AnNyung Official Homepage Home > Update [ 1.3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



libtiff 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1250509297
업데이트 : 2009.08.17


상세내용

보안 버그 수정

CVE-2009-2285:
A buffer underwrite flaw was found in libtiff's Lempel-Ziv-Welch (LZW)
compression algorithm decoder. An attacker could create a specially-crafted
LZW-encoded TIFF file, which once opened by an unsuspecting user, would
cause an application linked with libtiff to access an out-of-bounds memory
location, leading to a denial of service (application crash).

CVE-2009-2347:
Several integer overflow flaws, leading to heap-based buffer overflows,
were found in various libtiff color space conversion tools. An attacker
could create a specially-crafted TIFF file, which once opened by an
unsuspecting user, would cause the conversion tool to crash or,
potentially, execute arbitrary code with the privileges of the user running
the tool. 


Autoupdates 지원 : 지원
  pkgsysupdate


update 패키지

  RPMS :

    . libtiff-3.5.7-33.el3.i686.rpm
    . libtiff-devel-3.5.7-33.el3.i686.rpm

  SRPMS :

    . libtiff-3.5.7-33.el3.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347



    



 Home > Update [ 1.3 ]

Copyright 2018 OOPS Development Organization 
LAST MODIFIED: 2018/04/10