On Thu, May 19, 2005 at 11:20:35AM -0400, Jay Berkenbilt wrote: > Please approve tiff-3.7.2-3 for sarge which fixes a security bug (RC > bug 309739, CAN-2005-1544). Details including patch and analysis > below. Executive summary: libtiff failed to validate input based on > samples per pixel; retrieved fix from upstream, applied, and tested. > I've attached two patches: one with -w so that it's easier to read for > analysis, and the real one that has insignificant changes in > surrounding text because of indentation. I will be leaving for my > vacation in a few hours and most likely won't have email access again > for several days. Thanks. Approved -- have a good vacation. :) Ugh, did upstream really mix whitespace changes with a security fix? Thanks, -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature