Hi again,
yes a rc4 was needed. It consists of, compared to rc3:
- reverting the JBIG rc3 change that seems to introduce a new
vulnerability: https://gitlab.com/libtiff/libtiff/-/merge_requests/914
- revert the rc3 change related to byte-swapping that apparently causes
some legit images to be incorrectly decoded:
https://gitlab.com/libtiff/libtiff/-/merge_requests/915 . Side effect is
that bug https://gitlab.com/libtiff/libtiff/-/work_items/795 will be
re-opened. Good luck to anyone trying to fix it without causing
regressions :-)
- a minor rst formatting fix:
https://gitlab.com/libtiff/libtiff/-/merge_requests/913
New RC tarballs at:
- https://download.osgeo.org/libtiff/tiff-4.7.2rc4.tar.gz
- https://download.osgeo.org/libtiff/tiff-4.7.2rc4.tar.xz
- https://download.osgeo.org/libtiff/tiff-4.7.2rc4.zip
I let another PSC member raise the motion to adopt it, as it seems my
attempts at doing so don't bring favorable fate :-)
(despite the frustration of having to iterate on this release, thanks to
all those who have tested it and reported. Given the unusual amount of
activity since last release, and our known to be quite partial test
suite, it is quite expected we hit regressions)
Even
--
http://www.spatialys.com
My software is free, but my time generally not.
LLMs contribute to global warming and brain rot
_______________________________________________
Tiff mailing list
[email protected]
https://lists.osgeo.org/mailman/listinfo/tiff
