This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
SECURITY: tiff
- From: "Yaakov (Cygwin/X)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps <cygwin-apps at cygwin dot com>
- Date: Sun, 03 Apr 2011 15:17:20 -0500
- Subject: SECURITY: tiff
Chuck,
Security vulnerabilities have been announced in the tiff package. The
remedy is to update to the latest 3.9.4 release AND apply the following
patches:
http://pkgs.fedoraproject.org/gitweb/?p=libtiff.git;a=blob_plain;f=libtiff-CVE-2011-0192.patch
http://pkgs.fedoraproject.org/gitweb/?p=libtiff.git;a=blob_plain;f=libtiff-CVE-2011-1167.patch
Further information:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167
Yaakov