Tavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity. By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application’s privileges.
This library is used in many client and server applications, thus you should reboot your computer after the upgrade to ensure that all running programs use the new version of the library.
3 August 2006
A security issue affects these releases of Ubuntu and its derivatives:
Tavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity. By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application’s privileges.
This library is used in many client and server applications, thus you should reboot your computer after the upgrade to ensure that all running programs use the new version of the library.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to reboot your computer to effect the necessary changes.
Vulmon