Hello, I am a developer at MathWorks, Inc and currently I am looking into some CVEs which originate from the LibTIFF library. Here are the NIST links to the CVEs: https://nvd.nist.gov/vuln/detail/CVE-2022-0562 https://nvd.nist.gov/vuln/detail/CVE-2022-0561
However, I see that the fixes for these CVEs have already been submitted to the master branch: https://gitlab.com/libtiff/libtiff/-/issues/362 Are there plans of scheduling a LibTiff release with these fixes? This information will help us to decide whether we want to patch the library on our end or wait for the release. Thanks, Abhi Baruah The MathWorks, Inc.
_______________________________________________ Tiff mailing list [email protected] https://lists.osgeo.org/mailman/listinfo/tiff
