USN-6997-2: LibTIFF vulnerability
11 September 2024
LibTIFF could be made to crash if it received specially crafted input.
Releases
Packages
- tiff - Tag Image File Format (TIFF) library
Details
USN-6997-1 fixed a vulnerability in LibTIFF. This update
provides the corresponding update for Ubuntu 14.04 LTS.
Original advisory details:
It was discovered that LibTIFF incorrectly handled memory. An attacker
could possibly use this issue to cause the application to crash, resulting
in a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04
-
libtiff-opengl
-
4.0.3-7ubuntu0.11+esm14
Available with Ubuntu Pro
-
libtiff-tools
-
4.0.3-7ubuntu0.11+esm14
Available with Ubuntu Pro
-
libtiff5
-
4.0.3-7ubuntu0.11+esm14
Available with Ubuntu Pro
-
libtiffxx5
-
4.0.3-7ubuntu0.11+esm14
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-6997-1: libtiff5, libtiff-opengl, libtiff5-dev, libtiffxx5, tiff, libtiff-tools, libtiff-dev, libtiff-doc, libtiff6, libtiffxx6