English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Ubuntu update for tiff


Secunia ID

SA51491

CVE-ID

CVE-2012-5581

Release Date

06 Dec 2012

Criticality

Moderately Critical

Solution Status

Vendor Patch

Where

From remote

Impact
System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

Description

Ubuntu has issued an update for tiff. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

For more information see vulnerability #3 in:
SA49938

Solution

Apply updated packages.

-- Ubuntu 12.04 LTS --
https://launchpad.net/ubuntu/+source/tiff/3.9.5-2ubuntu1.4

-- Ubuntu 11.04 --
https://launchpad.net/ubuntu/+source/tiff/3.9.5-1ubuntu1.5

-- Ubuntu 10.04 LTS --
https://launchpad.net/ubuntu/+source/tiff/3.9.2-2ubuntu0.12

-- Ubuntu 8.04 LTS --
https://launchpad.net/ubuntu/+source/tiff/3.8.2-7ubuntu3.16

Original Advisory

USN-1655-1:
http://www.ubuntu.com/usn/usn-1655-1/