[Development] Retiring libtiff too
Richard Moore
rich at kde.org
Sat Apr 30 12:22:37 CEST 2016
On 29 April 2016 at 20:14, Allan Sandfeld Jensen <kde at carewolf.com> wrote:
> On Friday 29 April 2016, Thiago Macieira wrote:
> > See https://lists.clearlinux.org/pipermail/dev/2016-April/000290.html
> >
> > This is yet another reason we have to stop bundling third party
> components,
> > especially the image and movie formats.
> >
> > So I recommend dropping the libtiff 3rdparty component and keep the
> plugin
> > for when the system library is found. Our binaries should not include
> > libqtiff.
> Do you have any citations for these issues? TIFF is a pretty important
> format
> being the raw format of many if not most digital cameras. It also isn't a
> web
> format so the vectors of potential attacks are limited
>
Isn't commonly used on the web, and can't be used on the web are
different. Do we have code that prevents such usage? I'm not aware we even
have an API to limit the set of image format plugins that would get loaded.
Cheers
Rich.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/development/attachments/20160430/a1c83040/attachment.html>
More information about the Development
mailing list