* New 3.0.2 release of the Caml Images library
@ 2009-11-17 10:23 Pierre Weis
2009-12-17 11:55 ` [Caml-list] " Mehdi Dogguy
0 siblings, 1 reply; 2+ messages in thread
From: Pierre Weis @ 2009-11-17 10:23 UTC (permalink / raw)
To: caml-list
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 1220 bytes --]
Hi,
I'm glad to announce the availability of the 3.0.2 version of the
CamlImages library, by Jun Furuse, François Pessaux, and Pierre Weis.
This is a bug fix release.
The software home page is:
http://cristal.inria.fr/camlimages/eng.htm
Sources and documentation are available from:
http://cristal.inria.fr/camlimages/camlimages-3.0.2.tgz
ftp://ftp.inria.fr/INRIA/Projects/cristal/caml-light/bazar-ocaml/camlimages-3.0.2.tgz
Contributions and comments are welcome.
Pierre Weis & June Furuse
CamlImages is an image processing library, which provides to the
objective Caml programmer a lot of image processing functionality.
CamlImages provides to the objective Caml programmer:
** basic functions for image processing and loading/saving various image
file formats (hence providing a translation facility from format to format),
** an interface with the Caml graphics library allows to display
images in the Graphics module screen and to mix them with Caml
drawings,
** a freetype interface, integrated into the library:
you can draw texts into images using any truetype fonts,
** a set of example programs, including gif animation, slide show,
and a postscript converter to print images.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [Caml-list] New 3.0.2 release of the Caml Images library
2009-11-17 10:23 New 3.0.2 release of the Caml Images library Pierre Weis
@ 2009-12-17 11:55 ` Mehdi Dogguy
0 siblings, 0 replies; 2+ messages in thread
From: Mehdi Dogguy @ 2009-12-17 11:55 UTC (permalink / raw)
To: Pierre Weis; +Cc: caml-list
Pierre Weis wrote:
>
> This is a bug fix release.
>
There is still a security issue not fixed in this release which concerns
TIFF images. A CVE has been announced a while ago:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296
I tried to contact the authors (one month ago) but received no answer
yet. That's why I'm sending this message on the list: to let users and
packagers know about the bug.
The vulenarable file is “src/tiffread.c”. The patch is available at:
http://tinyurl.com/cve-tiff-1
and the source code of “oversized.h” is available at:
http://tinyurl.com/cve-tiff-2
These changes are applied in the Debian packages and were backported to
the stable and oldstable releases.
Best regards,
--
Mehdi Dogguy مهدي الدڤي
http://www.pps.jussieu.fr/~dogguy
Tel.: (+33).1.44.27.28.38
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-12-17 11:57 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-11-17 10:23 New 3.0.2 release of the Caml Images library Pierre Weis
2009-12-17 11:55 ` [Caml-list] " Mehdi Dogguy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox