Skip to navigation

Security Advisory Moderate: libtiff security update

Advisory: RHSA-2012:1590-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-12-18
Last updated on: 2012-12-18
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.3.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-3401
CVE-2012-4447
CVE-2012-4564
CVE-2012-5581

Details

Updated libtiff packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The libtiff packages contain a library of functions for manipulating Tagged
Image File Format (TIFF) files.

A heap-based buffer overflow flaw was found in the way libtiff processed
certain TIFF images using the Pixar Log Format encoding. An attacker could
create a specially-crafted TIFF file that, when opened, could cause an
application using libtiff to crash or, possibly, execute arbitrary code
with the privileges of the user running the application. (CVE-2012-4447)

A stack-based buffer overflow flaw was found in the way libtiff handled
DOTRANGE tags. An attacker could use this flaw to create a
specially-crafted TIFF file that, when opened, would cause an application
linked against libtiff to crash or, possibly, execute arbitrary code.
(CVE-2012-5581)

A heap-based buffer overflow flaw was found in the tiff2pdf tool. An
attacker could use this flaw to create a specially-crafted TIFF file that
would cause tiff2pdf to crash or, possibly, execute arbitrary code.
(CVE-2012-3401)

A missing return value check flaw, leading to a heap-based buffer overflow,
was found in the ppm2tiff tool. An attacker could use this flaw to create a
specially-crafted PPM (Portable Pixel Map) file that would cause ppm2tiff
to crash or, possibly, execute arbitrary code. (CVE-2012-4564)

The CVE-2012-5581, CVE-2012-3401, and CVE-2012-4564 issues were discovered
by Huzaifa Sidhpurwala of the Red Hat Security Response Team.

All libtiff users should upgrade to these updated packages, which contain
backported patches to resolve these issues. All running applications linked
against libtiff must be restarted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
libtiff-3.8.2-18.el5_8.src.rpm
File outdated by:  RHSA-2014:0223
    MD5: 78c883645495933601c6d4ba08e34001
SHA-256: 11ab78f65a76c56f3694755fe796cee1bfe306d6291bb7f6ea8377ef74645b9f
 
IA-32:
libtiff-debuginfo-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 6610bf6f93d0586394d7ab49133228fd
SHA-256: 3d69846378ee9489572a5558d2e9b981b360319345de0cc0142966e2c2e37815
libtiff-devel-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 7581e43badb6555ea940a31347c9c053
SHA-256: 6c464e6579408c7b0a7f531a1fd19d40b2c53a3fdd25a361e6a3d7486e47f330
 
x86_64:
libtiff-debuginfo-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 6610bf6f93d0586394d7ab49133228fd
SHA-256: 3d69846378ee9489572a5558d2e9b981b360319345de0cc0142966e2c2e37815
libtiff-debuginfo-3.8.2-18.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0223
    MD5: f32b36f580137bed1fb46f36627966df
SHA-256: 86bb653a8b0a027094a55591e7e2a782a645a1e18c923113b31485c61dc48ac2
libtiff-devel-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 7581e43badb6555ea940a31347c9c053
SHA-256: 6c464e6579408c7b0a7f531a1fd19d40b2c53a3fdd25a361e6a3d7486e47f330
libtiff-devel-3.8.2-18.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 1236200a4cad23f1548c8855c5d1ffa2
SHA-256: 642f7bf10a4c509117a2accb102ac94956a0b829a616265b1e783b5ea686d178
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
libtiff-3.8.2-18.el5_8.src.rpm
File outdated by:  RHSA-2014:0223
    MD5: 78c883645495933601c6d4ba08e34001
SHA-256: 11ab78f65a76c56f3694755fe796cee1bfe306d6291bb7f6ea8377ef74645b9f
 
IA-32:
libtiff-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 587405f7ae0a756f4f47747a8e958d72
SHA-256: 93d105d50b241ca51622afa4d4027fbb747f356bc7c422819b8792297ab04ff9
libtiff-debuginfo-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 6610bf6f93d0586394d7ab49133228fd
SHA-256: 3d69846378ee9489572a5558d2e9b981b360319345de0cc0142966e2c2e37815
libtiff-devel-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 7581e43badb6555ea940a31347c9c053
SHA-256: 6c464e6579408c7b0a7f531a1fd19d40b2c53a3fdd25a361e6a3d7486e47f330
 
IA-64:
libtiff-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 587405f7ae0a756f4f47747a8e958d72
SHA-256: 93d105d50b241ca51622afa4d4027fbb747f356bc7c422819b8792297ab04ff9
libtiff-3.8.2-18.el5_8.ia64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 88fda19d9054fbd06369e338b904d870
SHA-256: 89c575c9373198618f824019b65a4e7b1f29cfbf67417fa2a661b1178c3a7a7b
libtiff-debuginfo-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 6610bf6f93d0586394d7ab49133228fd
SHA-256: 3d69846378ee9489572a5558d2e9b981b360319345de0cc0142966e2c2e37815
libtiff-debuginfo-3.8.2-18.el5_8.ia64.rpm
File outdated by:  RHSA-2014:0223
    MD5: b00dd4e1ffac7402dbac898b6abd370e
SHA-256: 48b8f2f8aca4a29239669ffc877611484e403c44357e10bbf3369028be8750c9
libtiff-devel-3.8.2-18.el5_8.ia64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 2dbb842f773cabe42139451ccd553c12
SHA-256: a340452bbd40e35474ab621f5968d29c23b584c5d1d950b55650fe97702414c9
 
PPC:
libtiff-3.8.2-18.el5_8.ppc.rpm
File outdated by:  RHSA-2014:0223
    MD5: cc66c6fdec8d4bdc21f8165982dc6986
SHA-256: a6539fe8f6bd3dbd0b29cb356fa322a5beaa89bdb6e3262f0b953ff6aa91d2b6
libtiff-3.8.2-18.el5_8.ppc64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 673a9e26b483423598e88fe695ad6397
SHA-256: 678e4e3ae61d64a5b16baf15e79bd008cb90d62c3ef394ab6c99861311a0d0e3
libtiff-debuginfo-3.8.2-18.el5_8.ppc.rpm
File outdated by:  RHSA-2014:0223
    MD5: 7a42c2dc2083f5c5e821989253bdd92f
SHA-256: 4f34a47daeec2bf06e8dd893bdde7d8ebcecf198f84521c33d33edcdcb7ba587
libtiff-debuginfo-3.8.2-18.el5_8.ppc64.rpm
File outdated by:  RHSA-2014:0223
    MD5: ff3a98002fab6e7adb7471286c6b51d6
SHA-256: 0f7fe64855d2197393dca5c1df8273fa2378b28484624ca37d6019b5b60622b9
libtiff-devel-3.8.2-18.el5_8.ppc.rpm
File outdated by:  RHSA-2014:0223
    MD5: 67674f2f0c9e94c363c23a1c4edccedc
SHA-256: 5f32a19ff6d7421262fdc9288adbe0ece2a43947f6c6431ff9b13270f26bffa1
libtiff-devel-3.8.2-18.el5_8.ppc64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 8626e416c3842806a6130d25ce1aa700
SHA-256: ede57841e02ca16901aa34a8987f8a37187a0d1f899f81179835c4c7efb073c4
 
s390x:
libtiff-3.8.2-18.el5_8.s390.rpm
File outdated by:  RHSA-2014:0223
    MD5: 46f2102f30a2bebba083f96bf9ede7b9
SHA-256: 1d3a6ed530db42bac52574ea373a9b3ab75540d68828e2196114fc3b0ffa5a17
libtiff-3.8.2-18.el5_8.s390x.rpm
File outdated by:  RHSA-2014:0223
    MD5: 146903746eec203d7460e28f28438c99
SHA-256: 01646b4d8f867ab91b91ae067d1ba50fe83c6b4986043b0d45c9fc371c26d303
libtiff-debuginfo-3.8.2-18.el5_8.s390.rpm
File outdated by:  RHSA-2014:0223
    MD5: 83afc344c970ee1aa5172df35aa6f7d5
SHA-256: f280071e253bbe897b0b28e549ea0d0ee36a5a84d62381f8fd2c39546c35e2b0
libtiff-debuginfo-3.8.2-18.el5_8.s390x.rpm
File outdated by:  RHSA-2014:0223
    MD5: 7b84090698bb139185409c216cb7fa55
SHA-256: 581cdda09efc36cb86bdc6c2d7c1084963ea7f7eb179f71ad6cea650c88f55aa
libtiff-devel-3.8.2-18.el5_8.s390.rpm
File outdated by:  RHSA-2014:0223
    MD5: 2677d9cc990620f1027db4d27823c2d5
SHA-256: 716190ad27fde2e1f1ca5953ea795bdeb310fa962ac0c9b55cb4bd78f4fd2929
libtiff-devel-3.8.2-18.el5_8.s390x.rpm
File outdated by:  RHSA-2014:0223
    MD5: 09ef9d5289538fb1a9ec84cf71d3deec
SHA-256: fb5714077b4bcc61a9ce3fc94239cced15dafd17ca32c71348bbd65d764213c8
 
x86_64:
libtiff-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 587405f7ae0a756f4f47747a8e958d72
SHA-256: 93d105d50b241ca51622afa4d4027fbb747f356bc7c422819b8792297ab04ff9
libtiff-3.8.2-18.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 149a0dc1fa7c4ba0cc4f9071a5f717c9
SHA-256: 78f006f312a85457cc2a7a2394a912fef71c35ce9694e56e9db6f4985f640dbf
libtiff-debuginfo-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 6610bf6f93d0586394d7ab49133228fd
SHA-256: 3d69846378ee9489572a5558d2e9b981b360319345de0cc0142966e2c2e37815
libtiff-debuginfo-3.8.2-18.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0223
    MD5: f32b36f580137bed1fb46f36627966df
SHA-256: 86bb653a8b0a027094a55591e7e2a782a645a1e18c923113b31485c61dc48ac2
libtiff-devel-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 7581e43badb6555ea940a31347c9c053
SHA-256: 6c464e6579408c7b0a7f531a1fd19d40b2c53a3fdd25a361e6a3d7486e47f330
libtiff-devel-3.8.2-18.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 1236200a4cad23f1548c8855c5d1ffa2
SHA-256: 642f7bf10a4c509117a2accb102ac94956a0b829a616265b1e783b5ea686d178
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
libtiff-3.8.2-18.el5_8.src.rpm
File outdated by:  RHSA-2014:0223
    MD5: 78c883645495933601c6d4ba08e34001
SHA-256: 11ab78f65a76c56f3694755fe796cee1bfe306d6291bb7f6ea8377ef74645b9f
 
IA-32:
libtiff-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 587405f7ae0a756f4f47747a8e958d72
SHA-256: 93d105d50b241ca51622afa4d4027fbb747f356bc7c422819b8792297ab04ff9
libtiff-debuginfo-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 6610bf6f93d0586394d7ab49133228fd
SHA-256: 3d69846378ee9489572a5558d2e9b981b360319345de0cc0142966e2c2e37815
 
x86_64:
libtiff-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 587405f7ae0a756f4f47747a8e958d72
SHA-256: 93d105d50b241ca51622afa4d4027fbb747f356bc7c422819b8792297ab04ff9
libtiff-3.8.2-18.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0223
    MD5: 149a0dc1fa7c4ba0cc4f9071a5f717c9
SHA-256: 78f006f312a85457cc2a7a2394a912fef71c35ce9694e56e9db6f4985f640dbf
libtiff-debuginfo-3.8.2-18.el5_8.i386.rpm
File outdated by:  RHSA-2014:0223
    MD5: 6610bf6f93d0586394d7ab49133228fd
SHA-256: 3d69846378ee9489572a5558d2e9b981b360319345de0cc0142966e2c2e37815
libtiff-debuginfo-3.8.2-18.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0223
    MD5: f32b36f580137bed1fb46f36627966df
SHA-256: 86bb653a8b0a027094a55591e7e2a782a645a1e18c923113b31485c61dc48ac2
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
libtiff-3.9.4-9.el6_3.src.rpm
File outdated by:  RHSA-2014:0222
    MD5: 1060aae3f00a6c09dbf2337f71e1f795
SHA-256: cbb64379c2c976c2f092f47944aa3592dcb86d90f01eef833cc8f2f98b21301a
 
IA-32:
libtiff-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-devel-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-static-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 2c0edaf35f56ccb368c40f2730144d2d
SHA-256: b2b8d21698dd6b5eebb85b34dfc3d03217b3d4abb9eec9651b09fe053a5d8e76
 
x86_64:
libtiff-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 8ce3c8eef76a56aff0038be1079971a8
SHA-256: 8d8a394b30740e30d459e04999d17b080ddd5ec73ba1e5e820afcd3ef92fd27a
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-debuginfo-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0d1851d9534b21b23ad346bca723f02d
SHA-256: 19eff2f18deb6b2cc6dd7d35c097d632c87c008951b88827762f6acaefe0ad18
libtiff-devel-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-devel-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3aa5ce44da3303554ae86c4143c0f331
SHA-256: b23479c5f1fc7e14e8a4b35d027b92556ab87e8773683fdc363d8890d3c89ce6
libtiff-static-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: d843d2628fc1827e0681eb28ff56202d
SHA-256: c857a62de9de128bdab0876ce2275c3424f27beacb0eb561a4728c7f3af328e6
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
libtiff-3.9.4-9.el6_3.src.rpm
File outdated by:  RHSA-2014:0222
    MD5: 1060aae3f00a6c09dbf2337f71e1f795
SHA-256: cbb64379c2c976c2f092f47944aa3592dcb86d90f01eef833cc8f2f98b21301a
 
x86_64:
libtiff-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 8ce3c8eef76a56aff0038be1079971a8
SHA-256: 8d8a394b30740e30d459e04999d17b080ddd5ec73ba1e5e820afcd3ef92fd27a
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-debuginfo-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0d1851d9534b21b23ad346bca723f02d
SHA-256: 19eff2f18deb6b2cc6dd7d35c097d632c87c008951b88827762f6acaefe0ad18
libtiff-devel-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-devel-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3aa5ce44da3303554ae86c4143c0f331
SHA-256: b23479c5f1fc7e14e8a4b35d027b92556ab87e8773683fdc363d8890d3c89ce6
libtiff-static-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: d843d2628fc1827e0681eb28ff56202d
SHA-256: c857a62de9de128bdab0876ce2275c3424f27beacb0eb561a4728c7f3af328e6
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
libtiff-3.9.4-9.el6_3.src.rpm
File outdated by:  RHSA-2014:0222
    MD5: 1060aae3f00a6c09dbf2337f71e1f795
SHA-256: cbb64379c2c976c2f092f47944aa3592dcb86d90f01eef833cc8f2f98b21301a
 
IA-32:
libtiff-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-devel-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-static-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 2c0edaf35f56ccb368c40f2730144d2d
SHA-256: b2b8d21698dd6b5eebb85b34dfc3d03217b3d4abb9eec9651b09fe053a5d8e76
 
