LibTiff Mailing List

TIFF and LibTiff Mailing List Archive
December 2010

Previous Thread
Next Thread

Previous by Thread
Next by Thread

Previous by Date
Next by Date

The TIFF Mailing List Homepage
This list is run by Frank Warmerdam
Archive maintained by AWare Systems

Thread

2010.12.06 16:32 "Security vulnerability CVE-2010-3847", by <imipak@gmail.com>

2010.12.06 18:44 "Re: Security vulnerability CVE-2010-3847", by Lee Howard

2010.12.06 20:09 "Re: Security vulnerability CVE-2010-3847", by Tom Lane

2010.12.08 01:19 "Re: Security vulnerability CVE-2010-3847", by Lee Howard

2010.12.07 16:07 "Re: Security vulnerability CVE-2010-3847", by <imipak@gmail.com>

2010.12.07 16:07 "Re: Security vulnerability CVE-2010-3847", by <imipak@gmail.com>

Hi Lee,


On 6 December 2010 18:44, Lee Howard <faxguy@howardsilvan.com> wrote:
> imipak wrote:
>>
>> I notice that Mandriva and SuSE have released updates for their
>> libtiff packages to fix for CVE-2010-3087, but there doesn't seem to
>> be any sign of it in the changelog for 3.9.4 (or, indeed, earlier>>
>> releases.)
[...]
>>
>> Is there any ETA for a fix on the main source tree?
>
>
>  The various
> distros are using Tom Lane's patch on...
>
> http://bugzilla.maptools.org/show_bug.cgi?id=2140
>
> ... as a resolution to CVE-2010-3087.


I think this patch solves our problem. Thanks for the swift response!

cheers

-i

-- 
  wake up the past
    and tell it to stay away
_______________________________________________
Tiff mailing list: Tiff@lists.maptools.org
http://lists.maptools.org/mailman/listinfo/tiff
http://www.remotesensing.org/libtiff/