oss-sec mailing list archives
libtiff CVE assignments
From: Josh Bressers <bressers () redhat com>
Date: Tue, 12 Apr 2011 16:47:11 -0400 (EDT)
I've assigned two CVE ids for some things fixed in the 3.9.5 libtiff release. http://www.remotesensing.org/libtiff/v3.9.5.html libtiff/tif_ojpeg.c: fix buffer overflow on problem data http://bugzilla.maptools.org/show_bug.cgi?id=1999 CVE-2009-5022 tools/tiffdump.c: Avoid integer overflows computing the buffer size for large directories. As per bug http://bugzilla.maptools.org/show_bug.cgi?id=2218 CVE-2010-4665 Thanks. -- JB
Current thread:
- libtiff CVE assignments Josh Bressers (Apr 12)