]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f2383a2) | patch
tiff: fix CVE-2023-6228
authorYogita Urade <yogita.urade@windriver.com>
Thu, 18 Jan 2024 05:52:29 +0000 (05:52 +0000)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sun, 21 Jan 2024 12:27:09 +0000 (12:27 +0000)
commit55735e0d75820d59e569a630679f9ac403c7fdbe
treecf5c1d3e1fdd78d2c6a967a6d5ca6eda6bb33476tree
parentf2383a2bff3eb756740ecaf48147bea89303e443commit | diff
tiff: fix CVE-2023-6228

CVE-2023-6228:
An issue was found in the tiffcp utility distributed by the
libtiff package where a crafted TIFF file on processing may
cause a heap-based buffer overflow leads to an application
crash.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-6228
https://gitlab.com/libtiff/libtiff/-/issues/606

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib