I have committed an update to pkgsrc of 4.4.0. We have a database of CVEs and what versions they apply to. With 4.4.0 and me adjusting the entries to limit many of them to <4.4.0, only one CVE remains in the database.
As far as I can tell this one is not resolved, but I didn't try the POC: https://nvd.nist.gov/vuln/detail/CVE-2018-10126 http://bugzilla.maptools.org/show_bug.cgi?id=2786 https://gitlab.com/libtiff/libtiff/-/issues/128
signature.asc
Description: PGP signature
_______________________________________________ Tiff mailing list [email protected] https://lists.osgeo.org/mailman/listinfo/tiff
