Oval Definition:	oval:com.redhat.rhsa:def:20060603
Revision Date: 2008-03-20 Version: 637 Title: RHSA-2006:0603: libtiff security update (Important) Description: The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) files. Tavis Ormandy of Google discovered a number of flaws in libtiff during a security audit. An attacker could create a carefully crafted TIFF file in such a way that it was possible to cause an application linked with libtiff to crash or possibly execute arbitrary code. (CVE-2006-3459, CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463, CVE-2006-3464, CVE-2006-3465) All users are advised to upgrade to these updated packages, which contain backported fixes for these issues. Family: unix Class: patch Status: Reference(s): CVE-2006-2656 CVE-2006-3459 CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465 RHSA-2006:0603 RHSA-2006:0603-01 RHSA-2006:0603-01 Platform(s): Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 3 is installed AND libtiff-devel is earlier than 0:3.5.7-25.el3.4 AND libtiff-devel is signed with Red Hat master key libtiff is earlier than 0:3.5.7-25.el3.4 AND libtiff is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND libtiff is earlier than 0:3.6.1-12 AND libtiff is signed with Red Hat master key libtiff-devel is earlier than 0:3.6.1-12 AND libtiff-devel is signed with Red Hat master key Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 4 is installed AND libtiff is earlier than 0:3.6.1-12 AND libtiff is signed with Red Hat redhatrelease2 key libtiff-devel is earlier than 0:3.6.1-12 AND libtiff-devel is signed with Red Hat redhatrelease2 key
BACK