Two security issues in libtiff have been assigned CVEs: http://openwall.com/lists/oss-security/2013/05/02/4 Patched packages uploaded for Mageia 2 and Cauldron. Patches added in Mageia 1 SVN. Advisory: ======================== Updated libtiff packages fix security vulnerabilities: A heap-based buffer overflow flaw was found in the way tiff2pdf of libtiff performed write of TIFF image content into particular PDF document file, in the tp_process_jpeg_strip() function. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the privileges of the user running the tiff2pdf binary (CVE-2013-1960). A stack-based buffer overflow was found in the way tiff2pdf of libtiff performed write of TIFF image content into particular PDF document file, when malformed image-length and resolution values are used in the TIFF file. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash (CVE-2013-1961). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961 https://bugzilla.redhat.com/show_bug.cgi?id=952158 https://bugzilla.redhat.com/show_bug.cgi?id=952131 ======================== Updated packages in core/updates_testing: ======================== libtiff-progs-4.0.1-2.6.mga2 libtiff5-4.0.1-2.6.mga2 libtiff-devel-4.0.1-2.6.mga2 libtiff-static-devel-4.0.1-2.6.mga2 from libtiff-4.0.1-2.6.mga2.src.rpm Reproducible: Steps to Reproduce:
Procedure: https://wiki.mageia.org/en/QA_procedure:Libtiff
Whiteboard: (none) => has_procedure
Testing complete mga2 32 & 64 Validating Advisory and srpm in comment 0 Could sysadmin please push from core/updates_testing to core/updates Thanks!
Keywords: (none) => validated_updateWhiteboard: has_procedure => has_procedure mga2-64-ok mga2-32-okCC: (none) => sysadmin-bugs
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0142
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED
*** Bug 10689 has been marked as a duplicate of this bug. ***
CC: (none) => oe