Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

NetBSD Information for VU#125598

Date Notified:2005-01-11
Date Updated:
Statement Date:
Status Summary:Not Vulnerable

Vendor Statement

NetBSD does not include libtiff in the Operating System release.

It is available as a third-party package in the pkgsrc system, and was updated to 3.7.1 when the release first became public. A number of graphical programs and desktop environments in pkgsrc depend on libtiff, and so it may well have been installed as part of building another package.

Known vulnerabilities in third-party pkgsrc packages are published in the pkg-vulnerabilities database. NetBSD recommends that users check installed packages against this database regularly using the tools in the security/audit-packages package.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information