LibTiff Mailing List

• TIFF and LibTiff Mailing List Archive
• March 2011

• Previous Thread
• Next Thread

• Previous by Thread
• Next by Thread

• Previous by Date
• Next by Date

Contact

The TIFF Mailing List Homepage
Archive maintained by AWare Systems

Thread

2011.03.21 16:09 "[Tiff] Thunder Decoder Vulnerability", by Frank Warmerdam

Folks,

Thanks to a report from the Zero Day Initiative, there is a fix for a buffer overflow problem in libtiff's thunder decoder. Details are available at:

   http://bugzilla.maptools.org/show_bug.cgi?id=2300

The libtiff development team would like to thank Marin Barbella and TippingPoint's Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004, CVE-2011-1167).

Best regards,
--

---------------------------------------+--------------------------------------
I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush    | Geospatial Programmer for Rent