tiff: mark CVE-2023-30774 as patched

[1] points tu issue [2] which was fixed by [3] together with lot of
other issues.
We already have this patch, so mark CVE-2023-30774 in it.

Also split CVE tag to separate entries.

[1] https://nvd.nist.gov/vuln/detail/CVE-2023-30774
[2] https://gitlab.com/libtiff/libtiff/-/issues/463
[3] https://gitlab.com/libtiff/libtiff/-/merge_requests/385

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

diff --git a/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch b/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
index 17b37be041179d6825a05067fbdd0b9a347ca4ac..261421b399163b176f3c0f36a8598428ea4bf82e 100644 (file)
--- a/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
+++ b/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
@@ -23,7 +23,9 @@ This MR will close the following issues:  #149, #150, #152, #168 (to be checked)
 
 It also fixes the old bug at http://bugzilla.maptools.org/show_bug.cgi?id=2599, for which the limitation of `NumberOfInks = SPP` was introduced, which is in my opinion not necessary and does not solve the general issue.
 
-CVE: CVE-2022-3599 CVE-2022-4645
+CVE: CVE-2022-3599
+CVE: CVE-2022-4645
+CVE: CVE-2023-30774
 Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246.patch]
 Signed-off-by: Ross Burton <ross.burton@arm.com>
 Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>