Security Advisory Moderate: libtiff security update

Advisory: RHSA-2009:1159-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-07-16
Last updated on: 2009-07-16
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20091159.xml
CVEs (cve.mitre.org): CVE-2009-2285
CVE-2009-2347

Details

Updated libtiff packages that fix several security issues are now available
for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.

Several integer overflow flaws, leading to heap-based buffer overflows,
were found in various libtiff color space conversion tools. An attacker
could create a specially-crafted TIFF file, which once opened by an
unsuspecting user, would cause the conversion tool to crash or,
potentially, execute arbitrary code with the privileges of the user running
the tool. (CVE-2009-2347)

A buffer underwrite flaw was found in libtiff's Lempel-Ziv-Welch (LZW)
compression algorithm decoder. An attacker could create a specially-crafted
LZW-encoded TIFF file, which once opened by an unsuspecting user, would
cause an application linked with libtiff to access an out-of-bounds memory
location, leading to a denial of service (application crash).
(CVE-2009-2285)

The CVE-2009-2347 flaws were discovered by Tielei Wang from ICST-ERCIS,
Peking University.

All libtiff users should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing this update,
all applications linked with the libtiff library (such as Konqueror) must
be restarted for the update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm     6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     29c79cceba6dd08afea16e9ee5d90c14
 
x86_64:
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     29c79cceba6dd08afea16e9ee5d90c14
libtiff-devel-3.8.2-7.el5_3.4.x86_64.rpm     138dbfd6b1c0d86e8ea3539fde8926a4
 
Red Hat Desktop (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm     1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm     36a562e5fd80daaa85a9b83a41f36745
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm     51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm     944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Desktop (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm     7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm     c672facd049b3bc1c08abb8417e3fd4f
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm     2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm     9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm     6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     29c79cceba6dd08afea16e9ee5d90c14
 
IA-64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.ia64.rpm     e3ad122340543d7e226b6616d016b83d
libtiff-devel-3.8.2-7.el5_3.4.ia64.rpm     fb8ca7befdae554d0a9705eb1d26e08b
 
PPC:
libtiff-3.8.2-7.el5_3.4.ppc.rpm     75206c6e7e89d94fc14090dbad53d220
libtiff-3.8.2-7.el5_3.4.ppc64.rpm     fb3e49ff37e92ce8ff604f0f096f188a
libtiff-devel-3.8.2-7.el5_3.4.ppc.rpm     380b95d06c415091b840a5bdfcebca22
libtiff-devel-3.8.2-7.el5_3.4.ppc64.rpm     d1f7a1514cc1e831a99c349e18da6de0
 
s390x:
libtiff-3.8.2-7.el5_3.4.s390.rpm     9208451c5b58eb16cabc85f14659c9d7
libtiff-3.8.2-7.el5_3.4.s390x.rpm     c25cb80005ac81f0e9f75d1bec1d54ef
libtiff-devel-3.8.2-7.el5_3.4.s390.rpm     1f3416d04862def33cd0393fb9fce009
libtiff-devel-3.8.2-7.el5_3.4.s390x.rpm     449929637ed5d5b9afe2b5ba4d37e798
 
x86_64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.x86_64.rpm     1159c51926975d12d10b98efe065a344
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     29c79cceba6dd08afea16e9ee5d90c14
libtiff-devel-3.8.2-7.el5_3.4.x86_64.rpm     138dbfd6b1c0d86e8ea3539fde8926a4
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm     1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm     36a562e5fd80daaa85a9b83a41f36745
 
IA-64:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.ia64.rpm     e66109f3de280520830bc2df6dc8502f
libtiff-devel-3.5.7-33.el3.ia64.rpm     4965d7f73afeea09afbee3136355e84f
 
