oss-security - Re: CVE Request: libtiff: heap buffer overflow/read outside of array

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date: Wed, 9 Nov 2016 18:01:51 -0800
From: Ian Zimmerman <itz@...mate.net>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: libtiff: heap buffer overflow/read outside of array

On 2016-11-09 17:32, Brian 'geeknik' Carpenter wrote:

> http://bugzilla.maptools.org/show_bug.cgi?id=2587
> Fixed per
> >> 2016-11-10 Even Rouault <even.rouault at spatialys.com>

I tried to check out the sources to patch this for myself, following the
recipe from the webpage:

 [2+0]Downloads$ export CVSROOT=:pserver:anonymous@...otesensing.org:/cvsroot
 [3+0]Downloads$ cvs login
Logging in to :pserver:anonymous@...otesensing.org:2401/cvsroot
CVS password: # use password "anonymous" 
cvs [login aborted]: connect to remotesensing.org(23.236.62.147):
2401 failed: Connection timed out

Is there another/better way?

-- 
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_ and sign
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.