Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 91584 - media-libs/tiff: buffer overflow
Summary: media-libs/tiff: buffer overflow
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Gentoo Security
Whiteboard: A2 [glsa] jaervosz
Depends on:
Reported: 2005-05-05 09:32 UTC by Tavis Ormandy (RETIRED)
Modified: 2007-05-31 10:53 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

samples vulnerability patch (tiffdiffliffyiff,3.33 KB, patch)
2005-05-07 08:56 UTC, Tavis Ormandy (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tavis Ormandy (RETIRED) gentoo-dev 2005-05-05 09:32:08 UTC
libtiff is vulnerable to a buffer overflow when a malformed value is set as BitsPerSample.

Upstream has been informed:
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-05-05 09:54:29 UTC
Proposed patch by upstream attached to referenced bug.

Steve please commit an updated ebuild.
Comment 2 Tavis Ormandy (RETIRED) gentoo-dev 2005-05-05 11:05:36 UTC
upstream developer has stated that this has now been fixed in cvs. (see URL above)
Comment 3 Tavis Ormandy (RETIRED) gentoo-dev 2005-05-07 08:56:08 UTC
Created attachment 58276 [details, diff]
samples vulnerability patch

Here's the patch from cvs, the ChangeLog indicates the 1.52 revision was
incomplete, so these are the updates from 1.51-1.53.
Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-05-07 10:39:01 UTC
Steve provide an updated ebuild.
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-05-07 10:55:35 UTC
Of course should have been Steve please provide an updated ebuild.
Comment 6 Steve Arnold archtester gentoo-dev 2005-05-08 11:27:21 UTC
Now in CVS:
  +files/tiff-3.7.2-buffer_check.patch, -tiff-3.7.0.ebuild,
  -tiff-3.7.1.ebuild, +tiff-3.7.2.ebuild:
  bump, cleanup, and patch for bug 91584

The new ebuild is all ~arch with the patch; the two older stable ebuilds are not 
patched (haven't tried yet).  3.7.2 is listed on the site as both
latest stable and latest development release.
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-05-08 11:42:52 UTC
Thx Steve.

Devs please test and mark 3.7.2 stable.

alpha: kloeri
amd64: eradicator
ppc: josejx
sparc: gustavoz
x86: tester

arm hppa ia64 mips ppc64 ppc-macos s390 will be called shortly.
Comment 8 Jeremy Huddleston (RETIRED) gentoo-dev 2005-05-08 16:13:11 UTC
I'm testing for amd64 and sparc now... is this really neccessary:

pkg_postinst() {
        einfo "Latest tiff with bug #91584 fixes."
Comment 9 Gustavo Zacarias (RETIRED) gentoo-dev 2005-05-09 08:25:39 UTC
sparc done by eradicator, i'm no longer required here :)
Comment 10 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-05-10 14:46:20 UTC
GLSA 200505-07