PPC:
libtiff-3.9.4-9.el6_3.ppc.rpm
File outdated by:  RHSA-2014:0222
    MD5: 7a9a7cba2314776cebccea2a6b88626f
SHA-256: 6064f357ed328fb0a55d97b6b32792db7b579966b2e33c4a438ba876bda1b831
libtiff-3.9.4-9.el6_3.ppc64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 75fbac5d64394a0b03da0a44f4350515
SHA-256: cb7494e719e7c2301b455cbab4328d4cdb433a691c255fe74312eeea10a51d11
libtiff-debuginfo-3.9.4-9.el6_3.ppc.rpm
File outdated by:  RHSA-2014:0222
    MD5: 6e657650bc0666a334ea01657576f5d4
SHA-256: 9ed1fbeca1c18ab683db0fbc4b8b6bac12dc7aad151e4f326a6880fc519ced50
libtiff-debuginfo-3.9.4-9.el6_3.ppc64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 9949a6619021a12dbde23e5d3b907eb9
SHA-256: 699bfb3d293bb3f785e6558dea959e91c66c583216c3f44448b2a5d0079b0e65
libtiff-devel-3.9.4-9.el6_3.ppc.rpm
File outdated by:  RHSA-2014:0222
    MD5: ef821068fb2a07ffef0ff0c7c23e3725
SHA-256: b1f84cfd5ac18991296c4c859c020d4e0b089436a9c7780a583e95bba30ccca8
libtiff-devel-3.9.4-9.el6_3.ppc64.rpm
File outdated by:  RHSA-2014:0222
    MD5: c7553e7f7bf73395ce187f748039c2cf
SHA-256: c9a4a2b27ea820abfb771788e4e849defa9de9836b2c1869c25932de9bfc1d85
libtiff-static-3.9.4-9.el6_3.ppc64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 7f5ad60c84a52ff19b335a37beca659d
SHA-256: c67a5ef3d9c03c70f27f10718a20a0bbecac3e6c7a3db28efb3155eecd5ea4d6
 
s390x:
libtiff-3.9.4-9.el6_3.s390.rpm
File outdated by:  RHSA-2014:0222
    MD5: bf26c90b466ab9a10f6e5b9edd643019
SHA-256: 52c58f56c5ab1ed4e56e26ad1b4da8a6fd51d46d1a15f7acff4aa1bbee20bd26
libtiff-3.9.4-9.el6_3.s390x.rpm
File outdated by:  RHSA-2014:0222
    MD5: 2b2453f9722363d8dd5dbbf85dc34269
SHA-256: b956ac6aa27a71289745108d321e4af75550b2f1393029db749b9fedc5f39242
libtiff-debuginfo-3.9.4-9.el6_3.s390.rpm
File outdated by:  RHSA-2014:0222
    MD5: 34ff418ae7bba18263c4861375e10abd
SHA-256: 7b154cb58cf5694bcdec622479b7f91918a2dbab08f963da15a934ba84d76ba5
libtiff-debuginfo-3.9.4-9.el6_3.s390x.rpm
File outdated by:  RHSA-2014:0222
    MD5: 28165d55a78369c82e69c3a7bf7af724
SHA-256: b076a35118aecac9a8c4eda16b32efdd5856d0cd50650555001589c85c590b91
libtiff-devel-3.9.4-9.el6_3.s390.rpm
File outdated by:  RHSA-2014:0222
    MD5: 805bcdb015e08fed16ea708822883ad9
SHA-256: 1f3b034b361867c6a43bb8e6cc0c6ee2260a0e58fc2bcc9e3ae908df039614b8
libtiff-devel-3.9.4-9.el6_3.s390x.rpm
File outdated by:  RHSA-2014:0222
    MD5: cc5890f2d9024bdee76261856c4b92bd
SHA-256: d26795d200e4f2c8bfed2aee1b4c01e4c907c909b48ed80ebc6951859855ec76
libtiff-static-3.9.4-9.el6_3.s390x.rpm
File outdated by:  RHSA-2014:0222
    MD5: 8cee6de446a056ca9110ae65574d3d8a
SHA-256: 4f6e693b7a48033d411824964929d5efc60a846deda0c60ee2f3b32b6fb8d6ab
 
x86_64:
libtiff-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 8ce3c8eef76a56aff0038be1079971a8
SHA-256: 8d8a394b30740e30d459e04999d17b080ddd5ec73ba1e5e820afcd3ef92fd27a
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-debuginfo-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0d1851d9534b21b23ad346bca723f02d
SHA-256: 19eff2f18deb6b2cc6dd7d35c097d632c87c008951b88827762f6acaefe0ad18
libtiff-devel-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-devel-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3aa5ce44da3303554ae86c4143c0f331
SHA-256: b23479c5f1fc7e14e8a4b35d027b92556ab87e8773683fdc363d8890d3c89ce6
libtiff-static-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: d843d2628fc1827e0681eb28ff56202d
SHA-256: c857a62de9de128bdab0876ce2275c3424f27beacb0eb561a4728c7f3af328e6
 
Red Hat Enterprise Linux Server EUS (v. 6.3.z)

SRPMS:
libtiff-3.9.4-9.el6_3.src.rpm
File outdated by:  RHSA-2014:0222
    MD5: 1060aae3f00a6c09dbf2337f71e1f795
SHA-256: cbb64379c2c976c2f092f47944aa3592dcb86d90f01eef833cc8f2f98b21301a
 
IA-32:
libtiff-3.9.4-9.el6_3.i686.rpm     MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm     MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-devel-3.9.4-9.el6_3.i686.rpm     MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-static-3.9.4-9.el6_3.i686.rpm     MD5: 2c0edaf35f56ccb368c40f2730144d2d
SHA-256: b2b8d21698dd6b5eebb85b34dfc3d03217b3d4abb9eec9651b09fe053a5d8e76
 
PPC:
libtiff-3.9.4-9.el6_3.ppc.rpm     MD5: 7a9a7cba2314776cebccea2a6b88626f
SHA-256: 6064f357ed328fb0a55d97b6b32792db7b579966b2e33c4a438ba876bda1b831
libtiff-3.9.4-9.el6_3.ppc64.rpm     MD5: 75fbac5d64394a0b03da0a44f4350515
SHA-256: cb7494e719e7c2301b455cbab4328d4cdb433a691c255fe74312eeea10a51d11
libtiff-debuginfo-3.9.4-9.el6_3.ppc.rpm     MD5: 6e657650bc0666a334ea01657576f5d4
SHA-256: 9ed1fbeca1c18ab683db0fbc4b8b6bac12dc7aad151e4f326a6880fc519ced50
libtiff-debuginfo-3.9.4-9.el6_3.ppc64.rpm     MD5: 9949a6619021a12dbde23e5d3b907eb9
SHA-256: 699bfb3d293bb3f785e6558dea959e91c66c583216c3f44448b2a5d0079b0e65
libtiff-devel-3.9.4-9.el6_3.ppc.rpm     MD5: ef821068fb2a07ffef0ff0c7c23e3725
SHA-256: b1f84cfd5ac18991296c4c859c020d4e0b089436a9c7780a583e95bba30ccca8
libtiff-devel-3.9.4-9.el6_3.ppc64.rpm     MD5: c7553e7f7bf73395ce187f748039c2cf
SHA-256: c9a4a2b27ea820abfb771788e4e849defa9de9836b2c1869c25932de9bfc1d85
libtiff-static-3.9.4-9.el6_3.ppc64.rpm     MD5: 7f5ad60c84a52ff19b335a37beca659d
SHA-256: c67a5ef3d9c03c70f27f10718a20a0bbecac3e6c7a3db28efb3155eecd5ea4d6
 
s390x:
libtiff-3.9.4-9.el6_3.s390.rpm     MD5: bf26c90b466ab9a10f6e5b9edd643019
SHA-256: 52c58f56c5ab1ed4e56e26ad1b4da8a6fd51d46d1a15f7acff4aa1bbee20bd26
libtiff-3.9.4-9.el6_3.s390x.rpm     MD5: 2b2453f9722363d8dd5dbbf85dc34269
SHA-256: b956ac6aa27a71289745108d321e4af75550b2f1393029db749b9fedc5f39242
libtiff-debuginfo-3.9.4-9.el6_3.s390.rpm     MD5: 34ff418ae7bba18263c4861375e10abd
SHA-256: 7b154cb58cf5694bcdec622479b7f91918a2dbab08f963da15a934ba84d76ba5
libtiff-debuginfo-3.9.4-9.el6_3.s390x.rpm     MD5: 28165d55a78369c82e69c3a7bf7af724
SHA-256: b076a35118aecac9a8c4eda16b32efdd5856d0cd50650555001589c85c590b91
libtiff-devel-3.9.4-9.el6_3.s390.rpm     MD5: 805bcdb015e08fed16ea708822883ad9
SHA-256: 1f3b034b361867c6a43bb8e6cc0c6ee2260a0e58fc2bcc9e3ae908df039614b8
libtiff-devel-3.9.4-9.el6_3.s390x.rpm     MD5: cc5890f2d9024bdee76261856c4b92bd
SHA-256: d26795d200e4f2c8bfed2aee1b4c01e4c907c909b48ed80ebc6951859855ec76
libtiff-static-3.9.4-9.el6_3.s390x.rpm     MD5: 8cee6de446a056ca9110ae65574d3d8a
SHA-256: 4f6e693b7a48033d411824964929d5efc60a846deda0c60ee2f3b32b6fb8d6ab
 
