libTIFF: Multiple vulnerabilities
Gentoo Linux Security Advisory
||GLSA 200605-17 / libtiff
||May 30, 2006
||May 30, 2006: 01
All supported architectures
Multiple vulnerabilities in libTIFF could lead to the execution of
arbitrary code or a Denial of Service.
libTIFF provides support for reading and manipulating TIFF images.
Multiple vulnerabilities, ranging from integer overflows and NULL
pointer dereferences to double frees, were reported in libTIFF.
An attacker could exploit these vulnerabilities by enticing a user
to open a specially crafted TIFF image, possibly leading to the
execution of arbitrary code or a Denial of Service.
There is no known workaround at this time.
All libTIFF users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/tiff-3.8.1"