PPC:
libtiff-3.5.7-33.el3.ppc.rpm     0c88e77b345b49083d498dd03903d583
libtiff-3.5.7-33.el3.ppc64.rpm     5f627d10ebc1df5319dab8f7c3be89d2
libtiff-devel-3.5.7-33.el3.ppc.rpm     a8c33f7b9737b8ac84734db253452385
 
s390:
libtiff-3.5.7-33.el3.s390.rpm     ac3488c36336cc9099fdba053ebe8fc5
libtiff-devel-3.5.7-33.el3.s390.rpm     16e1d4103aae0d491e9aae4c6c0baff9
 
s390x:
libtiff-3.5.7-33.el3.s390.rpm     ac3488c36336cc9099fdba053ebe8fc5
libtiff-3.5.7-33.el3.s390x.rpm     a5ff56ce58c1daa1d995e7e63efac904
libtiff-devel-3.5.7-33.el3.s390x.rpm     2d6114dc3f6e26c4127ccc8a465289e1
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm     51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm     944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm     7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm     c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm     46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm     3fa67efa966f0520fc7ee1758c81245c
 
PPC:
libtiff-3.6.1-12.el4_8.4.ppc.rpm     b221eafc4649d8b06f175fbadd237847
libtiff-3.6.1-12.el4_8.4.ppc64.rpm     64a85d3a854733992c17993beb97f680
libtiff-devel-3.6.1-12.el4_8.4.ppc.rpm     adb2a89658f978332fdcd31aeddea823
 
s390:
libtiff-3.6.1-12.el4_8.4.s390.rpm     4cd353d30a95f9466ce93a7466661c8c
libtiff-devel-3.6.1-12.el4_8.4.s390.rpm     9a6f79fabfc92a260bc6231718dc3c0d
 
s390x:
libtiff-3.6.1-12.el4_8.4.s390.rpm     4cd353d30a95f9466ce93a7466661c8c
libtiff-3.6.1-12.el4_8.4.s390x.rpm     82eedd6068b1641ae6aa53db75a33cb5
libtiff-devel-3.6.1-12.el4_8.4.s390x.rpm     852087285bb8b37c6455c00f268373b1
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm     2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm     9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux AS (v. 4.8.z)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm     7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm     c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm     46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm     3fa67efa966f0520fc7ee1758c81245c
 
PPC:
libtiff-3.6.1-12.el4_8.4.ppc.rpm     b221eafc4649d8b06f175fbadd237847
libtiff-3.6.1-12.el4_8.4.ppc64.rpm     64a85d3a854733992c17993beb97f680
libtiff-devel-3.6.1-12.el4_8.4.ppc.rpm     adb2a89658f978332fdcd31aeddea823
 
s390:
libtiff-3.6.1-12.el4_8.4.s390.rpm     4cd353d30a95f9466ce93a7466661c8c
libtiff-devel-3.6.1-12.el4_8.4.s390.rpm     9a6f79fabfc92a260bc6231718dc3c0d
 
s390x:
libtiff-3.6.1-12.el4_8.4.s390.rpm     4cd353d30a95f9466ce93a7466661c8c
libtiff-3.6.1-12.el4_8.4.s390x.rpm     82eedd6068b1641ae6aa53db75a33cb5
libtiff-devel-3.6.1-12.el4_8.4.s390x.rpm     852087285bb8b37c6455c00f268373b1
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm     2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm     9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm     6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
 
x86_64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.x86_64.rpm     1159c51926975d12d10b98efe065a344
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm     1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm     36a562e5fd80daaa85a9b83a41f36745
 
IA-64:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.ia64.rpm     e66109f3de280520830bc2df6dc8502f
libtiff-devel-3.5.7-33.el3.ia64.rpm     4965d7f73afeea09afbee3136355e84f
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm     51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm     944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm     7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm     c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm     46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm     3fa67efa966f0520fc7ee1758c81245c
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm     2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm     9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux ES (v. 4.8.z)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm     7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm     c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm     46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm     3fa67efa966f0520fc7ee1758c81245c
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm     2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm     9173e1bfa51625533559ca6025e2c47e
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
SRPMS:
libtiff-3.8.2-7.el5_3.4.src.rpm     6506c4b68a30592632ae54cee7c6fa51
 
IA-32:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     29c79cceba6dd08afea16e9ee5d90c14
 
IA-64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.ia64.rpm     e3ad122340543d7e226b6616d016b83d
libtiff-devel-3.8.2-7.el5_3.4.ia64.rpm     fb8ca7befdae554d0a9705eb1d26e08b
 
PPC:
libtiff-3.8.2-7.el5_3.4.ppc.rpm     75206c6e7e89d94fc14090dbad53d220
libtiff-3.8.2-7.el5_3.4.ppc64.rpm     fb3e49ff37e92ce8ff604f0f096f188a
libtiff-devel-3.8.2-7.el5_3.4.ppc.rpm     380b95d06c415091b840a5bdfcebca22
libtiff-devel-3.8.2-7.el5_3.4.ppc64.rpm     d1f7a1514cc1e831a99c349e18da6de0
 
s390x:
libtiff-3.8.2-7.el5_3.4.s390.rpm     9208451c5b58eb16cabc85f14659c9d7
libtiff-3.8.2-7.el5_3.4.s390x.rpm     c25cb80005ac81f0e9f75d1bec1d54ef
libtiff-devel-3.8.2-7.el5_3.4.s390.rpm     1f3416d04862def33cd0393fb9fce009
libtiff-devel-3.8.2-7.el5_3.4.s390x.rpm     449929637ed5d5b9afe2b5ba4d37e798
 
x86_64:
libtiff-3.8.2-7.el5_3.4.i386.rpm     541c561950c13d322e1c5c423b733079
libtiff-3.8.2-7.el5_3.4.x86_64.rpm     1159c51926975d12d10b98efe065a344
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm     29c79cceba6dd08afea16e9ee5d90c14
libtiff-devel-3.8.2-7.el5_3.4.x86_64.rpm     138dbfd6b1c0d86e8ea3539fde8926a4
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
libtiff-3.5.7-33.el3.src.rpm     1550ea7bd9cab6497405673cb0bda969
 
IA-32:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-devel-3.5.7-33.el3.i386.rpm     36a562e5fd80daaa85a9b83a41f36745
 
IA-64:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.ia64.rpm     e66109f3de280520830bc2df6dc8502f
libtiff-devel-3.5.7-33.el3.ia64.rpm     4965d7f73afeea09afbee3136355e84f
 
x86_64:
libtiff-3.5.7-33.el3.i386.rpm     a236741f36e52208e3b7fe58bd916e63
libtiff-3.5.7-33.el3.x86_64.rpm     51a3c5822ae9f79171c2470a83dd90aa
libtiff-devel-3.5.7-33.el3.x86_64.rpm     944f46f6fa0e7e1988d35c230858efe6
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
libtiff-3.6.1-12.el4_8.4.src.rpm     7dce0cdaaf70077b0506086d588b6a2f
 
IA-32:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-devel-3.6.1-12.el4_8.4.i386.rpm     c672facd049b3bc1c08abb8417e3fd4f
 
IA-64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.ia64.rpm     46b345fab4fa3be370074cbcbfa25607
libtiff-devel-3.6.1-12.el4_8.4.ia64.rpm     3fa67efa966f0520fc7ee1758c81245c
 
x86_64:
libtiff-3.6.1-12.el4_8.4.i386.rpm     84845254cec19957c268a79161e6b27e
libtiff-3.6.1-12.el4_8.4.x86_64.rpm     2c8aacaef7f74fe4a60462c95c17255f
libtiff-devel-3.6.1-12.el4_8.4.x86_64.rpm     9173e1bfa51625533559ca6025e2c47e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

507465 - CVE-2009-2285 libtiff: LZWDecodeCompat underflow
510041 - CVE-2009-2347 libtiff: integer overflows in various inter-color spaces conversion tools (crash, ACE)


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/