]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0584d01) | patch
tiff: fix CVE-2023-6228
authorYogita Urade <yogita.urade@windriver.com>
Thu, 18 Jan 2024 05:52:29 +0000 (05:52 +0000)
committerSteve Sakoman <steve@sakoman.com>
Wed, 14 Feb 2024 16:58:48 +0000 (06:58 -1000)
commitfe0ee74a236cd7523f8982c5699098e6b75d2b20
treec02adecf5657491f9a74402109447d709dbe72cetree | snapshot
parent0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3commit | diff
tiff: fix CVE-2023-6228

CVE-2023-6228:
An issue was found in the tiffcp utility distributed by the
libtiff package where a crafted TIFF file on processing may
cause a heap-based buffer overflow leads to an application
crash.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-6228
https://gitlab.com/libtiff/libtiff/-/issues/606

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 55735e0d75820d59e569a630679f9ac403c7fdbe)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core