Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG][UNIX] #461

Open
mariamarutunian opened this issue Jul 9, 2024 · 0 comments
Open

[BUG][UNIX] #461

mariamarutunian opened this issue Jul 9, 2024 · 0 comments
Assignees
@chris20
Labels
bug? reported as bug; triage pending

Comments

@mariamarutunian
Copy link

Summary

A vulnerability identified as CVE-2013-4244 was discovered and fixed in libtiff. However, related file isn't updated in the POV-Ray project.

POV-Ray Version

  • Affected build version: < 3.7.0.10

Details
It was fixed on libtiff with the following commit: vadz/libtiff@ce6841d which amended 'process' function in tools/gif2tiff.c file.
The POV-Ray project contains an identical 'process' function in libraries/tiff/tools/gif2tiff.c file, which has not been updated.

References

Report Origin
The bug is reported by a tool developed at CAST.
@mariamarutunian mariamarutunian added the bug? reported as bug; triage pending label Jul 9, 2024
@chris20 chris20 self-assigned this Nov 10, 2024
@wfpokorny wfpokorny mentioned this issue Nov 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chris20 chris20

Labels
bug? reported as bug; triage pending
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chris20 @mariamarutunian