91606 – media-libs/pdflib Vulnerabilities in included tiff

Bug 91606 - media-libs/pdflib Vulnerabilities in included tiff

Summary: media-libs/pdflib Vulnerabilities in included tiff

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All All

Importance:	High normal
Assignee:	Gentoo Security

URL:	http://bugzilla.remotesensing.org/sho...
Whiteboard:	B2? [upstream] koon
Keywords:

Depends on:
Blocks:

Reported:	2005-05-05 13:10 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified:	2005-06-06 04:37 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-05-05 13:10:49 UTC

New vulnerabilities were discovered in libtiff (bug #91584). Not sure wether this applies to our pdflib as well.

CC'ing seemant as he seems to be the most active committer (any chance you could commit a metadata.xml file?).

Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-05-11 07:26:46 UTC

Seemant please advise.

Comment 2 Thierry Carrez (RETIRED) gentoo-dev

2005-05-16 04:58:24 UTC

I asked upstream for confirmation.

Comment 3 Thierry Carrez (RETIRED) gentoo-dev

2005-05-17 00:30:15 UTC

Upstream will double-check it. If they are vulnerable, they may only fix it in
the 6.x version...

Comment 4 Thierry Carrez (RETIRED) gentoo-dev

2005-06-06 04:37:59 UTC

Upstream answer: PDFlib 5.0.4 and 6.0.1 are not affected by this problem.