Issued:
2016-08-02
Updated:
2016-08-02

RHSA-2016:1547 - Security Advisory

Synopsis

Important: libtiff security update

Type/Severity

Security Advisory: Important

Topic

An update for libtiff is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

  • Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2016-3990, CVE-2016-5320)
  • Multiple flaws have been discovered in various libtiff tools (bmp2tiff, pal2rgb, thumbnail, tiff2bw, tiff2pdf, tiffcrop, tiffdither, tiffsplit, tiff2rgba). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2014-8127, CVE-2014-8129, CVE-2014-8130, CVE-2014-9330, CVE-2015-7554, CVE-2015-8668, CVE-2016-3632, CVE-2016-3945, CVE-2016-3991)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running applications linked against libtiff must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64

Fixes

  • BZ - 1177893 - CVE-2014-9330 libtiff: Out-of-bounds reads followed by a crash in bmp2tiff
  • BZ - 1185805 - CVE-2014-8127 libtiff: out-of-bounds read with malformed TIFF image in multiple tools
  • BZ - 1185815 - CVE-2014-8129 libtiff: out-of-bounds read/write with malformed TIFF image in tiff2pdf
  • BZ - 1185817 - CVE-2014-8130 libtiff: divide by zero in the tiffdither tool
  • BZ - 1190703 - CVE-2014-9655 libtiff: use of uninitialized memory in putcontig8bitYCbCr21tile and NeXTDecode
  • BZ - 1190709 - CVE-2015-1547 libtiff: use of uninitialized memory in NeXTDecode
  • BZ - 1294417 - CVE-2015-7554 libtiff: Invalid-write in _TIFFVGetField() when parsing some extension tags
  • BZ - 1294425 - CVE-2015-8668 libtiff: OOB read in bmp2tiff
  • BZ - 1294427 - CVE-2015-8683 libtiff: Out-of-bounds when reading CIE Lab image format files
  • BZ - 1294444 - CVE-2015-8665 libtiff: Out-of-bounds read in tif_getimage.c
  • BZ - 1301649 - CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 libtiff: invalid assertion
  • BZ - 1301652 - CVE-2015-8784 libtiff: out-of-bound write in NeXTDecode()
  • BZ - 1325093 - CVE-2016-3945 libtiff: out-of-bounds write in the tiff2rgba tool
  • BZ - 1325095 - CVE-2016-3632 libtiff: out-of-bounds write in _TIFFVGetField function
  • BZ - 1326246 - CVE-2016-3990 libtiff: out-of-bounds write in horizontalDifference8()
  • BZ - 1326249 - CVE-2016-3991 libtiff: out-of-bounds write in loadImage() function
  • BZ - 1346687 - CVE-2016-5320 libtiff: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c

CVEs

References

Red Hat Enterprise Linux Server 6

SRPM
libtiff-3.9.4-18.el6_8.src.rpm SHA-256: 01f51ba7654d9d86c29dfeb4901a2475b92019c557f40427b4198c62ecb37d06
x86_64
libtiff-3.9.4-18.el6_8.i686.rpm SHA-256: b0f900cfd24ad503ffd567e012cd0bc604bccd04e879cef075e52a3aadb81adc
libtiff-3.9.4-18.el6_8.x86_64.rpm SHA-256: 5b2cb1d62422bc905af65055fec52a38f72e57872558510b916ba8d939fbfdce
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-devel-3.9.4-18.el6_8.i686.rpm SHA-256: aa73cc54c65fb4fdd19073eda55e05e7bb7036bc804dc1de742cdd3922f831d1
libtiff-devel-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2642efecc7864cc0b3c6d7842847576c2f03817a3f0a9be99ca22f97677b1e68
libtiff-static-3.9.4-18.el6_8.x86_64.rpm SHA-256: fb99e5415bb108965f4c7518f154ab318073e4aed1b66a07ed5426b2915aab3b
i386
libtiff-3.9.4-18.el6_8.i686.rpm SHA-256: b0f900cfd24ad503ffd567e012cd0bc604bccd04e879cef075e52a3aadb81adc
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-devel-3.9.4-18.el6_8.i686.rpm SHA-256: aa73cc54c65fb4fdd19073eda55e05e7bb7036bc804dc1de742cdd3922f831d1
libtiff-static-3.9.4-18.el6_8.i686.rpm SHA-256: 75763e16196f534368225d4d06c06be58eac4643369877c46dd09ca9ee39f9cb

Red Hat Enterprise Linux Workstation 6

SRPM
libtiff-3.9.4-18.el6_8.src.rpm SHA-256: 01f51ba7654d9d86c29dfeb4901a2475b92019c557f40427b4198c62ecb37d06
x86_64
libtiff-3.9.4-18.el6_8.i686.rpm SHA-256: b0f900cfd24ad503ffd567e012cd0bc604bccd04e879cef075e52a3aadb81adc
libtiff-3.9.4-18.el6_8.x86_64.rpm SHA-256: 5b2cb1d62422bc905af65055fec52a38f72e57872558510b916ba8d939fbfdce
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-devel-3.9.4-18.el6_8.i686.rpm SHA-256: aa73cc54c65fb4fdd19073eda55e05e7bb7036bc804dc1de742cdd3922f831d1
libtiff-devel-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2642efecc7864cc0b3c6d7842847576c2f03817a3f0a9be99ca22f97677b1e68
libtiff-static-3.9.4-18.el6_8.x86_64.rpm SHA-256: fb99e5415bb108965f4c7518f154ab318073e4aed1b66a07ed5426b2915aab3b
i386
libtiff-3.9.4-18.el6_8.i686.rpm SHA-256: b0f900cfd24ad503ffd567e012cd0bc604bccd04e879cef075e52a3aadb81adc
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-devel-3.9.4-18.el6_8.i686.rpm SHA-256: aa73cc54c65fb4fdd19073eda55e05e7bb7036bc804dc1de742cdd3922f831d1
libtiff-static-3.9.4-18.el6_8.i686.rpm SHA-256: 75763e16196f534368225d4d06c06be58eac4643369877c46dd09ca9ee39f9cb

Red Hat Enterprise Linux Desktop 6

SRPM
libtiff-3.9.4-18.el6_8.src.rpm SHA-256: 01f51ba7654d9d86c29dfeb4901a2475b92019c557f40427b4198c62ecb37d06
x86_64
libtiff-3.9.4-18.el6_8.i686.rpm SHA-256: b0f900cfd24ad503ffd567e012cd0bc604bccd04e879cef075e52a3aadb81adc
libtiff-3.9.4-18.el6_8.x86_64.rpm SHA-256: 5b2cb1d62422bc905af65055fec52a38f72e57872558510b916ba8d939fbfdce
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-devel-3.9.4-18.el6_8.i686.rpm SHA-256: aa73cc54c65fb4fdd19073eda55e05e7bb7036bc804dc1de742cdd3922f831d1
libtiff-devel-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2642efecc7864cc0b3c6d7842847576c2f03817a3f0a9be99ca22f97677b1e68
libtiff-static-3.9.4-18.el6_8.x86_64.rpm SHA-256: fb99e5415bb108965f4c7518f154ab318073e4aed1b66a07ed5426b2915aab3b
i386
libtiff-3.9.4-18.el6_8.i686.rpm SHA-256: b0f900cfd24ad503ffd567e012cd0bc604bccd04e879cef075e52a3aadb81adc
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-devel-3.9.4-18.el6_8.i686.rpm SHA-256: aa73cc54c65fb4fdd19073eda55e05e7bb7036bc804dc1de742cdd3922f831d1
libtiff-static-3.9.4-18.el6_8.i686.rpm SHA-256: 75763e16196f534368225d4d06c06be58eac4643369877c46dd09ca9ee39f9cb

