Red Hat Bugzilla – Bug 134847
CAN-2004-0803 buffer overflows in libtiff
Last modified: 2007-11-30 17:07:04 EST
Chris Evans reported to vendor-sec multiple buffer overflows in
libtiff. These issues could potentially lead to arbitrary code
execution from a malicious tiff image.
This issue also affects RHEL2.1
This issue has been embargoed until Oct 13.
Created attachment 104851 [details]
Proposed patch for this issue.
Fixes are in 3.5.5-17 (RHEL2.1) and 3.5.7-20.1 (RHEL3)
An errata has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.