From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: Re: Libtiff buffer overflow fix
Date: Sat, 12 Nov 2016 11:05:57 -0500
Message-ID: <20161112160557.GA18215@jasmine>
References: <20161110232827.GA5592@jasmine>
 <878tsq7gk4.fsf@openmailbox.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="vtzGhvizbBRQ85DL"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49896)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1c5aod-00013y-Gn
	for guix-devel@gnu.org; Sat, 12 Nov 2016 11:06:04 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1c5aoY-000567-Sx
	for guix-devel@gnu.org; Sat, 12 Nov 2016 11:06:03 -0500
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:45232)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <leo@famulari.name>) id 1c5aoY-00055z-OY
	for guix-devel@gnu.org; Sat, 12 Nov 2016 11:05:58 -0500
Content-Disposition: inline
In-Reply-To: <878tsq7gk4.fsf@openmailbox.org>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Kei Kebreau <kei@openmailbox.org>
Cc: guix-devel@gnu.org


--vtzGhvizbBRQ85DL
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Nov 11, 2016 at 12:04:43AM -0500, Kei Kebreau wrote:
> Leo Famulari <leo@famulari.name> writes:
>=20
> > This patch fixes a buffer overflow in libtiff:
> >
> > http://bugzilla.maptools.org/show_bug.cgi?id=3D2587
> > http://seclists.org/oss-sec/2016/q4/381
> >
> > There is no CVE ID assigned yet.
>=20
> LGTM!

Pushed with the recently assigned ID, CVE-2016-9273.

--vtzGhvizbBRQ85DL
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYJz3lAAoJECZG+jC6yn8ISsQQAJSSUbmsw/fq/gCS69UVs6RW
/bdsZPq1Gq/mGTeNxv65KanW/GhmwaWBPI+EbKTdlEvBATWzT+86gckn3BkZ9TfL
zImQW2BvUtlhkPFz2PFi4DLH1ebqcsTGqXAj7OQJOnqdTEO3/8qCgkDlpM34Ckgc
wq1A7tiElNyvIb94DcFVOFf/qAll5pm1sFs2YowlVkVpyhZ3u0MLUhZkmoYgI0qt
mV1ka8w4SsEkQQS3EXqxJmx/BvR5rBrt8UhhHCRDKjGVxQI3nNj6qGMkdmXVsjAn
J/pTLDh8qEHAcS7iFZhIb+gOY5siXpi5XYz0WOa/E7SuMb4tE3yi8mNb4DJYHSo9
vY6DUP0ztGBjoc78yIk5MnK84GrRvNQ/pFIRbj7cDZssS3akORdpwzNnPy2tq8A1
1uRoDfs4wONJWyii6RRi2ifW8nXuBNIOs4ji7o8yJkMylkWL7kgdgKZHiFoWHyGv
GhaVohhuuxEH3ioGJ4P7Fg0WNmo+4c7cVwAJtnxBVxNCVM6w3baZkcqinZRat37S
UYaaIpCWf/p+l/0VplPfgziX7BLOu4F+T5yZySJVDQ3sZoyGoN+Wks41FAZ0or+D
lnRlY834AqoBSZ4FgZLakpbpYAHYsNomE+dzGlgzz+vm/4UvWz/qkxm53mfvD4ts
rJKnHo8TC1qHUr4uCifK
=CSsa
-----END PGP SIGNATURE-----

--vtzGhvizbBRQ85DL--