==========================================================Ubuntu Security Notice USN-1102-1            April 04, 2011
tiff vulnerability
CVE-2011-1167
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libtiff4                        3.7.4-1ubuntu3.11

Ubuntu 8.04 LTS:
  libtiff4                        3.8.2-7ubuntu3.9

Ubuntu 9.10:
  libtiff4                        3.8.2-13ubuntu0.6

Ubuntu 10.04 LTS:
  libtiff4                        3.9.2-2ubuntu0.6

Ubuntu 10.10:
  libtiff4                        3.9.4-2ubuntu0.3

After a standard system update you need to restart your session to make
all the necessary changes.

Details follow:

Martin Barbella discovered that the thunder (aka ThunderScan) decoder in
the TIFF library incorrectly handled an unexpected BitsPerSample value. If
a user or automated system were tricked into opening a specially crafted
TIFF image, a remote attacker could execute arbitrary code with user
privileges, or crash the application, leading to a denial of service.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    25828 5a188132e4b15d2799285c1c48941cb3
          Size/MD5:     1407 9a6dfe139833d6bfb8b2fbc67716220c
          Size/MD5:  1280113 02cf5c3820bda83b35bb35b45ae27005

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   220868 f772d70fb80981e7d857b0bd6cdb5909
          Size/MD5:   283508 ca7dd2b76511e939c697b452e9a12c5f
          Size/MD5:   488788 cb5e42ca0a90a2d2e86928f916e68b8b
          Size/MD5:    45298 d83fbdf3c0ca45a86c470abce13bf2a7
          Size/MD5:    50454 256d3d1027da40488b8ec64d81c33b4e

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   206376 035721df202c94adceaf544033ad9437
          Size/MD5:   260196 0faa5b5ed21a8e3eb4f0ada49118e0de
          Size/MD5:   476650 5a756b57c85d6f6a55256b7f871d5c67
          Size/MD5:    45146 0f9ae54fed528ebd588df3716377e6ed
          Size/MD5:    49464 71d625b0994b5aaba0fba48b8c7bc61e

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   240468 f8a0354ea00b9016c658aae61077a36f
          Size/MD5:   289572 88bfef83f983ad53d2e4eec8c25a86b4
          Size/MD5:   477328 9d818bb8f5815a4b19034956f2d08412
          Size/MD5:    47454 1d16be8ef438678216c0786f6b4234d7
          Size/MD5:    52094 652e25f8d88c9d4c41c3ed09316e06a3

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   209412 8df244d9ad1149285eef9821eee28b14
          Size/MD5:   271510 110f8ef14ecf342177345d57769c72b9
          Size/MD5:   468062 7828c57d2b0fdf7e8e625a70c6f3c4a2
          Size/MD5:    45158 5eeab51e360c270ee187300fb838a1dd
          Size/MD5:    50286 c25009f5881bfff5a0f2bf6b6bac9d2c

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

          Size/MD5:    23855 db922d51e915cd965a858a74d1dcc993
          Size/MD5:     1496 196649e1d621d085902ef59673ca9d36
          Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   186472 bd907ec83daa0399435a5a81321e35a4
          Size/MD5:   571770 fe7f7d811ccfc12c5e881339a6466c48
          Size/MD5:   132244 a2f5a1a5dcebaaeb6f76e3ffc7221609
          Size/MD5:     5078 3e7b9f8a0026f611ebaf2183396c5fe9
          Size/MD5:    10496 6d59e89519d8fbe14ad0e1b45ae69f0b

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   175320 d78e9ff31d20c42404a158d0fde63e38
          Size/MD5:   552958 433de0345c4504e7c054b4864e85fe91
          Size/MD5:   123698 b663b2c97cae791d28038b45d1254b9b
          Size/MD5:     5036 89129e4fa6a4c87b90bfd31e5ade4489
          Size/MD5:     9936 a7be9a037f8aebab240d9529bdbd2fde

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   177040 406d4586cde6236e9d06918c0c3ea45e
          Size/MD5:   555434 53054d15417e63dce1d825458dae8d1a
          Size/MD5:   124808 bced901a51e55378f456f95b007b018f
          Size/MD5:     4908 14f1d7a37b633d3dba0284280aa3073d
          Size/MD5:     9982 0f686d9ecb6e03bbce076a9bf0cb72d9

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   223484 d13669f7e29c1ce374260cda4ceae7cf
          Size/MD5:   577658 7b1de5ee93bc896a9f5612a9457a2dbe
          Size/MD5:   135386 7230b6764938f7711b4567d6c677e53f
          Size/MD5:     7504 2c0d55b2b70bea18118654b4fe90ba9e
          Size/MD5:    13296 54a90446eb331b60aa436a1a9f7a857a

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   178848 f23931d32847cea2ddbc8638ad8d9135
          Size/MD5:   559030 cba20aacaec440324d56be2787b9e3dd
          Size/MD5:   123504 54149e43569444b215d9b99393a4f161
          Size/MD5:     4800 29b5375a027b2da933e173e467252c01
          Size/MD5:    10696 e82d0147f5c86939e9ca516655ec7acc

Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:    44136 bbbfbcdfcafd8b87559ca592fe195330
          Size/MD5:     1940 db9fef1e5db0ec75b45767087ecaa0a2
          Size/MD5:  1333780 e6ec4ab957ef49d5aabc38b7a376910b

  Architecture independent packages:

          Size/MD5:   335178 072694c036e8b45765b132a9551fd2b2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   191406 1a545187725f33c544cfabb003bf8239
          Size/MD5:   252600 e9fb9661413c8c78fc4c1337af36cb8f
          Size/MD5:   136072 951b215095a186d2445ed4669e2f7d73
          Size/MD5:     6330 4b8118d847ba55b9a203b694d52f01ad
          Size/MD5:    12000 500d2d84cbc32b88c2f75dcb9efc3dab

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   175844 f41df67558906d8b843dd187b2b0a9c9
          Size/MD5:   232172 3ee5d616a946aa4a36f8632c00376f3d
          Size/MD5:   125248 77594faa5a171f0e89e0f71f961c946d
          Size/MD5:     6444 24f64d0f5ec93a64b3757da9265c1bcb
          Size/MD5:    11296 c50624dc8c61369afd8fc57e65d07732

  armel architecture (ARM Architecture):

          Size/MD5:   181870 bf2964b26a92b79375afa03fd085104f
          Size/MD5:   233912 73719491abd148f09dc891ca29c6bb08
          Size/MD5:   125226 d3ad38028a85f6759a923c2a927b653b
          Size/MD5:     5964 2d85b7a3f22953aefb769c8b78bc65e5
          Size/MD5:    11150 fb22b956435fe39784177dcccdda6843

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   177046 7017282d7a02d94fae39c802544963ae
          Size/MD5:   234588 32d04bdca549312e0e813c55d2ebdd96
          Size/MD5:   126854 aa7d0078dc9720f51c0c3391111351cd
          Size/MD5:     6312 ae017ee40d2db5da06a8f940a5a6c0ae
          Size/MD5:    11342 bbc85ea0048d87566448297bcbd5672c

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   191486 2228fa4f7c4380e1307d65dcd6cbcb15
          Size/MD5:   256694 1a7ddb548794fcd48e7b8f2efbb53782
          Size/MD5:   137578 92e7729efde21afc770a2dc207790de7
          Size/MD5:     6730 c10f1b0f5e8111890ed80f90958ca7c9
          Size/MD5:    12088 b1d250d58fd795c6601bae493c90c523

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   184298 b44a8c44ec78ac9849fdcd94b4dccaea
          Size/MD5:   237336 3acf1e338396df28b8b05646732a5656
          Size/MD5:   125306 cfe20cc0b3d0642c4dda7d2d5d514359
          Size/MD5:     6098 ecba17c3e159225e49858a7589b0ef54
          Size/MD5:    12030 ea526a25285c456a76ceb5bd91fa4172

Updated packages for Ubuntu 10.04 LTS:

  Source archives:

          Size/MD5:    20823 204dd7cc1cf0ba27ec36a461fa11cb0e
          Size/MD5:     1936 34fa3e9a9ff1508dd054357a60c9e208
          Size/MD5:  1419742 93e56e421679c591de7552db13384cb8

  Architecture independent packages:

          Size/MD5:   359248 164274954419eb59ab6333c4d43bb4a3

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   252330 2e98b72988052ac6e043ebc6def781a2
          Size/MD5:   269792 6d7c8d72b00be7189ba54339472ff8bf
          Size/MD5:   149396 d1a1bede2fd037566b543b02cd500f31
          Size/MD5:     6390 ab61c8db9d6c1b7e9d25167e119e92aa
          Size/MD5:    12032 5984fe6d7270329f5e584c63a7c7a3e3

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   234114 e0821e8376e591e8b64ffb6e85b7be95
          Size/MD5:   247104 2066f97c996a73bef33c9d0b445a5923
          Size/MD5:   137054 7bd193fd2e9c8782a009957321da7523
          Size/MD5:     6486 8fa5adfc37fe2cac0b3209e1fbebecc5
          Size/MD5:    11284 934a74fa037ba8b398bdf6ab51c65aac

  armel architecture (ARM Architecture):

          Size/MD5:   236360 ebb38946e17e8e8aa070978e7d3fefb6
          Size/MD5:   239024 b3e8ee626ee30dafa0f3ecb676c33c3b
          Size/MD5:   129854 e007b9bda015302475b3e7fed74c80c2
          Size/MD5:     5984 504c5b2bf1ffc3be8242cb79e533dc4e
          Size/MD5:    11304 5d9c78a1bb39f037d9dc4406c90f2b50

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   253520 9be0acf437b18134d02cf9017ea3107e
          Size/MD5:   275368 6a4e364921eb74767e4b04002e50f15a
          Size/MD5:   150886 52591411f6e1a50b259f29108dc82b2a
          Size/MD5:     6768 80491884a96917252352e86007b46a19
          Size/MD5:    12088 9e9f07f2447081dbe7c8602c8da377c4

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   248782 490c88ed79f35b032d0d77f4e0415195
          Size/MD5:   257528 eea8147766a6ff6191dfcfb1683048b8
          Size/MD5:   143682 b3b8fda006b11c287755bad52f7c3df1
          Size/MD5:     6228 a8060becc8909e3266211459f2e2fe33
          Size/MD5:    11922 f7bd7d491af5961415ebeb5e93fa8664

Updated packages for Ubuntu 10.10:

  Source archives:

          Size/MD5:    18825 40b1e8dc874c06de81215437731f1555
          Size/MD5:     1953 61a0f7859f16b5b544089aa7f6fe1cbf
          Size/MD5:  1436968 2006c1bdd12644dbf02956955175afd6

  Architecture independent packages:

          Size/MD5:   343012 bd0de33b4b9e417d214221dc79a0f1e2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   250536 679ca11fd132a2ee2a082dafdde2673a
          Size/MD5:   270622 740a2ed5653163abbce854732f75af65
          Size/MD5:   149596 715844d50e58b4771ee08b115d639011
          Size/MD5:     6320 fe63a0807bb04d5cfd489e7e7ddacae3
          Size/MD5:    11822 d170a65cb29625395158a26b89edc406

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   230152 039a308a0820f6b54f8d023f6729394a
          Size/MD5:   247270 4dc10ff022f91af50607ee39acb76d63
          Size/MD5:   136954 8c6979ebd60ec83d93a68bbd2379d30c
          Size/MD5:     6426 a3ce063a372076fcff94046b164ad629
          Size/MD5:    11144 4de2308de48ef3226f4e77e1b0f952dc

  armel architecture (ARM Architecture):

          Size/MD5:   259194 0b826ab65984562e4bcf73e8afd795fa
          Size/MD5:   271580 e20391fb5468423e0076050d9d4ccbf2
          Size/MD5:   151896 9c714087910c7b19d019b051ace0e708
          Size/MD5:     5860 d208d6d0fc4c958ebe8c289954c03a4c
          Size/MD5:    11234 4752e67dd1298cda282488aa7536a8bc

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   250354 16d49a559be0f64b7dd1f3c1e65966f6
          Size/MD5:   276008 2c599186323b325cfce0e5d47f3399c0
          Size/MD5:   150824 18b86da32c7a3404e3bae2c6f9ed7091
          Size/MD5:     6702 635a3756efd0ae1efa040e326dfb68f4
          Size/MD5:    11964 8a43a6d125ff42a755f1a79295b692fe

Ubuntu 1102-1: tiff vulnerability

April 4, 2011
Martin Barbella discovered that the thunder (aka ThunderScan) decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value

Summary

Update Instructions

References

Severity
tiff vulnerability

Package Information

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved