Gentoo Security Advisory GLSA 201209-02 (tiff) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201209-02.

Solution

All libTIFF 4.0 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/tiff-4.0.2-r1' All libTIFF 3.9 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/tiff-3.9.5-r2' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-02 http://bugs.gentoo.org/show_bug.cgi?id=307001 http://bugs.gentoo.org/show_bug.cgi?id=324885 http://bugs.gentoo.org/show_bug.cgi?id=357271 http://bugs.gentoo.org/show_bug.cgi?id=359871 http://bugs.gentoo.org/show_bug.cgi?id=371308 http://bugs.gentoo.org/show_bug.cgi?id=410931 http://bugs.gentoo.org/show_bug.cgi?id=422673 http://bugs.gentoo.org/show_bug.cgi?id=427166

Insight

Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service.

Severity

Classification

Related Vulnerabilities

Gentoo Security Advisory GLSA 200409-13 (lha)
Gentoo Security Advisory GLSA 200408-21 (cacti)
Gentoo Security Advisory GLSA 200406-13 (squid)
Gentoo Security Advisory GLSA 200403-14 (app-admin/monit)
Gentoo Security Advisory GLSA 200402-02 (200402-02)

Take action and discover your vulnerabilities