Even Rouault

@EvenRouault
1.1K Followers
78 Following
938 Posts
Open-source geospatial software developer (GDAL, PROJ, QGIS, MapServer, ...).
Creator of https://sozip.org
My opinions reflect the ones of my employer, not necessarily mine.
Show threadEven Rouault25m ago
@bagder libtiff too, with some gems like https://gitlab.com/libtiff/libtiff/-/work_items/814
Heap buffer overflow in TIFFClientOpenExt via TOCTOU race between strlen and strcpy on caller-supplied filename (#814) · Issues · libtiff / libtiff · GitLab

Summary A time-of-check-to-time-of-use (TOCTOU) race condition in TIFFClientOpenExt() (libtiff/tif_open.c) causes a heap buffer overflow when the name argument points to a shared mutable buffer that is concurrently...

GitLab
Show threadEven Rouault14h ago
@mdsumner "The crew still want those figures in kilometers and parsec" (reply from Integrity after CapCom communitated distances in statute miles!) 😂
Show threadEven Rouault14h ago
@mdsumner A bit of poetry "We see half moon, still full moon joy"
Show threadEven Rouault15h ago
@mdsumner that, and a bit strange that multi-tens-of-billion dollar space mission relies on astronauts commenting about "brownish hues" of the albedo with their bare eyes. Next time maybe we'll get H,S,V values from a digital sensor ?
Even Rouault1d ago
Reading https://thenextweb.com/news/european-commission-breach-trivy-supply-chain , I hope the EU Commission is funding Trivy to help them to comply with the CRA... (they might, no idea)
Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU has attributed a major data breach at the European Commission to cybercrime group TeamPCP, which exploited a supply chain attack on the open-source security tool Trivy to steal 92 GB of compressed data from the Commission’s AWS infrastructure. The notorious ShinyHunters gang then published the data, which included emails and personal details from up […]

The Next Web
Show threadEven Rouault1d ago
@aljazmerzen Too much work for an easter egg. Checking image filename + dimensions is enough IMHO to be reasonably confident it is the one we expect and avoid false positives.
Show threadEven Rouault1d ago
@aljazmerzen Hack or rather... Easter Egg :-) But how could we do better ? The EXIF parameters or other metadata included in the image provided by NASA aren't enough.
Even Rouault1d ago

RE: https://mastodon.social/@gdal/116353864267753547

It is so great to have community members that take with so much serious the challenge of georeferencing the Hello World picture from Artemis II. A promise is a promise: GDAL 3.13 will add that georeferencing automatically 🥳

Even Rouault1d ago
Pourquoi est-ce que je ne peux pas m'empêcher de pouffer en codant la gestion du champ PTAS de S-101... Je vais m'habituer.. Mon quotidien est déjà rempli de BIT et PDAL.
Show threadEven Rouault2d ago
@autra @ctoney @sozip Drop (the URL to) https://data.3dbag.nl/v20250903/3dbag_nl.gpkg.zip in QGIS and enjoy (https://3dbag.nl/en/download)