AWARE [SYSTEMS]
AWare Systems, , Home TIFF and LibTiff Mailing List Archive

LibTiff Mailing List

TIFF and LibTiff Mailing List Archive
April 2012

Previous Thread
Next Thread

Previous by Thread
Next by Thread

Previous by Date
Next by Date

Contact

The TIFF Mailing List Homepage
Archive maintained by AWare Systems



New Datamatrix section



Valid HTML 4.01!



Thread

2012.04.06 16:52 "Security Fix", by Frank Warmerdam
2012.04.09 13:09 "Re: Security Fix", by Christopher Cameron
2012.04.09 17:19 "Re: Security Fix", by Frank Warmerdam

2012.04.06 16:52 "Security Fix", by Frank Warmerdam

Folks,

There has been an overflow problem reported with libtiff that could
represent a security compromise when operating on potentially hostile
files in an unsafe context.  A fix is applied in 3.9 branch and CVS HEAD.
They are also available in the ticket if someone wants to apply them.

Some distributions pushed the fix out already this week:

  http://bugzilla.maptools.org/show_bug.cgi?id=2369

Best regards,
-- 
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush    | Geospatial Software Developer