Re: please approve tiff-3.7.2-3 (fix to CAN-2005-1544)

To: Jay Berkenbilt <qjb@debian.org>
Cc: debian-release@lists.debian.org
Subject: Re: please approve tiff-3.7.2-3 (fix to CAN-2005-1544)
From: Steve Langasek <vorlon@debian.org>
Date: Thu, 19 May 2005 23:37:47 -0700
Message-id: <[🔎] 20050520063747.GJ5158@mauritius.dodds.net>
Mail-followup-to: Jay Berkenbilt <qjb@debian.org>, debian-release@lists.debian.org
In-reply-to: <[🔎] 20050519112035.0830211537.qww314159@localhost.localdomain>
References: <[🔎] 20050519112035.0830211537.qww314159@localhost.localdomain>

On Thu, May 19, 2005 at 11:20:35AM -0400, Jay Berkenbilt wrote:

> Please approve tiff-3.7.2-3 for sarge which fixes a security bug (RC
> bug 309739, CAN-2005-1544).  Details including patch and analysis
> below.  Executive summary: libtiff failed to validate input based on
> samples per pixel; retrieved fix from upstream, applied, and tested.
> I've attached two patches: one with -w so that it's easier to read for
> analysis, and the real one that has insignificant changes in
> surrounding text because of indentation.  I will be leaving for my
> vacation in a few hours and most likely won't have email access again
> for several days.  Thanks.

Approved -- have a good vacation. :)

Ugh, did upstream really mix whitespace changes with a security fix?

Thanks,
-- 
Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- please approve tiff-3.7.2-3 (fix to CAN-2005-1544)
  - From: Jay Berkenbilt <qjb@debian.org>

Prev by Date: Re: Please consider rcs 5.7-15 for sarge
Next by Date: Re: Bug#291274: openswan in sarge
Previous by thread: please approve tiff-3.7.2-3 (fix to CAN-2005-1544)
Next by thread: zynaddsubfx 2.2.1-2
Index(es):
- Date
- Thread