
510041 - CVE-2009-2347 libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE)


References

https://www.redhat.com/security/data/cve/CVE-2009-2285.html
https://www.redhat.com/security/data/cve/CVE-2009-2347.html
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/