And thank you, Kurt.
On Fri, Nov 4, 2022 at 4:10 PM Kurt Schwehr wrote:
> Hi Ellen,
>
> A side note: (I'm pretty sure I've shared this in the past, but I can't
> remember where)
>
> I use libtiff from head for Google. That way...
>
> - can report any troubles right away back to the
Hi Ellen,
A side note: (I'm pretty sure I've shared this in the past, but I can't
remember where)
I use libtiff from head for Google. That way...
- can report any troubles right away back to the maintainers and reports
and patches are easier
- usually ahead of the CVE game. CVEs have not
Hi Su and libtiff folks,
We just received a slew of 16 libtiff CVEs reported to us by a large customer
- this is in addition to CVE-2022-3570 I previously wrote about. I see most of
these CVEs are fixed in the libtiff master branch but not yet in an official
release.
I have two questions: