On 9/11/24 1:39 AM, Michael Vetter via Tiff wrote:
Do I need to look for those issues on Gitlab that tracking those CVEs, run the reproducer and see whether the issue is fixed or was it somewhere documented when developing the fix?
I don't speak for everyone here, but it is my understanding that the 4.7.0 release candidates adequately address all reported CVEs.
If the CVEs were reported on Gitlab, then one could rightly assume that the Gitlab report and issue documentation will say what was done and such.
Thanks, Lee. _______________________________________________ Tiff mailing list [email protected] https://lists.osgeo.org/mailman/listinfo/tiff
