From 97a32305c9de378ae1d671b688e7fb6b689ee5ce Mon Sep 17 00:00:00 2001 From: Frank Warmerdam Date: Fri, 30 Mar 2012 16:30:34 +0000 Subject: [PATCH] new --- HOWTO-SECURITY-RELEASE | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 HOWTO-SECURITY-RELEASE diff --git a/HOWTO-SECURITY-RELEASE b/HOWTO-SECURITY-RELEASE new file mode 100644 index 00000000..f8063b41 --- /dev/null +++ b/HOWTO-SECURITY-RELEASE @@ -0,0 +1,17 @@ +LibTIFF Security Issue Handling +=============================== + +Libtiff can be a significant security risk as many tools use it to read +TIFF files which can come from hostile sources. Thus buffer overflows +and other security holes in libtiff put many users at risk. To that end +we try to deal with security problems fairly quickly and to provide advance +notice to various interested parties to role out security fixes before they +go out in a standard release. + +This document is new and will presumably evolve. + +1) The mailing list distro@vs.openwall.org can be used to notify folks +at various linux OS distributions as well as the BSD folks about problems +in libtiff. + +... to be continued ...