[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27370: [PATCH] gnu: libtiff: Fix several bugs related to improper co
bug#27370: [PATCH] gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].
Thu, 15 Jun 2017 11:52:29 -0400
On Thu, Jun 15, 2017 at 10:13:43AM +0200, Ludovic Courtès wrote:
> Leo Famulari <address@hidden> skribis:
> > Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
> > the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.
> > * gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
> > * gnu/local.mk (dist_patch_DATA): Add it.
> > * gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.
> LGTM. ‘guix lint -c cve’ will keep complaining, but I guess splitting
> the patch in one patch per CVE might be hard and not worth the effort.
The long list of bugs has a single root cause and fix, so there is only
> Could you apply them to ‘core-updates’ as well?
Description: PGP signature