On Thu, May 18, 2017 at 09:09:11PM +0200, Salvatore Bonaccorso wrote:
> Hi,
>
> On Thu, May 18, 2017 at 08:12:50PM +0200, László Böszörményi (GCS) wrote:
> > Hi Moritz,
> >
> > On Thu, May 18, 2017 at 7:36 PM, Moritz Muehlenhoff <j...@debian.org> wrote:
> > > On Sat, Dec 26, 2015 at 10:21:52PM +0100, Salvatore Bonaccorso wrote:
> > >> Source: tiff
> > >> Version: 4.0.5-1
> > >> Severity: important
> > >> Tags: security upstream
> > >>
> > >> the following vulnerability was published for tiff.
> > >>
> > >> CVE-2015-7554[0]:
> > >> invalid write
> > >
> > > I'm attaching the patch used by Red Hat for RHEL. It doesn't
> > > seem to have been sent upstream, but seems sane.
> > I miss the patch, did you attach it?
>
> This one should basically correspond:
Ack that's the correct patch, sorry.
Cheers,
Moritz
