=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN209
_____________________________________________________________________

DATE                      : 16/06/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Libtiff versions prior to 3.9.3.

======================================================================
http://www.asmail.be/msg0054965410.html
http://www.remotesensing.org/libtiff/v3.9.3.html
______________________________________________________________________


Libtiff 3.9.3 is now released.  This releases fixes various bugs which
which were reported via libtiff Bugzilla as well as some security
issues.

Please visit http://www.remotesensing.org/libtiff/v3.9.3.html to read
about the release, or to download the software.

Thanks,

Bob
-- 
Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/
_____________________________________________________________________

TIFF CHANGE INFORMATION

      Current Version: v3.9.3
      Previous Version: v3.9.2
      Master FTP Site: ftp.remotesensing.org, directory pub/libtiff
      Master HTTP Site: http://www.remotesensing.org/libtiff

This document describes the changes made to the software between the
previous and current versions (see above). If you don't find something
listed here, then it was not done in this timeframe, or it was not considered
important enough to be mentioned. The following information is located here:

    * Major Changes
    * Changes in the software configuration
    * Changes in libtiff
    * Changes in the tools
    * Changes in the contrib area

MAJOR CHANGES:

    * Fixes for CVE-2010-1411.
    * Various reported bug fixes.

CHANGES IN THE SOFTWARE CONFIGURATION:

    * libtool is updated to version 2.2.10.

CHANGES IN LIBTIFF:

    * Fix a couple of issues that trigger failures in some cases when using
TIFFReadScanline() with JPEG compressed subsampled ycbcr images.
http://bugzilla.maptools.org/show_bug.cgi?id=1936
    * Ensure tile and scanline sizes are reset when moving to new
directories. http://bugzilla.maptools.org/show_bug.cgi?id=1936
    * Do not generate a JPEGTables tag when creating the JPEG TIFF
as is is not required in order to prevent it from being unused and
filled with invalid data. (Leave it to be generated by later activity.)
http://bugzilla.maptools.org/show_bug.cgi?id=2135
    * Don't return error on badly-terminated MMR strips.
http://bugzilla.maptools.org/show_bug.cgi?id=2029
    * Have TIFFTAG_REFERENCEBLACKWHITE always print 6 floats instead
of 2*SamplesPerPixel. http://bugzilla.maptools.org/show_bug.cgi?id=2186
    * Ensure that JPEG quality is always set in JPEGPreEncode(),
not just when we want to output local tables. Otherwise the quality
used during compression may not be right and might not match the
tables in the tables tag. This bug only occurs when seeking between
directories in the midst of writing blocks.
http://trac.osgeo.org/gdal/ticket/3539
    * OJPEG: Report an error and avoid a crash if the input file is
so broken that the strip offsets are not defined.
    * Eliminate FAX3 decoder buffer overrun possibility (CVE-2010-1411).
    * Restore ReferenceBlackWhite as a non-custom field. This
avoids a multi-thread reentrancy problem as well as fixing output
of wrong tag value due to redundant definitions for the same tag in
the tiffFieldInfo[] array. Resolves http://bugzilla.maptools.org/show_bug.cgi?id=2185

CHANGES IN THE TOOLS:

    * tiff2pdf: Write the JPEG SOI headers into the TIFF strip data rather than
skipping them. This fixes the ability to view in Acrobat Reader, Evince, and
Ghostscript. http://bugzilla.maptools.org/show_bug.cgi?id=2135
    * ppm2tiff: While case for parsing comment line requires extra parenthesis
to work as expected. Reported by Thomas Sinclair.
    * tiffcp: add a new option -x to force merged tiff file PAGENUMBER value
in sequence for users who care the page sequence, this will also prevent
tiff2pdf from creating pdf file from the merged tiff file with wrong page sequence.
    * tiffcp: Applied Tom Lane's patch to reject YCbCr subsampled data since
tiffcp currently doesn't support it. http://bugzilla.maptools.org/show_bug.cgi?id=2097

CHANGES IN THE CONTRIB AREA:

    * None

Last updated $Date: 2010-06-11 22:08:01 $.



======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================