xref: /libtiff-4.0.7/HOWTO-SECURITY-RELEASE (revision 7017b048) 
197a32305SFrank WarmerdamLibTIFF Security Issue Handling
297a32305SFrank Warmerdam===============================
397a32305SFrank Warmerdam
497a32305SFrank WarmerdamLibtiff can be a significant security risk as many tools use it to read
597a32305SFrank WarmerdamTIFF files which can come from hostile sources.  Thus buffer overflows
697a32305SFrank Warmerdamand other security holes in libtiff put many users at risk.  To that end
797a32305SFrank Warmerdamwe try to deal with security problems fairly quickly and to provide advance
897a32305SFrank Warmerdamnotice to various interested parties to role out security fixes before they
997a32305SFrank Warmerdamgo out in a standard release.
1097a32305SFrank Warmerdam
1197a32305SFrank WarmerdamThis document is new and will presumably evolve.
1297a32305SFrank Warmerdam
13*7017b048SFrank Warmerdam1) The mailing list [email protected] can be used to notify folks
1497a32305SFrank Warmerdamat various linux OS distributions as well as the BSD folks about problems
15*7017b048SFrank Warmerdamin libtiff.  Make sure to prefix subject with [vs].  More info at:
16*7017b048SFrank Warmerdam
17*7017b048SFrank Warmerdam  http://oss-security.openwall.org/wiki/mailing-lists/distros
1897a32305SFrank Warmerdam
1997a32305SFrank Warmerdam... to be continued ...
20