diff options
author | Frank Warmerdam <warmerdam@pobox.com> | 2012-03-30 16:30:34 +0000 |
---|---|---|
committer | Frank Warmerdam <warmerdam@pobox.com> | 2012-03-30 16:30:34 +0000 |
commit | 97a32305c9de378ae1d671b688e7fb6b689ee5ce (patch) | |
tree | 6775567774305a1e2a1e3d429ca337cbccb10fa7 /HOWTO-SECURITY-RELEASE | |
parent | 7e03e5ccbd4eea24f78475c7c31da154749dcbf1 (diff) | |
download | libtiff-git-97a32305c9de378ae1d671b688e7fb6b689ee5ce.tar.gz |
new
Diffstat (limited to 'HOWTO-SECURITY-RELEASE')
-rw-r--r-- | HOWTO-SECURITY-RELEASE | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/HOWTO-SECURITY-RELEASE b/HOWTO-SECURITY-RELEASE new file mode 100644 index 00000000..f8063b41 --- /dev/null +++ b/HOWTO-SECURITY-RELEASE @@ -0,0 +1,17 @@ +LibTIFF Security Issue Handling +=============================== + +Libtiff can be a significant security risk as many tools use it to read +TIFF files which can come from hostile sources. Thus buffer overflows +and other security holes in libtiff put many users at risk. To that end +we try to deal with security problems fairly quickly and to provide advance +notice to various interested parties to role out security fixes before they +go out in a standard release. + +This document is new and will presumably evolve. + +1) The mailing list distro@vs.openwall.org can be used to notify folks +at various linux OS distributions as well as the BSD folks about problems +in libtiff. + +... to be continued ... |