Ubuntu
tiff package

When do you plan to release the fix to vulnerabilities to Xenial Xerus?

Asked by Ricardo Serrano on 2016-11-19

Good day.

The vulnerabilities discovered in libtiff seem to have been fixed in libtiff 4.0.6-3 but there haven't been a release or a workaround to fix the vulnerabilities for the stable version. The stable version is even behind the 4.0.6-2. This is a security vulnerability, shouldn't it be pushed back? What can I do to protect my security in this case?

Question information

Language:: English Edit question

Status:: Answered

For:: Ubuntu tiff Edit question

Assignee:: No assignee Edit question

Last query:: 2016-11-19

Last reply:: 2016-11-20

Link existing bug

Revision history for this message

Manfred Hampl (m-hampl) said on 2016-11-19:

#1

The problems are already known, see https://people.canonical.com/~ubuntu-security/cve/pkg/tiff.html

Revision history for this message

actionparsnip (andrew-woodhead666) said on 2016-11-20:

#2

It will come in time. It's this kind of thing that gets packages upgraded.

Can you help with this problem?

Provide an answer of your own, or ask Ricardo Serrano for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

Subscribers