Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 9 Nov 2016 20:41:09 -0600 (CST)
From: Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>
To: oss-security@...ts.openwall.com
Subject: Re: Re: CVE Request: libtiff: heap buffer overflow/read
 outside of array

On Wed, 9 Nov 2016, Ian Zimmerman wrote:

> On 2016-11-09 17:32, Brian 'geeknik' Carpenter wrote:
>
>> http://bugzilla.maptools.org/show_bug.cgi?id=2587
>> Fixed per
>>>> 2016-11-10 Even Rouault <even.rouault at spatialys.com>
>
> I tried to check out the sources to patch this for myself, following the
> recipe from the webpage:

At the moment, "the web page" should be one of:

  	http://www.simplesystems.org/libtiff/
  	http://libtiff.maptools.org/

And this is the description of how to obtain files from CVS:

export CVSROOT=:pserver:cvsanon@....maptools.org:/cvs/maptools/cvsroot
cvs login
(use empty password)
cvs checkout libtiff
to get the stable libtiff code

Bob
-- 
Bob Friesenhahn
bfriesen@...ple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