Fedora Core 9 FEDORA-2009-7335 (libtiff) Network Vulnerability

Summary

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7335.

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update libtiff' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-7335

Insight

Update Information: Fixes latest libtiff LZW decoding crash problem ChangeLog: * Wed Jul 1 2009 Tom Lane 3.8.2-13 - Fix some more LZW decoding vulnerabilities (CVE-2009-2285) Related: #507465 - Update upstream URL * Tue Aug 26 2008 Tom Lane 3.8.2-11 - Fix LZW decoding vulnerabilities (CVE-2008-2327) Related: #458674 - Use -fno-strict-aliasing per rpmdiff recommendation

References

https://bugzilla.redhat.com/show_bug.cgi?id=507465

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-2327, CVE-2009-2285

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Take action and discover your vulnerabilities