Yes the issue is fixed by the mentioned commit, as is to be expected. Several Linux distributions already patched their packages. I suggest you do the same.
On Mon, Aug 19, 2024 at 9:14 AM Ashish Patil via Tiff <[email protected]> wrote: > > Hello Team, > > > > I am Ashish, a developer at MathWorks. I believe in past you have worked with > some of the MathWorks developers. > > > > At MathWorks, we are currently using libTiff version 4.6.0 and have recently > encountered a third-party security issue, CVE-2024-7006. You can find more > details about the vulnerability here: CVE-2024-7006. > > We noticed that a fix has been submitted for this issue: GitLab Commit. Could > you please confirm if this fix addresses CVE-2024-7006? Additionally, could > you share the plan for releasing a new version that includes this fix? > > > > This issue is of high priority for us, as our customers have started > reporting it. We look forward to your prompt response regarding its status. > > > > Thanks & Regards, > > Ashish > > > > _______________________________________________ > Tiff mailing list > [email protected] > https://lists.osgeo.org/mailman/listinfo/tiff _______________________________________________ Tiff mailing list [email protected] https://lists.osgeo.org/mailman/listinfo/tiff
