[gentoo-announce] [ GLSA 200410-11 ] tiff: Buffer overflows in image decoding - gentoo-announce

From:	Thierry Carrez <koon@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200410-11 ] tiff: Buffer overflows in image decoding
Date:	Wed, 13 Oct 2004 14:49:00
Message-Id:	`416D3F79.9080402@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200410-11

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: tiff: Buffer overflows in image decoding

9

      Date: October 13, 2004

10

        ID: 200410-11

11

12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

13

14

Synopsis

15

========

16

17

Multiple heap-based overflows have been found in the tiff library image

18

decoding routines, potentially allowing to execute arbitrary code with

19

the rights of the user viewing a malicious image.

20

21

Background

22

==========

23

24

The tiff library contains encoding and decoding routines for the Tag

25

Image File Format. It is called by numerous programs, including GNOME

26

and KDE, to help in displaying TIFF images. xv is a multi-format image

27

manipulation utility that is statically linked to the tiff library.

28

29

Affected packages

30

=================

31

32

    -------------------------------------------------------------------

33

     Package          /   Vulnerable   /                    Unaffected

34

    -------------------------------------------------------------------

35

  1  media-libs/tiff      < 3.6.1-r2                       >= 3.6.1-r2

36

  2  media-gfx/xv         <= 3.10a-r7                      >= 3.10a-r8

37

    -------------------------------------------------------------------

38

     2 affected packages on all of their supported architectures.

39

    -------------------------------------------------------------------

40

41

Description

42

===========

43

44

Chris Evans found heap-based overflows in RLE decoding routines in

45

tif_next.c, tif_thunder.c and potentially tif_luv.c.

46

47

Impact

48

======

49

50

A remote attacker could entice a user to view a carefully crafted TIFF

51

image file, which would potentially lead to execution of arbitrary code

52

with the rights of the user viewing the image. This affects any program

53

that makes use of the tiff library, including GNOME and KDE web

54

browsers or mail readers.

55

56

Workaround

57

==========

58

59

There is no known workaround at this time.

60

61

Resolution

62

==========

63

64

All tiff library users should upgrade to the latest version:

65

66

    # emerge sync

67

68

    # emerge -pv ">=media-libs/tiff-3.6.1-r2"

69

    # emerge ">=media-libs/tiff-3.6.1-r2"

70

71

xv makes use of the tiff library and needs to be recompiled to receive

72

the new patched version of the library. All xv users should also

73

upgrade to the latest version:

74

75

    # emerge sync

76

77

    # emerge -pv ">=media-gfx/xv-3.10a-r8"

78

    # emerge ">=media-gfx/xv-3.10a-r8"

79

80

References

81

==========

82

83

  [ 1 ] CAN-2004-0803

84

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803

85

86

Availability

87

============

88

89

This GLSA and any updates to it are available for viewing at

90

the Gentoo Security Website:

91

92

  http://security.gentoo.org/glsa/glsa-200410-11.xml

93

94

Concerns?

95

=========

96

97

Security is a primary focus of Gentoo Linux and ensuring the

98

confidentiality and security of our users machines is of utmost

99

importance to us. Any security concerns should be addressed to

100

security@g.o or alternatively, you may file a bug at

101

http://bugs.gentoo.org.

102

103

License

104

=======

105

106

Copyright 2004 Gentoo Foundation, Inc; referenced text

107

belongs to its owner(s).

108

109

The contents of this document are licensed under the

110

Creative Commons - Attribution / Share Alike license.

111

112

http://creativecommons.org/licenses/by-sa/1.0

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200410-11
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: tiff: Buffer overflows in image decoding
9	Date: October 13, 2004
10	ID: 200410-11
11
12	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
13
14	Synopsis
15	========
16
17	Multiple heap-based overflows have been found in the tiff library image
18	decoding routines, potentially allowing to execute arbitrary code with
19	the rights of the user viewing a malicious image.
20
21	Background
22	==========
23
24	The tiff library contains encoding and decoding routines for the Tag
25	Image File Format. It is called by numerous programs, including GNOME
26	and KDE, to help in displaying TIFF images. xv is a multi-format image
27	manipulation utility that is statically linked to the tiff library.
28
29	Affected packages
30	=================
31
32	-------------------------------------------------------------------
33	Package / Vulnerable / Unaffected
34	-------------------------------------------------------------------
35	1 media-libs/tiff < 3.6.1-r2 >= 3.6.1-r2
36	2 media-gfx/xv <= 3.10a-r7 >= 3.10a-r8
37	-------------------------------------------------------------------
38	2 affected packages on all of their supported architectures.
39	-------------------------------------------------------------------
40
41	Description
42	===========
43
44	Chris Evans found heap-based overflows in RLE decoding routines in
45	tif_next.c, tif_thunder.c and potentially tif_luv.c.
46
47	Impact
48	======
49
50	A remote attacker could entice a user to view a carefully crafted TIFF
51	image file, which would potentially lead to execution of arbitrary code
52	with the rights of the user viewing the image. This affects any program
53	that makes use of the tiff library, including GNOME and KDE web
54	browsers or mail readers.
55
56	Workaround
57	==========
58
59	There is no known workaround at this time.
60
61	Resolution
62	==========
63
64	All tiff library users should upgrade to the latest version:
65
66	# emerge sync
67
68	# emerge -pv ">=media-libs/tiff-3.6.1-r2"
69	# emerge ">=media-libs/tiff-3.6.1-r2"
70
71	xv makes use of the tiff library and needs to be recompiled to receive
72	the new patched version of the library. All xv users should also
73	upgrade to the latest version:
74
75	# emerge sync
76
77	# emerge -pv ">=media-gfx/xv-3.10a-r8"
78	# emerge ">=media-gfx/xv-3.10a-r8"
79
80	References
81	==========
82
83	[ 1 ] CAN-2004-0803
84	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
85
86	Availability
87	============
88
89	This GLSA and any updates to it are available for viewing at
90	the Gentoo Security Website:
91
92	http://security.gentoo.org/glsa/glsa-200410-11.xml
93
94	Concerns?
95	=========
96
97	Security is a primary focus of Gentoo Linux and ensuring the
98	confidentiality and security of our users machines is of utmost
99	importance to us. Any security concerns should be addressed to
100	security@g.o or alternatively, you may file a bug at
101	http://bugs.gentoo.org.
102
103	License
104	=======
105
106	Copyright 2004 Gentoo Foundation, Inc; referenced text
107	belongs to its owner(s).
108
109	The contents of this document are licensed under the
110	Creative Commons - Attribution / Share Alike license.
111
112	http://creativecommons.org/licenses/by-sa/1.0