2008.09.01 22:04 "Re: [Tiff] Some security fixes from RHEL", by Dmitry V. Levin

On Sun, Aug 31, 2008 at 10:38:01AM -0500, Bob Friesenhahn wrote:

Honestly, I think libtiff has lots of security issues in the fact of hostile TIFF files, and I find it hard to get excited about any particular issue.

I do agree that libtiff maintenance has not historically been in knee-jerk synchronized response to reports of security exploits. Probably there has never been a release due to a security exploit.

I believe 3.7.0 was released as result of security audit.

--
ldv