Oval Definition:oval:com.redhat.rhsa:def:20060425
Revision Date:2006-05-09Version:638
Title:RHSA-2006:0425: libtiff security update (Important)
Description:The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files.

  • An integer overflow flaw was discovered in libtiff. An attacker could create a carefully crafted TIFF file in such a way that it could cause an application linked with libtiff to crash or possibly execute arbitrary code. (CVE-2006-2025)

  • A double free flaw was discovered in libtiff. An attacker could create a carefully crafted TIFF file in such a way that it could cause an application linked with libtiff to crash or possibly execute arbitrary code. (CVE-2006-2026)

  • Several denial of service flaws were discovered in libtiff. An attacker could create a carefully crafted TIFF file in such a way that it could cause an application linked with libtiff to crash. (CVE-2006-2024, CVE-2006-2120)

    All users are advised to upgrade to these updated packages, which contain backported fixes for these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2006-2024
    CVE-2006-2025
    CVE-2006-2026
    CVE-2006-2120
    RHSA-2006:0425
    RHSA-2006:0425-01
    RHSA-2006:0425-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • libtiff-devel is earlier than 0:3.5.7-25.el3.1
  • AND libtiff-devel is signed with Red Hat master key
  • libtiff is earlier than 0:3.5.7-25.el3.1
  • AND libtiff is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • libtiff is earlier than 0:3.6.1-10
  • AND libtiff is signed with Red Hat master key
  • libtiff-devel is earlier than 0:3.6.1-10
  • AND libtiff-devel is signed with Red Hat master key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • libtiff is earlier than 0:3.5.7-25.el3.1
  • AND libtiff is signed with Red Hat master key
  • libtiff-devel is earlier than 0:3.5.7-25.el3.1
  • AND libtiff-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • libtiff is earlier than 0:3.6.1-10
  • AND libtiff is signed with Red Hat master key
  • libtiff-devel is earlier than 0:3.6.1-10
  • AND libtiff-devel is signed with Red Hat master key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • libtiff is earlier than 0:3.6.1-10
  • AND libtiff is signed with Red Hat redhatrelease2 key
  • libtiff-devel is earlier than 0:3.6.1-10
  • AND libtiff-devel is signed with Red Hat redhatrelease2 key
    • BACK