AWARE [SYSTEMS] Imaging expertise for the Delphi developer
AWare Systems, Imaging expertise for the Delphi developer, Home TIFF and LibTiff Mailing List Archive

LibTiff Mailing List

TIFF and LibTiff Mailing List Archive
March 2011

Previous Thread
Next Thread

Previous by Thread
Next by Thread

Previous by Date
Next by Date

Contact

The TIFF Mailing List Homepage
This list is run by Frank Warmerdam
Archive maintained by AWare Systems



Valid HTML 4.01!



2011.03.21 16:09 "Thunder Decoder Vulnerability", by Frank Warmerdam

Folks,

Thanks to a report from the Zero Day Initiative, there is a fix for a
buffer overflow problem in libtiff's thunder decoder.  Details are available
at:

   http://bugzilla.maptools.org/show_bug.cgi?id=2300

The libtiff development team would like to thank Marin Barbella and
TippingPoint's Zero Day Initiative for reporting this vulnerability
(ZDI-CAN-1004, CVE-2011-1167).

Best regards,
-- 
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush    | Geospatial Programmer for Rent