
Thread
2011.03.21 16:09 "[Tiff] Thunder Decoder Vulnerability", by Frank Warmerdam
Folks,
Thanks to a report from the Zero Day Initiative, there is a fix for a buffer overflow problem in libtiff's thunder decoder. Details are available at:
http://bugzilla.maptools.org/show_bug.cgi?id=2300
The libtiff development team would like to thank Marin Barbella and TippingPoint's Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004, CVE-2011-1167).
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | Geospatial Programmer for Rent