DSA 1091-1: New TIFF packages fix arbitrary code execution
Posted on: 06/08/2006 01:32 PM

The Debian Security Team published a new security update for Debian GNU/Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1091-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 8th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : tiff
Vulnerability : buffer overflows
Problem type : none or remote
Debian-specific: no
CVE ID : CVE-2006-2656 CVE-2006-2193
Debian Bug : 369819

Several problems have been discovered in the TIFF library. The Common
Vulnerabilities and Exposures project identifies the following issues:

CVE-2006-2193

SuSE discovered a buffer overflow in the conversion of TIFF files
into PDF documents which could be exploited when tiff2pdf is used
e.g. in a printer filter.

CVE-2006-2656

The tiffsplit command from the TIFF library contains a buffer
overflow in the commandline handling which could be exploited when
the program is executed automatically on unknown filenames.

For the old stable distribution (woody) this problem has been fixed in
version 3.5.5-7woody2.

For the stable distribution (sarge) this problem has been fixed in
version 3.7.2-5.

For the unstable distribution (sid) this problem has been fixed in
version 3.8.2-4.

We recommend that you upgrade your tiff packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-7woody2.dsc
Size/MD5 checksum: 635 63c05c844a00a57f87f1804dc668ccbf
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-7woody2.diff.gz
Size/MD5 checksum: 38682 5905ba8ea39b409b4aa2893b697f35bc
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz
Size/MD5 checksum: 693641 3b7199ba793dec6ca88f38bb0c8cc4d8

Alpha architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_alpha.deb
Size/MD5 checksum: 141478 2e995b46f312ecf35858f06e50c2ae2e
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_alpha.deb
Size/MD5 checksum: 106182 c383b1a1f292525e60efa68750bda5ae
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_alpha.deb
Size/MD5 checksum: 423868 da0015dd297de4f4128488fca92c3a88

ARM architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_arm.deb
Size/MD5 checksum: 117012 fe039271e5e9a94f56a2ca4c8a38a373
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_arm.deb
Size/MD5 checksum: 91610 d52006c179bfc3a13a779dfab1afa8fd
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_arm.deb
Size/MD5 checksum: 404850 69dd0252a4e15f0bc84ddb0d53ce5c96

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_i386.deb
Size/MD5 checksum: 112058 cc978252d32d2e853ed08a655940b15b
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_i386.deb
Size/MD5 checksum: 82070 22733411e25f7fac444f148dcfb685a7
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_i386.deb
Size/MD5 checksum: 387442 dc8f36b0bfed0cc69d53c14f6b6e2fd4

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_ia64.deb
Size/MD5 checksum: 158834 dda97df687d64fef045e7dd425a9b01e
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_ia64.deb
Size/MD5 checksum: 136678 e43c8ca8bcbdb54d09cee79f7c2f5665
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_ia64.deb
Size/MD5 checksum: 447048 100db6566cc42766d93fd67913834096

HP Precision architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_hppa.deb
Size/MD5 checksum: 128284 43c94055d54efb3d3d0708f527617ca8
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_hppa.deb
Size/MD5 checksum: 107708 089f41dfe3629250ddc02cbe1c76c649
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_hppa.deb
Size/MD5 checksum: 420730 018d785c7890016dfab3cba41e949dc5

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_m68k.deb
Size/MD5 checksum: 107282 1719b7463ef81d07075c39453f793080
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_m68k.deb
Size/MD5 checksum: 80748 2020a4999f141c2b5ba47090c551de36
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_m68k.deb
Size/MD5 checksum: 380718 d75aa876cef53d488178caae1dc160f2

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_mips.deb
Size/MD5 checksum: 124022 7deeb5d1d0b5eb2c536143949e507fb0
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_mips.deb
Size/MD5 checksum: 88820 ef4eed05b2bb2f853c74997141bab9e6
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_mips.deb
Size/MD5 checksum: 411210 d9a0dd8ae266524ff80efcd88e74365a

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_mipsel.deb
Size/MD5 checksum: 123536 88738fa15be0cb199c006503a12e13df
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_mipsel.deb
Size/MD5 checksum: 89122 beaf555e5d72f290852777b750a676cc
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_mipsel.deb
Size/MD5 checksum: 411326 61a6b79d2fd527d1c3fcd41eac1bd408

PowerPC architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_powerpc.deb
Size/MD5 checksum: 116102 5bb725af64e1f4c2d4a9bc90ab2cc8e0
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_powerpc.deb
Size/MD5 checksum: 90618 2e4cfb7cd4e2dee6418fa7f88f01c68f
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_powerpc.deb
Size/MD5 checksum: 403142 39f179238a6d70f1a755c7a7751c6b1d

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_s390.deb
Size/MD5 checksum: 116912 a4c1ef170588a8be47985338e6f99074
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_s390.deb
Size/MD5 checksum: 92814 c33810f1cae1535ceb0d2f06a2cc4875
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_s390.deb
Size/MD5 checksum: 395670 0925a01ed6e686c24aecba121ee12a7f

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_sparc.deb
Size/MD5 checksum: 132896 653921fed0879588e859ec05555d25ad
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_sparc.deb
Size/MD5 checksum: 89798 7097a2950a1a40f46c91cccd97e9fef3
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_sparc.deb
Size/MD5 checksum: 397444 82752cc23951fc4e26838a704fd18561


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2-5.dsc
Size/MD5 checksum: 736 a818c1d8f13bba145e33b79f5b476707
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2-5.diff.gz
Size/MD5 checksum: 11836 91da082b84456d159fcea664b99012d2
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2.orig.tar.gz
Size/MD5 checksum: 1252995 221679f6d5c15670b3c242cbfff79a00

Alpha architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_alpha.deb
Size/MD5 checksum: 46922 0c35a8df000764e528ae384ac325b8ad
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_alpha.deb
Size/MD5 checksum: 243676 b8745078cb5af1773f1b28e97a787343
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_alpha.deb
Size/MD5 checksum: 478368 6aa0652b69c62bfc7e51c6781d06fa19
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_alpha.deb
Size/MD5 checksum: 309918 adb7022423ccd165188e8071e19cc442
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_alpha.deb
Size/MD5 checksum: 41048 72d163b97923c66a8b632e1907bc0865

AMD64 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_amd64.deb
Size/MD5 checksum: 45848 f79893646f9c74fdef624f949fea88ad
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_amd64.deb
Size/MD5 checksum: 217914 b4abe50b4c24e899cbb961612ff3bdb2
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_amd64.deb
Size/MD5 checksum: 459378 d01fdb8c0c066e5e4503b006b696658d
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_amd64.deb
Size/MD5 checksum: 266960 a13564cc4b1ab7cfe8e956a556c8ee25
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_amd64.deb
Size/MD5 checksum: 40618 9114caa1d68c7197f9fa24c1747cd99d

ARM architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_arm.deb
Size/MD5 checksum: 45362 fce43634a68f4a8867764f9b8649f07a
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_arm.deb
Size/MD5 checksum: 208490 64553848b27faef1fc6072623904db18
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_arm.deb
Size/MD5 checksum: 453542 16cde56a8e4d74ff39fec6f1cc664171
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_arm.deb
Size/MD5 checksum: 265224 c1e43bfa93d33ea20c970485c2559ec1
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_arm.deb
Size/MD5 checksum: 40112 835f54888f47687d80bd283956b6a433

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_i386.deb
Size/MD5 checksum: 45226 fb6a72018e538b9c01be4f1d7b83f5ee
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_i386.deb
Size/MD5 checksum: 206256 bc2113c8fa422bfa43770aff225ef6a2
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_i386.deb
Size/MD5 checksum: 452596 ecd7de1fd8b95c90a20e8418781c129b
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_i386.deb
Size/MD5 checksum: 251726 5d7ab853c833dbf09fecb7da82a90f1d
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_i386.deb
Size/MD5 checksum: 40666 94f82a8a5aa26e51e6cb5d8dd2b2d6d7

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_ia64.deb
Size/MD5 checksum: 48314 eced941bad1e44163b1732e7d140e47f
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_ia64.deb
Size/MD5 checksum: 268978 791e5bdfdc7ffc390156b80715c76511
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_ia64.deb
Size/MD5 checksum: 511152 6c74c5b71ae314d7332e5c717edb4a0b
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_ia64.deb
Size/MD5 checksum: 330884 e73f9cd34760e6e90705a22a082e701b
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_ia64.deb
Size/MD5 checksum: 42252 6b66dd7679be12ffe5927e6fb4fea6df

