AWARE [SYSTEMS]
AWare Systems, , Home TIFF and LibTiff Mailing List Archive

LibTiff Mailing List

TIFF and LibTiff Mailing List Archive
December 2010

Previous Thread
Next Thread

Previous by Thread
Next by Thread

Previous by Date
Next by Date

Contact

The TIFF Mailing List Homepage
Archive maintained by AWare Systems



New Datamatrix section



Valid HTML 4.01!



Thread

2010.12.06 16:32 "Security vulnerability CVE-2010-3847", by <imipak@gmail.com>
2010.12.06 18:44 "Re: Security vulnerability CVE-2010-3847", by Lee Howard
2010.12.06 20:09 "Re: Security vulnerability CVE-2010-3847", by Tom Lane
2010.12.08 01:19 "Re: Security vulnerability CVE-2010-3847", by Lee Howard
2010.12.07 16:07 "Re: Security vulnerability CVE-2010-3847", by <imipak@gmail.com>

2010.12.07 16:07 "Re: Security vulnerability CVE-2010-3847", by <imipak@gmail.com>

Hi Lee,


On 6 December 2010 18:44, Lee Howard <faxguy@howardsilvan.com> wrote:
> imipak wrote:
>>
>> I notice that Mandriva and SuSE have released updates for their
>> libtiff packages to fix for CVE-2010-3087, but there doesn't seem to
>> be any sign of it in the changelog for 3.9.4 (or, indeed, earlier>>
>> releases.)
[...]
>>
>> Is there any ETA for a fix on the main source tree?
>
>
>  The various
> distros are using Tom Lane's patch on...
>
> http://bugzilla.maptools.org/show_bug.cgi?id=2140
>
> ... as a resolution to CVE-2010-3087.


I think this patch solves our problem. Thanks for the swift response!

cheers

-i

-- 
  wake up the past
    and tell it to stay away
_______________________________________________
Tiff mailing list: Tiff@lists.maptools.org
http://lists.maptools.org/mailman/listinfo/tiff
http://www.remotesensing.org/libtiff/