new

author: Frank Warmerdam <warmerdam@pobox.com> 2012-03-30 16:30:34 +0000
committer: Frank Warmerdam <warmerdam@pobox.com> 2012-03-30 16:30:34 +0000
commit: 97a32305c9de378ae1d671b688e7fb6b689ee5ce (patch)
tree: 6775567774305a1e2a1e3d429ca337cbccb10fa7 /HOWTO-SECURITY-RELEASE
parent: 7e03e5ccbd4eea24f78475c7c31da154749dcbf1 (diff)
download: libtiff-git-97a32305c9de378ae1d671b688e7fb6b689ee5ce.tar.gz
1 files changed, 17 insertions, 0 deletions
diff --git a/HOWTO-SECURITY-RELEASE b/HOWTO-SECURITY-RELEASE
new file mode 100644
index 00000000..f8063b41
--- /dev/null
+++ b/HOWTO-SECURITY-RELEASE
@@ -0,0 +1,17 @@
+LibTIFF Security Issue Handling
+===============================
+
+Libtiff can be a significant security risk as many tools use it to read
+TIFF files which can come from hostile sources.  Thus buffer overflows
+and other security holes in libtiff put many users at risk.  To that end
+we try to deal with security problems fairly quickly and to provide advance
+notice to various interested parties to role out security fixes before they
+go out in a standard release. 
+
+This document is new and will presumably evolve.
+
+1) The mailing list distro@vs.openwall.org can be used to notify folks
+at various linux OS distributions as well as the BSD folks about problems
+in libtiff. 
+
+... to be continued ...
author	Frank Warmerdam <warmerdam@pobox.com>	2012-03-30 16:30:34 +0000
committer	Frank Warmerdam <warmerdam@pobox.com>	2012-03-30 16:30:34 +0000
commit	97a32305c9de378ae1d671b688e7fb6b689ee5ce (patch)
tree	6775567774305a1e2a1e3d429ca337cbccb10fa7 /HOWTO-SECURITY-RELEASE
parent	7e03e5ccbd4eea24f78475c7c31da154749dcbf1 (diff)
download	libtiff-git-97a32305c9de378ae1d671b688e7fb6b689ee5ce.tar.gz