On Sun, 1 May 2016 12:48:00 +0930 Simon Lees <[email protected]> said: > > > On 05/01/2016 10:34 AM, Carsten Haitzler (The Rasterman) wrote: > > On Fri, 29 Apr 2016 18:56:19 -0700 Cedric BAIL <[email protected]> said: > > > >> cedric pushed a commit to branch master. > >> > >> http://git.enlightenment.org/core/efl.git/commit/?id=b8860c88f52c7ea3576f88f9399b777646975bd5 > >> > >> commit b8860c88f52c7ea3576f88f9399b777646975bd5 > >> Author: Cedric Bail <[email protected]> > >> Date: Fri Apr 29 14:22:01 2016 -0700 > >> > >> tiff: disable by default as it is full of CVE with apparently no chance > >> to get them fixed. > >> This can still be manually turned on if you need it. > > > > the evas tiff loader or libtiff itself? i am not sure disabling by default > > is a good idea regardless of cve's ... > > > > Links to CVE's would also be useful, if there just silly ones related to > corrupt images (DOS) then most users probably don't care having said > that efl could get around all those issues by moving the tiff loader > into evas_generic_loaders (similar to the librsvg loader). If someone > can create a tiff image that lets them read parts of my memory then > thats a bigger issue.
yeah... so what cve's. a list please. :) > >> --- > >> configure.ac | 2 +- > >> 1 file changed, 1 insertion(+), 1 deletion(-) > >> > >> diff --git a/configure.ac b/configure.ac > >> index 2d38a43..deafdd8 100644 > >> --- a/configure.ac > >> +++ b/configure.ac > >> @@ -2008,7 +2008,7 @@ ARG_ENABLE_EVAS_IMAGE_LOADER(PMAPS, static) > >> ARG_ENABLE_EVAS_IMAGE_LOADER(PNG, static) > >> ARG_ENABLE_EVAS_IMAGE_LOADER(PSD, static) > >> ARG_ENABLE_EVAS_IMAGE_LOADER(Tga, static) > >> -ARG_ENABLE_EVAS_IMAGE_LOADER(Tiff, yes) > >> +ARG_ENABLE_EVAS_IMAGE_LOADER(Tiff, no) > >> ARG_ENABLE_EVAS_IMAGE_LOADER(WBMP, static) > >> ARG_ENABLE_EVAS_IMAGE_LOADER(WEBP, no) > >> ARG_ENABLE_EVAS_IMAGE_LOADER(XPM, static) > >> > >> -- > >> > >> > > > > > > -- > > Simon Lees (Simotek) http://simotek.net > > Emergency Update Team keybase.io/simotek > SUSE Linux Adeliade Australia, UTC+9:30 > GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B > -- ------------- Codito, ergo sum - "I code, therefore I am" -------------- The Rasterman (Carsten Haitzler) [email protected] ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ enlightenment-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
