☰LibTiff Mailing List Archive

2008.08.29 22:53 "[Tiff] Some security fixes from RHEL", by Even Rouault

2008.08.30 02:08 "Re: [Tiff] Some security fixes from RHEL", by Tom Lane
- 2008.09.01 22:18 "Re: [Tiff] libtiff security", by Dmitry V. Levin
2008.08.31 15:17 "Re: [Tiff] Some security fixes from RHEL", by Frank Warmerdam
- 2008.08.31 15:38 "Re: [Tiff] Some security fixes from RHEL", by Bob Friesenhahn
2008.09.03 08:03 "Re: [Tiff] Some security fixes from RHEL", by Andrey Kiselev
- 2008.09.04 20:48 "Re: [Tiff] beta2 release - lfind() problem on Win64", by Edward Lam
  - 2008.09.05 06:18 "Re: [Tiff] beta2 release - lfind() problem on Win64", by Andrey Kiselev
    - 2008.09.04 20:06 "[Tiff] tiffsplit.c broken on Windows in trunk", by Edward Lam
      - 2008.09.04 20:41 "Re: [Tiff] tiffsplit.c broken on Windows in trunk", by Toby Thain
        2008.09.04 21:13 "Re: [Tiff] tiffsplit.c broken on Windows in trunk", by Edward Lam
      - 2008.09.05 06:42 "[Tiff] Re: tiffsplit.c broken on Windows in trunk", by Andrey Kiselev
    - 2008.09.05 13:09 "Re: [Tiff] beta2 release - lfind() problem on Win64", by Edward Lam
2008.09.03 21:01 "Re: [Tiff] Some security fixes from RHEL", by Lee Howard
- 2008.09.03 18:13 "Re: [Tiff] Some security fixes from RHEL", by Lee Howard
  - 2008.09.03 18:43 "Re: [Tiff] Some security fixes from RHEL", by Bob Friesenhahn
  - 2008.09.03 20:47 "Re: [Tiff] Some security fixes from RHEL", by Edward Lam
2008.09.03 21:59 "Re: [Tiff] Some security fixes from RHEL", by Even Rouault

2008.09.03 08:14 "Re: [Tiff] Some security fixes from RHEL", by Andrey Kiselev

On Wed, Sep 03, 2008 at 01:19:44AM +0930, Ron wrote:

A list of people who should receive embargoed reports for comment seems like a useful thing to have instead of leaving individuals here as a single 'point of failure' when patches from security auditors need to be reviewed

Ron,

That is a good idea. I just added the following paragraph to our "Bugs" page:

"If you'd like to inform us about some kind of security issue that should not be disclosed for a period of time, then you can contact maintainers directly. Send a copies of your report to the following people: Frank Warmerdam <warmerdam@pobox.com>, Andrey Kiselev <dron@ak4719.spb.edu>."

Lee, feel free to add yourself to the list if you'd like.

Best regards,

Andrey

--
Andrey V. Kiselev
ICQ# 26871517