AWARE SYSTEMS
TIFF and LibTiff Mail List Archive

Thread

2023.04.03 20:50 "[Tiff] Remove TIFFCROP from LibTiff", by Sulau
2023.04.04 12:59 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Even Rouault
2023.04.04 13:49 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Bob Friesenhahn
2023.04.04 14:04 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Even Rouault
2023.04.04 15:14 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Kurt Schwehr
2023.04.04 15:23 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Rob Boehne
2023.04.04 15:27 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Even Rouault
2023.04.04 15:40 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Miguel Medalha
2023.04.04 16:46 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Daniel McCoy
2023.04.04 22:47 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Kurt Schwehr
2023.04.05 19:11 "Re: [Tiff] Remove TIFFCROP from LibTiff", by Sulau
2023.04.06 19:07 "Re: [Tiff] Remove TIFFCROP from LibTiff", by Even Rouault
2023.04.07 00:05 "Re: [Tiff] Remove TIFFCROP from LibTiff", by Miguel Medalha
2023.04.07 00:20 "Re: [Tiff] Remove TIFFCROP from LibTiff", by Even Rouault
2023.04.07 13:28 "Re: [Tiff] Remove TIFFCROP from LibTiff", by Bob Friesenhahn

2023.04.04 15:14 "Re: [Tiff] Remove TIFFCROP from LibTiff + tiff2ps & tiff2pdf ?", by Kurt Schwehr

I personally exclude all the programs from my distribution of libtiff to run into fewer CVEs.

Another alternative to consider is putting a disclaimer on those tools saying that CVEs might not be fixed and use at your own risk. Many pipelines use only trusted data, so they are fine. And folks using untrusted data, should be running their pipelines in a security sandbox. Setting up sandboxes is definitely a user responsibility.