Debian Information for VU#687568

LibTIFF contains multiple integer overflows

Status

Unknown. If you are the vendor named above, please contact us to update your status.

Vendor Statement

Debian GNU/Linux was vulnerable to these problems. The update has been part of DSA 567-1 which was released on October 15th.

For the stable distribution (woody) these problems have been fixed in version 3.5.5-6woody1.

For the unstable distribution (sid) these problems have been fixed in version 3.6.1-2.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.