libtiff 4.0.3 in thirdparty has 50 security vulnerabilities #4193
Labels
Comments
13 tasks
|
I made a crude attempt at merging opentoonz's 64-bit-support changes into libtiff 4.3.0 and then merging all the security fixes back in here, but I am not familiar with either opentoonz or libtiff, so I wouldn't trust this. :( |
|
There's a very special reason why opentoonz uses libtiff 4.0.3, I tried to fix it myself, but ultimately gave up seeing it as a futile effort. @RodneyBaker and @shun-iwasawa could give better description about the issues surrounding using libtiff 4.0.3 and why this project is stuck with it until further notice. |
|
Looks like v4.4.0 is the current available release (with various 64bit related changes AKA BigTIFF). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Opentoonz includes libtiff 4.0.3 in thirdparty/. libtiff 4.0.3 is affected by 50 currently known security vulnerabilites.
(See also #3864 and #4119)
The text was updated successfully, but these errors were encountered: