Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename.
waiting for 3.8.3 or vendor patch
another one, same version CVE-2006-2193 == SA20488 http://secunia.com/advisories/20488/ Description: gpe92 has discovered a vulnerability in LibTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerability is caused due to a boundary error within tiff2pdf when handling a TIFF file with a "DocumentName" tag that contains UTF-8 characters. This can be exploited to cause a stack-based buffer overflow and may allow arbitrary code execution. The vulnerability has been confirmed in version 3.8.2. Other versions may also be affected.
sorry for the mistake
Debian apparently fixed this with DSA-1091-1.
Created attachment 88805 [details, diff] tiffsplit patch yanked from debian
I also have a rather large patch for tiff2pdf (from upstream CVS v. 1.35, where current tiff2pdf.c from 3.8.2 corresponds to CVS v. 1.30). It fixes bug #135021, along with several other issues, some of them security-related, eg: revision 1.35 date: 2006/06/08 11:27:11; author: dron; state: Exp; lines: +226 -155 More fixes for character type safety. ---------------------------- revision 1.34 date: 2006/06/08 10:45:35; author: dron; state: Exp; lines: +8 -7 Fixed buffer overflow condition in t2p_write_pdf_string() as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1196 ---------------------------- revision 1.33 date: 2006/04/21 15:09:34; author: dron; state: Exp; lines: +92 -92 Unified line ending characters (always use '\n') as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1163 ---------------------------- revision 1.32 date: 2006/04/20 12:36:23; author: dron; state: Exp; lines: +12 -1 Properly set the binary mode for stdin stream as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1141
*** Bug 135021 has been marked as a duplicate of this bug. ***
Most distros have already issued advisories. We're late. Is someone of graphic team able to patch or bump ?
Graphics please provide an updated ebuild.
Sorry, I already fixed it (and even asked about it at the time). There were several other bugs waiting...
Thx Steve.
ppc-macos stable
GLSA 200607-03