[SECURITY] [DLA 969-1] tiff security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 969-1] tiff security update
From: Markus Koschany <apo@debian.org>
Date: Tue, 30 May 2017 23:59:30 +0200
Message-id: <[🔎] 5dc8cb2a-d05f-8114-7370-23d4fbfd2a68@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tiff
Version        : 4.0.2-6+deb7u13
CVE ID         : CVE-2016-3658 CVE-2016-10371
Debian Bug     : 862929

Two vulnerabilities have been discovered in libtiff, a library
providing support for the Tag Image File Format, which may result in
denial of service (out-of-bounds read or assertion failure) via a
crafted TIFF file.

For Debian 7 "Wheezy", these problems have been fixed in version
4.0.2-6+deb7u13.

We recommend that you upgrade your tiff packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlkt60JfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeRemg/+PTpVp4HI8zqBkcaFy0HiQIqVy0DkAq9GmqopoXr+I/s2McKUaL8FYsXx
Fno2uFXr7ilkPbCp1a3TfNdF6pOwkLyHvE6ELlsHPhWNSFsEuOx5qoSZuwQIdvEv
4KXWho9qio+Jx6+H8mleDwpLOjrEIA20xMMl1tTMh/g1+IiAXH+CffsmfKX6EPtE
iM8upG6jx9LhVNNaJaTPF2v4wo0D0S39iAFwr8e/Woej/h6CG3w2bDhRMPgtc7ak
ONCR6Nhw0PdoBein3gyZ/kMDC+0g51/Pdekw20qEYKMKbfKnwYKbpAXxJ5L05Bmv
zAcdY0cuhv4jV/MTXUrVBf8n1LcHM585XLLRC2LpcxQcSYphcteLbH7WHNgAfj3w
KfZ0U6tZUfx55x8g59pqMtLG5iGjQcBVx3w9EAYm9BxowJ2UyhnaVmBAFMZyrVaZ
r3r1CXN4pY+KgBKsO2HEJZiLqESQHDxLfZT+o3oPZDSvb2zffkKp4y95tr5NFRoc
mSVOxPJtfqkU7zJI6GgohlskipqDdpl1Qwdik3zxbi8YMX3uV8z+K7yl6/q12Euk
YS8ej47nrWLE0i4melSoVrZG10UoQmh4X3mVP9dA/3HO+CZ9RI0zOK2y37cMQszj
hh8tgb9hG+L3x9My878tC/DVU24hpDLvIeFDhRxsQib6st0dLDQ=
=gAFn
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 968-1] libpodofo security update
Next by Date: [SECURITY] [DLA 970-1] sudo security update
Previous by thread: [SECURITY] [DLA 968-1] libpodofo security update
Next by thread: [SECURITY] [DLA 970-1] sudo security update
Index(es):
- Date
- Thread