Greetings, I am in the process of upgrading our GDAL lib to 2.2.1. The primary motive is to update the internal libtiff to 4.0.8, because of security fixes there. [ref. http://www.simplesystems.org/libtiff/v4.0.8.html]
I find that gdal-2.2.1\frmts\gtiff\libtiff\tiffvers.h is still at 4.0.7, and there are patches applied for a subset of the issues fixed in libtiff 4.0.8. Question: Have I interpreted the situation correctly? We actually don't use gtiff/libtiff for anything. To satisfy our security people, I am considering overwriting the libtiff source code with everything from 4.0.8. Jim Walseth
_______________________________________________ gdal-dev mailing list gdal-dev@lists.osgeo.org https://lists.osgeo.org/mailman/listinfo/gdal-dev
