Slackware: 2013-290-01: libtiff Security Update

October 18, 2013

New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues

Summary

Here are the details from the Slackware 14.0 ChangeLog: patches/packages/libtiff-3.9.7-i486-1_slack14.0.txz: Upgraded. Patched overflows, crashes, and out of bounds writes. Thanks to mancha for the backported patches. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/libtiff-3.9.7-i486-1_slack12.1.tgz
Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/libtiff-3.9.7-i486-1_slack12.2.tgz
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/libtiff-3.9.7-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/libtiff-3.9.7-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/libtiff-3.9.7-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/libtiff-3.9.7-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/libtiff-3.9.7-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/libtiff-3.9.7-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libtiff-3.9.7-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libtiff-3.9.7-x86_64-1_slack14.0.txz
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 12.1 package: 4119dd6983587cc822c926b87cabdda8 libtiff-3.9.7-i486-1_slack12.1.tgz
Slackware 12.2 package: 97736443343ba31c3d041eef3560b4ae libtiff-3.9.7-i486-1_slack12.2.tgz
Slackware 13.0 package: cff78f2b00f74132a47a4e16ede860c9 libtiff-3.9.7-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: de4d32b50320fc281e735c25f1556450 libtiff-3.9.7-x86_64-1_slack13.0.txz
Slackware 13.1 package: eacdd28fc4c28f3fb557f63bc8b91ceb libtiff-3.9.7-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: d09b713720b2405b46f275dbeb0cb44f libtiff-3.9.7-x86_64-1_slack13.1.txz
Slackware 13.37 package: 89bee8ce291da41be1b094820d339f36 libtiff-3.9.7-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: ff80be9f6782f5abd15fc8f61453671f libtiff-3.9.7-x86_64-1_slack13.37.txz
Slackware 14.0 package: b46e7c734d91c5f244f29ddaf4e63575 libtiff-3.9.7-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 8f191ca18a44da5f0dbab9eefba93db6 libtiff-3.9.7-x86_64-1_slack14.0.txz
Slackware -current package: 68f02cadea225a0f1d1e085842bc9f43 l/libtiff-3.9.7-i486-1.txz
Slackware x86_64 -current package: 77b0fa68c52be40b5d9a1037a8925f70 l/libtiff-3.9.7-x86_64-1.txz