2020.04.01 18:25 "[Tiff] Question about security vulnerabilities in tiff 4.0.10", by Nalini Vishnoi
Hello Tiff team,
I am using tiff version 4.0.10 and I recently came across the following security vulnerabilities in this version:
I wanted to check if these are fixed in the latest tiff library (4.1.0). I can see at least one<https://nvd.nist.gov/vuln/detail/CVE-2019-17546> of them excludes 4.1.0.
Can you please verify if all of these vulnerabilities are fixed in 4.1.0? If not, are there plans to provide patches to fix them in the older versions?
Thanks and regards,