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
libtiff-3.9.4-18.el6_8.src.rpm SHA-256: 01f51ba7654d9d86c29dfeb4901a2475b92019c557f40427b4198c62ecb37d06
s390x
libtiff-3.9.4-18.el6_8.s390.rpm SHA-256: 089b9a0a8dbb2d582155c794c75edd29970fe52bae0b4cf8180d89e4bbd408ee
libtiff-3.9.4-18.el6_8.s390x.rpm SHA-256: 4bbdf6ca62c102d442c461019a710b00fcf3ab4e47ce2e8cc8df23cc91962ef8
libtiff-debuginfo-3.9.4-18.el6_8.s390.rpm SHA-256: 5522f40b8e06d97e5c3264d4da13434b456dc67031689075d5a5714679194ae9
libtiff-debuginfo-3.9.4-18.el6_8.s390x.rpm SHA-256: 8323901150f1f892089e9f44db84acd1eb5f839441496ee4df71b4a1d82e2257
libtiff-debuginfo-3.9.4-18.el6_8.s390x.rpm SHA-256: 8323901150f1f892089e9f44db84acd1eb5f839441496ee4df71b4a1d82e2257
libtiff-devel-3.9.4-18.el6_8.s390.rpm SHA-256: e8b4650115a237d05c5206c4c2e9ee25ba75fefa4efe376dd6e41acf20d91455
libtiff-devel-3.9.4-18.el6_8.s390x.rpm SHA-256: 5bd63a1d0b9f94d796abfbd2b91d831c4a12e4c71bd975dd26cfc575e2d0bd3b
libtiff-static-3.9.4-18.el6_8.s390x.rpm SHA-256: 5aae6ce013de8ebc11ea03ac2685f7a5a3ec8f61e64d3c0db1d44a922f5ebd65

Red Hat Enterprise Linux for Power, big endian 6

SRPM
libtiff-3.9.4-18.el6_8.src.rpm SHA-256: 01f51ba7654d9d86c29dfeb4901a2475b92019c557f40427b4198c62ecb37d06
ppc64
libtiff-3.9.4-18.el6_8.ppc.rpm SHA-256: 672edf0159917b513b502f5ac9fc2d806551f87d514ed10193108e138883d117
libtiff-3.9.4-18.el6_8.ppc64.rpm SHA-256: 4b123def1d5c0caac7fd474d5e1e13f2567224955a5e85b3b38bc50e418ac589
libtiff-debuginfo-3.9.4-18.el6_8.ppc.rpm SHA-256: 3928b1111d6381a4b7ecf67e683e25bf195f7c41aaedf34fa574ff1cb433386f
libtiff-debuginfo-3.9.4-18.el6_8.ppc64.rpm SHA-256: 4ca1ed81d7a380737f27f24ff64ac14d4c86bd88853844882f16794e97fac005
libtiff-debuginfo-3.9.4-18.el6_8.ppc64.rpm SHA-256: 4ca1ed81d7a380737f27f24ff64ac14d4c86bd88853844882f16794e97fac005
libtiff-devel-3.9.4-18.el6_8.ppc.rpm SHA-256: 41c57785fed0505162e350fa7bddc123abc6ba7c47653424be786507c422885c
libtiff-devel-3.9.4-18.el6_8.ppc64.rpm SHA-256: f96e5733b171b915441124c6292377cc7aabbfcde6afec14f0ecd4c20cc0cf41
libtiff-static-3.9.4-18.el6_8.ppc64.rpm SHA-256: 12550d587b045e044a62394df207401fbdbf2c54f24484a9ac3c4be2b0cfbd24

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
libtiff-3.9.4-18.el6_8.src.rpm SHA-256: 01f51ba7654d9d86c29dfeb4901a2475b92019c557f40427b4198c62ecb37d06
x86_64
libtiff-3.9.4-18.el6_8.i686.rpm SHA-256: b0f900cfd24ad503ffd567e012cd0bc604bccd04e879cef075e52a3aadb81adc
libtiff-3.9.4-18.el6_8.x86_64.rpm SHA-256: 5b2cb1d62422bc905af65055fec52a38f72e57872558510b916ba8d939fbfdce
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.i686.rpm SHA-256: 11c1014448cc970f15064659223e59323dd51cf278e9d27c94a6fe1e50858f32
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2571fec54c626161ba3519f329aa4c6a1cc8e7dcd84c7e235b6c67859c6b40a5
libtiff-devel-3.9.4-18.el6_8.i686.rpm SHA-256: aa73cc54c65fb4fdd19073eda55e05e7bb7036bc804dc1de742cdd3922f831d1
libtiff-devel-3.9.4-18.el6_8.x86_64.rpm SHA-256: 2642efecc7864cc0b3c6d7842847576c2f03817a3f0a9be99ca22f97677b1e68
libtiff-static-3.9.4-18.el6_8.x86_64.rpm SHA-256: fb99e5415bb108965f4c7518f154ab318073e4aed1b66a07ed5426b2915aab3b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.