From Mageia wiki
MGASA-2012-0317
| Date: | October 29th, 2012 |
| Affected releases: | 1, 2 |
Description:
Updated libtiff packages fix security vulnerability:
It was discovered that a buffer overflow in libtiff's parsing of files
using PixarLog compression could lead to the execution of arbitrary
code (CVE-2012-4447).
Updated Packages:
Mageia 1:
lib(64)tiff3-3.9.5-1.6.mga1
lib(64)tiff-devel-3.9.5-1.6.mga1
lib(64)tiff-static-devel-3.9.5-1.6.mga1
libtiff-progs-3.9.5-1.6.mga1
Mageia 2:
lib(64)tiff5-4.0.1-2.3.mga2
lib(64)tiff-devel-4.0.1-2.3.mga2
lib(64)tiff-static-devel-4.0.1-2.3.mga2
libtiff-progs-4.0.1-2.3.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
http://www.debian.org/security/2012/dsa-2561
https://bugs.mageia.org/show_bug.cgi?id=7885
