Hi,
After the bad experience of those “security” patches flying around, I
would like to establish a clear process to deal with such stuff.
I think security issues are real and should be addressed. And I prefer
to address by myself, so you would know who to blame if anything fails.
The
Marti,
It is nice to see that you are being super-secure regarding lcms
patches, but this seems a bit pointless given the way that lcms is
currently distributed from a 'blind' web site
(http://www.littlecms.com/downloads.htm) with no way to verify that a
distribution package is current and
Am 19.04.09, 12:12 -0500 schrieb Bob Friesenhahn:
I extracted lcms-1.18a.tar.gz and notice that there are no
documentation updates and that the package extracts as lcms-1.18
rather than lcms-1.18a. The only way to tell that there has been an
update is that src/cmsxform.c is more recent than
Ok, I will adopt the 1.18.2 naming convention for the next
update, and modify the NEWS file as well.
Regarding being more secure... well, this is color management
and not a security package, so probably Bob is right and all
this effort may be pointless. What do you think? Giving a MD5
message
On Sun, 19 Apr 2009, marti.ma...@littlecms.com wrote:
Regarding being more secure... well, this is color management
and not a security package, so probably Bob is right and all
this effort may be pointless. What do you think? Giving a MD5
message digest would help? Do we need anything else?
On Sunday 19 April 2009 01:09:27 pm Bob Friesenhahn wrote:
On Sun, 19 Apr 2009, marti.ma...@littlecms.com wrote:
Regarding being more secure... well, this is color management
and not a security package, so probably Bob is right and all
this effort may be pointless. What do you think? Giving
