Hi Moritz, On Thu, May 18, 2017 at 7:36 PM, Moritz Muehlenhoff <j...@debian.org> wrote: > On Sat, Dec 26, 2015 at 10:21:52PM +0100, Salvatore Bonaccorso wrote: >> Source: tiff >> Version: 4.0.5-1 >> Severity: important >> Tags: security upstream >> >> the following vulnerability was published for tiff. >> >> CVE-2015-7554[0]: >> invalid write > > I'm attaching the patch used by Red Hat for RHEL. It doesn't > seem to have been sent upstream, but seems sane. I miss the patch, did you attach it?
Cheers, Laszlo/GCS
