Dmitry V. Levin has reported to vendor-sec an issue with tiffdump.
The issue appears to be an integer overflow which could lead to a
There is no patch yet. More work is being done on this issue. I'll
post more information when it's available.
This issue should also affect RHEL2.1
attachment 109026 [details]
contains a demo image file to exploit this issue.
Can we get this update into RHSA-2004:698
This issue is sort of embargoed now. It's not technically private,
but it seems vendors may be willing to hold off on updates for a bit.
It seems additional work is not being done on this issue.
Created attachment 109325 [details]
Proposed patch for this issue.
Build libtiff-3.5.5-19 (RHEL-2.1) and libtiff-3.5.7-22.el3 (RHEL3)
and updated RHSA-2005:019 (!)
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.