[v2.3] Multiple vulnerabilities in tiff < 4.0.3 allows remote code execution
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564
Solution:
- Upgrade to 4.0.3
or
- Patches:
https://bugzilla.redhat.com/attachment.cgi?id=616925
https://bugzilla.redhat.com/attachment.cgi?id=635949
(from redmine: issue id 1504, created on 2012-12-05, closed on 2012-12-17)
- Changesets:
- Revision 45d40c0a by Natanael Copa on 2012-12-10T16:46:24Z:
main/tiff: upgrade to 3.9.7 and fix CVE-2012-4447,CVE-2012-4564
fixes #1504