x86_64:
libtiff-3.9.4-9.el6_3.i686.rpm     MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-3.9.4-9.el6_3.x86_64.rpm     MD5: 8ce3c8eef76a56aff0038be1079971a8
SHA-256: 8d8a394b30740e30d459e04999d17b080ddd5ec73ba1e5e820afcd3ef92fd27a
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm     MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-debuginfo-3.9.4-9.el6_3.x86_64.rpm     MD5: 0d1851d9534b21b23ad346bca723f02d
SHA-256: 19eff2f18deb6b2cc6dd7d35c097d632c87c008951b88827762f6acaefe0ad18
libtiff-devel-3.9.4-9.el6_3.i686.rpm     MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-devel-3.9.4-9.el6_3.x86_64.rpm     MD5: 3aa5ce44da3303554ae86c4143c0f331
SHA-256: b23479c5f1fc7e14e8a4b35d027b92556ab87e8773683fdc363d8890d3c89ce6
libtiff-static-3.9.4-9.el6_3.x86_64.rpm     MD5: d843d2628fc1827e0681eb28ff56202d
SHA-256: c857a62de9de128bdab0876ce2275c3424f27beacb0eb561a4728c7f3af328e6
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
libtiff-3.9.4-9.el6_3.src.rpm
File outdated by:  RHSA-2014:0222
    MD5: 1060aae3f00a6c09dbf2337f71e1f795
SHA-256: cbb64379c2c976c2f092f47944aa3592dcb86d90f01eef833cc8f2f98b21301a
 
IA-32:
libtiff-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-devel-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-static-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 2c0edaf35f56ccb368c40f2730144d2d
SHA-256: b2b8d21698dd6b5eebb85b34dfc3d03217b3d4abb9eec9651b09fe053a5d8e76
 
x86_64:
libtiff-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 98f076dc81812bc62fdafc92943ead9b
SHA-256: 6a9a1c281e24173420eaae9dc46dc2914f881ee5273a845b3dfc51df96c51746
libtiff-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 8ce3c8eef76a56aff0038be1079971a8
SHA-256: 8d8a394b30740e30d459e04999d17b080ddd5ec73ba1e5e820afcd3ef92fd27a
libtiff-debuginfo-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0eca83fe3b3cd3780d58dd8730f15f63
SHA-256: 92e78628c84d63a27d189ec285d77cbacc429844dfd55fc39fefd5fc42345aa3
libtiff-debuginfo-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 0d1851d9534b21b23ad346bca723f02d
SHA-256: 19eff2f18deb6b2cc6dd7d35c097d632c87c008951b88827762f6acaefe0ad18
libtiff-devel-3.9.4-9.el6_3.i686.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3a62c08de1ff7360c160fe3404491b8d
SHA-256: ecd3bc16d01b1dc967ee7fff13a10da4f415f964f577db77a8777f3bd679805f
libtiff-devel-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: 3aa5ce44da3303554ae86c4143c0f331
SHA-256: b23479c5f1fc7e14e8a4b35d027b92556ab87e8773683fdc363d8890d3c89ce6
libtiff-static-3.9.4-9.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0222
    MD5: d843d2628fc1827e0681eb28ff56202d
SHA-256: c857a62de9de128bdab0876ce2275c3424f27beacb0eb561a4728c7f3af328e6
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

837577 - CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
860198 - CVE-2012-4447 libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
867235 - CVE-2012-5581 libtiff: Stack-based buffer overflow when reading a tiled tiff file
871700 - CVE-2012-4564 libtiff: Missing return value check in ppm2tiff leading to heap-buffer overflow when reading a tiff file


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/