AWARE SYSTEMS
TIFF and LibTiff Mail List Archive

Thread

2011.03.21 16:09 "[Tiff] Thunder Decoder Vulnerability", by Frank Warmerdam
2011.04.20 19:18 "Re: [Tiff] bmp2tiff test", by Hunter1972
2011.05.20 12:59 "Re: [Tiff] Failed to allocate memory", by Thomas Ellett
[...]

2011.03.21 16:09 "[Tiff] Thunder Decoder Vulnerability", by Frank Warmerdam

Folks,

Thanks to a report from the Zero Day Initiative, there is a fix for a buffer overflow problem in libtiff's thunder decoder. Details are available at:

   http://bugzilla.maptools.org/show_bug.cgi?id=2300

The libtiff development team would like to thank Marin Barbella and TippingPoint's Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004, CVE-2011-1167).

Best regards,
--

---------------------------------------+--------------------------------------
I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush    | Geospatial Programmer for Rent