Important Security Update Error

NoOp glgxg at sbcglobal.net
Sun Jul 26 21:30:36 UTC 2009


On 07/26/2009 02:03 PM, John Graddy wrote:
> I have been out of town for a while, and, when I returned, I had a 
> lot of system updates waiting for me.  When I tried to install the 
> updates, one of them (labeled as an "Important Security Update" got 
> the following error message:
> 
> W: Failed to fetch 
> http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.8.2-11ubuntu0.9.04.1_i386.deb
>
>
> 
404 Not Found
> 
> Is this something that I should worry about?  Unfortunately, the 
> Update Manager keeps coming back to try to install this failed 
> update.  Can I stop this from happening?

Looking, I find:
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/?C=N;O=A
	libtiff4_3.8.2-11ubuntu0.9.04.3_i386.deb
but no libtiff4_3.8.2-11ubuntu0.9.04.1_i386
so I can only guess that it was removed at some point.

Yep:
http://packages.ubuntu.com/jaunty/libtiff4
https://launchpad.net/ubuntu/+source/tiff
> 
> 3.8.2-11ubuntu0.9.04.3
> Published in jaunty-updates on 2009-07-13
> Published in jaunty-security on 2009-07-13
> 
> tiff (3.8.2-11ubuntu0.9.04.3) jaunty-security; urgency=low
> 
>   * SECURITY UPDATE: arbitrary code execution via integer overflows in
>     tiff2rgba and rgb2ycbcr
>     - debian/patches/CVE-2009-2347.patch: check for integer overflows in
>       tools/rgb2ycbcr.c and tools/tiff2rgba.c.
>     - CVE-2009-2347
> 
>  -- Marc Deslauriers <email address hidden>   Mon, 13 Jul 2009 08:51:22 -0400
> 
> Available diffs
> 
>     * 3.8.2-11ubuntu0.9.04.2 to 3.8.2-11ubuntu0.9.04.3 (2.1 KiB)
> 

Try downloading and installing libtiff4_3.8.2-11ubuntu0.9.04.3_i386.deb
instead. You can download it from
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/ go to Nautilus,
double-click and install.






More information about the ubuntu-users mailing list