Users have to upgrade the operating system in order to fix the problem

Nov 17, 2012 14:49 GMT  ·  By

Canonical published details about LibTIFF vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 11.04, Ubuntu 10.04 LTS, and Ubuntu 8.04LTS operating systems.

According to Canonical, LibTIFF could be made to crash or run programs as the user's login, if it opened a specially crafted file.

It was discovered that LibTIFF incorrectly handled certain malformed images using the PixarLog compression format and that the ppm2tiff tool incorrectly handled certain malformed PPM images.

For a more detailed description of the security problems, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest libtiff5 package, specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.