HP Precision architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_hppa.deb
Size/MD5 checksum: 46654 d8f619cfa26dde8579513f6d0b81a0f1
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_hppa.deb
Size/MD5 checksum: 230166 1321bf6e1d105ddd339b7e5557aa5719
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_hppa.deb
Size/MD5 checksum: 473080 ab55bbf0033b1b650ee927d21ce9c738
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_hppa.deb
Size/MD5 checksum: 281620 93cf9c2dfa23e2c20e8795dd62dfc1ff
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_hppa.deb
Size/MD5 checksum: 41294 6ff9f727d5da771f334f75d58e118bfe

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_m68k.deb
Size/MD5 checksum: 45238 4020963162aeba32e183855003f5282c
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_m68k.deb
Size/MD5 checksum: 193466 dd132dae95518b681b29f18dc72b5126
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_m68k.deb
Size/MD5 checksum: 442750 64ec9d1c9e3cc0bcf916b685437af60d
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_m68k.deb
Size/MD5 checksum: 234514 7a50d86d056760ff37bbd585b136df14
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_m68k.deb
Size/MD5 checksum: 40270 491986255b51eaccb5ddcece25ecc732

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_mips.deb
Size/MD5 checksum: 46118 2a6f6b1f5e1557c3ef4297ee0eabc985
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_mips.deb
Size/MD5 checksum: 252258 a21f9c0fc9c53b13b14efd641a3cb8ae
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_mips.deb
Size/MD5 checksum: 458604 30db35156ea16a19a75edfb35ad2a14d
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_mips.deb
Size/MD5 checksum: 280506 53f30322a6fc900b4f0ebc5f3d492676
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_mips.deb
Size/MD5 checksum: 40894 170ea7645a3c5543cc5caae43ad5c0a6

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_mipsel.deb
Size/MD5 checksum: 46080 43c5a8ea470cb03a0d2ef8b9933c7857
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_mipsel.deb
Size/MD5 checksum: 252690 857f1625966dbc12f508700a471ac831
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_mipsel.deb
Size/MD5 checksum: 458972 6f4c7d7ffe16f8c99ab81924da944985
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_mipsel.deb
Size/MD5 checksum: 280370 cd2a531fa482b3e48c539e2dd3561494
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_mipsel.deb
Size/MD5 checksum: 40880 a81fef82f1d0a9d7d1001e7a325fee30

PowerPC architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_powerpc.deb
Size/MD5 checksum: 47288 24f1d1ac568afd55118a1fc57f903394
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_powerpc.deb
Size/MD5 checksum: 235464 69addcbeaeeba30abe98dcb1efc1a285
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_powerpc.deb
Size/MD5 checksum: 460614 651e56b2fd88160d3a43b92aba8875eb
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_powerpc.deb
Size/MD5 checksum: 272120 17b13db9ffe5f47941db64522210a26e
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_powerpc.deb
Size/MD5 checksum: 42466 eaa2cce3db4913037c21d73e59cfed63

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_s390.deb
Size/MD5 checksum: 46240 826c2293b0729b990ee4e78f5d44d5c4
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_s390.deb
Size/MD5 checksum: 213880 b4caf3c3eec6f7261af4eaff0f764bbf
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_s390.deb
Size/MD5 checksum: 466012 2371e8d875c366fe532d447f9e4d185a
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_s390.deb
Size/MD5 checksum: 266758 7b6b6981382dccaede04ffef2f5cfea1
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_s390.deb
Size/MD5 checksum: 40886 9e4f621bc83ac85dcf2a56fa7aa59e88

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_sparc.deb
Size/MD5 checksum: 45530 a6cc6e6db7136497800635f5cd991381
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_sparc.deb
Size/MD5 checksum: 205358 8f72175e2f33bc5ab15ea5e9b5c77b91
http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_sparc.deb
Size/MD5 checksum: 454782 229cc03ccc4397b839a9545cbe6e6500
http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_sparc.deb
Size/MD5 checksum: 257914 f99730a57980cf56a28dc1ce2a74e016
http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_sparc.deb
Size/MD5 checksum: 40616 8d38793d5c79a5498f7c5e0e2f9c37fe


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show lt;pkggt;' and http://packages.debian.org/lt;pkggt;

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEh/hAW5ql+IAeqTIRAov9AKCWBpr1DJ93OkzAAblfwOJ8GI7S4gCcDCTy
ggrbN6fApkcg5Gwwqz6uQY0=
=gJ1I
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/dsa_1091_1_new_tiff_packages_fix_arbitrary_code_execution.html)