next release?

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

next release?

Wall, Stephen
Hi, any chance of a 4.0.8 release soon, to fix these?

CVE-2017-7592 through CVE-2017-7602
CVE-2017-5225


Thanks.
_______________________________________________
Tiff mailing list: [hidden email]
http://lists.maptools.org/mailman/listinfo/tiff
http://www.remotesensing.org/libtiff/
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: next release?

Bob Friesenhahn
On Tue, 2 May 2017, Wall, Stephen wrote:

> Hi, any chance of a 4.0.8 release soon, to fix these?
>
> CVE-2017-7592 through CVE-2017-7602
> CVE-2017-5225

I have been away on vacation.  I will find time to make another
release if the consensus is that the CVS version is good.

Bob
--
Bob Friesenhahn
[hidden email], http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/
_______________________________________________
Tiff mailing list: [hidden email]
http://lists.maptools.org/mailman/listinfo/tiff
http://www.remotesensing.org/libtiff/
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: next release?

Even Rouault-2

On mardi 16 mai 2017 17:34:24 CEST Bob Friesenhahn wrote:

> On Tue, 2 May 2017, Wall, Stephen wrote:

> > Hi, any chance of a 4.0.8 release soon, to fix these?

> >

> > CVE-2017-7592 through CVE-2017-7602

> > CVE-2017-5225

>

> I have been away on vacation. I will find time to make another

> release if the consensus is that the CVS version is good.

 

Bob,

 

I'm seeing functional regressions in CHUNKY_STRIP_READ_SUPPORT mode due to my latest changes in that area. I'm on it. Should hopefully be fixed soon.

 

Even

 

--

Spatialys - Geospatial professional services

http://www.spatialys.com


_______________________________________________
Tiff mailing list: [hidden email]
http://lists.maptools.org/mailman/listinfo/tiff
http://www.remotesensing.org/libtiff/
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: next release?

Even Rouault-2

On mercredi 17 mai 2017 11:11:04 CEST Even Rouault wrote:

> On mardi 16 mai 2017 17:34:24 CEST Bob Friesenhahn wrote:

> > On Tue, 2 May 2017, Wall, Stephen wrote:

> > > Hi, any chance of a 4.0.8 release soon, to fix these?

> > >

> > > CVE-2017-7592 through CVE-2017-7602

> > > CVE-2017-5225

> >

> > I have been away on vacation. I will find time to make another

> > release if the consensus is that the CVS version is good.

>

> Bob,

>

> I'm seeing functional regressions in CHUNKY_STRIP_READ_SUPPORT mode due to

> my latest changes in that area. I'm on it. Should hopefully be fixed soon.

 

Fixed now.

 

FYI libtiff is indirectly tested through Google OSS Fuzz program

(https://github.com/google/oss-fuzz) since GDAL is now part of it and I've configured it with its internal libtiff copy (which I keep in sync with libtiff CVS head each time I commit into CVS)

 

Even

 

--

Spatialys - Geospatial professional services

http://www.spatialys.com


_______________________________________________
Tiff mailing list: [hidden email]
http://lists.maptools.org/mailman/listinfo/tiff
http://www.remotesensing.org/libtiff/
Loading...