Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-79397

Apply fixes to libtiff for security issues discovered in version 4.0.10

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: P1: Critical
    • Resolution: Done
    • Affects Version/s: 5.12.5, 5.13.1
    • Fix Version/s: 5.13.2, 5.14.0 RC1
    • Component/s: Image formats
    • Labels:
      None
    • Commits:
      9fe1f2e918d39031852805f1add23125c061d3c3 (qt/qtimageformats/5.13.2)

      Description

      Two CVEs have recently been raised for libtiff version 4.0.10, which is what we ship with Qt 5.12 and 5.13.

      Patches are available for both of them, but there is no stable libtiff release yet. If there is no stable release made available in time for the next 5.12 and 5.13 releases, then we need to cherry-pick those changes; otherwise, we need to upgrade.

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            vgt Eirik Aavitsland
            Reporter:
            vhilshei Volker Hilsheimer
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes