Upstream appears to have a fix for this problem. I will test and
prepare new packages tonight.
--
Jay Berkenbilt [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: tiff
Severity: important
Tags: security
Hi,
3.8.0 seems to have introduced two regressions that have DoS potential:
| The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0
| allows remote attackers to cause a denial of service (application
| crash) via a crafted TIFF image
Moritz Muehlenhoff [EMAIL PROTECTED] wrote:
Package: tiff
Severity: important
Tags: security
Hi,
3.8.0 seems to have introduced two regressions that have DoS potential:
| The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0
| allows remote attackers to cause a denial of
Moritz Muehlenhoff [EMAIL PROTECTED] wrote:
3.8.0 seems to have introduced two regressions that have DoS potential:
| The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0
| allows remote attackers to cause a denial of service (application
| crash) via a crafted TIFF image that
4 matches
Mail list logo