[SECURITY] [DLA 610-1] tiff3 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : tiff3
Version : 3.9.6-11+deb7u1
CVE ID : CVE-2010-2596 CVE-2013-1961 CVE-2014-8128
CVE-2014-8129 CVE-2014-9655 CVE-2015-1547
CVE-2015-8665 CVE-2015-8683 CVE-2016-3186
CVE-2016-3623 CVE-2016-3945 CVE-2016-3990
CVE-2016-3991 CVE-2016-5314 CVE-2016-5315
CVE-2016-5316 CVE-2016-5317 CVE-2016-5320
CVE-2016-5321 CVE-2016-5322 CVE-2016-5323
CVE-2016-5875 CVE-2016-6223
Several security vulnerabilities were discovered in tiff3, a library
providing support for the Tag Image File Format (TIFF). An attacker
could take advantage of these flaws to cause a denial-of-service
against an application using the libtiff4 or libtiffxx0c2 library
(application crash), or potentially execute arbitrary code with the
privileges of the user running the application.
For Debian 7 "Wheezy", these problems have been fixed in version
3.9.6-11+deb7u1.
We recommend that you upgrade your tiff3 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQJ8BAEBCgBmBQJXzJp9XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkEhQP/iUwZjv20sBhgPXPdJR4Iyoa
5tVOsNNj8XlCQW319wSr229bzFJO+vGRkMQ3WXIk4Spoa4/PvUa7xAun5tlHl8LL
EJ6lw0jEG9ofmci0jrNeVxfQoTj0k2mboxoMw8ERB/6N9U1o15/a5E3FzTIrY8qJ
0D77CMnMETSG1ejPVqSX5V4//9aW0Zqf9+gUCGxKKlz1cI7JFFeP9xH8TudAIOrY
8cdF9R69CmsrNfm0MdB/+Yw0F9H+JJigsgn6dbUWVtD+5Sw1GIV1GBOT4Ul/QFSQ
0rWF7s7qXL+gZUIF6LTcRttT1GAxw76yeTpYLna/bZ1HQg6C3zhFH5xGAWPp265D
BPAXWAVd1yeDUPWgwTXTZdq2aDJos2jKHVRBmdbwgB6i63l7+64SGV0MNn82LxoX
pyKpMQxsM1RDxUAD2a6+aBi/e2zdiq+HuUnuHOLvZWucwGNXdbLRWGni2XA2d0Hy
uvLhD7Kq0MsKwgTQZGRGs2WOUnr5g9TNgmGZP0AjP3gmdzmv2yVQOahcIaSPXQs2
aY5aR0gypY9DSSDiJgm3BCnWhtaLyoWL16sNqJo1QA1YEHuTny80cWbXgSKeDN8j
sclRs13DpzDG9OTYsLpb4ttBF4L5z7qU6Lf1Pj6/1OE+yzjovVwtudLPGX1gUQ4Q
6Vsf5tjDWqszYU/1tvdI
=YJpO
-----END PGP SIGNATURE-----
Reply to: