stu1130 opened a new pull request #14623: [WIP][Dependency Update] Upgrade the libtiff to 4.0.10 URL: https://github.com/apache/incubator-mxnet/pull/14623 ## Description ## Upgrade the libtiff package to **4.0.10** due to lots of issues at 4.0.9. 1. [tif_jbig.c JBIGDecode out-of-bounds write](https://gitlab.com/libtiff/libtiff/merge_requests/38) 2. [two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c](https://gitlab.com/libtiff/libtiff/merge_requests/33/diffs?commit_id=f1b94e8a3ba49febdd3361c0214a1d1149251577) Please find more on [CVE](https://www.cvedetails.com/vulnerability-list/vendor_id-2224/Libtiff.html) ## Checklist ## ### Essentials ### - [ ] Test build with Ubuntu 14.04 - [ ] Test build with Ubuntu 16.04 ### Changes ### * gitlab didn't provide version 4.0.10 zip file so use mirror site from the [official website](http://www.libtiff.org/) ## Comments ##
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services