Activity for osdj
-
osdj modified a comment on ticket #767
Thank you for your quick response, Bob. You are correct about the version discrepancy — my analysis was based on the GitHub mirror (github.com/GraphicsMagick/GraphicsMagick), which shows libtiff 4.0.3. I should have verified against the official Mercurial source. I've now checked the timeline: CVE-2024-7006 was published 2024-08-12 libtiff 4.7.0 (released 2024-09-11) includes the fix libtiff 4.5.1 (released 2023-06-10) does NOT include the fix So the default/head branch (libtiff 4.7.1) should be...
-
Thank you for your quick response, Bob. You are correct about the version discrepancy — my analysis was based on the GitHub mirror (github.com/GraphicsMagick/GraphicsMagick), which shows libtiff 4.0.3. I should have verified against the official Mercurial source. I've now checked the timeline: CVE-2024-7006 was published 2024-08-12 libtiff 4.7.0 (released 2024-09-11) includes the fix libtiff 4.5.1 (released 2023-06-10) does NOT include the fix So the default/head branch (libtiff 4.7.1) should be...
-
Owner is bfriesen(Bob Friesenhahn)
-
CVE-2024-7006: NULL pointer dereference in bundled libtiff (tif_dirread.c)
1
