☰LibTiff Mailing List Archive

2020.08.16 13:51 "[Tiff] Disable Old JPEG in libtiff by default!", by Bob Friesenhahn

2020.08.16 14:27 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by John
- 2020.08.16 15:44 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Bob Friesenhahn
2020.08.16 14:41 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Toby Thain
- 2020.08.16 15:49 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Bob Friesenhahn
  - 2020.08.16 15:59 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Roger Leigh
2020.08.16 15:02 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Leonard Rosenthol
- 2020.08.16 15:50 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Bob Friesenhahn
2020.08.16 15:52 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Even Rouault
- 2020.08.16 16:02 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by Bob Friesenhahn

2020.08.16 14:27 "Re: [Tiff] Disable Old JPEG in libtiff by default!", by John

The libtiff configure script enables support for reading old JPEG by default. I propose that the libtiff default should be to disable support for old JPEG.

I still come across old-style JPEG images occasionally, perhaps once a year. It would be annoying if I had to rebuild software to be able to process them.

You're right that there are security implications, though libtiff is fuzzed so heavily now that I think the risk is small.

John