mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-07 16:59:22 +00:00
Code Issues Projects Releases Wiki Activity

tiff: Add fix for CVE-2022-4645

Browse Source 
Below patch fixes the CVE-2022-4645 as well.

0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch

Link: https://nvd.nist.gov/vuln/detail/CVE-2022-4645

(From OE-Core rev: d1aa26fe8170937508a4d2242001892cea84d29a)

Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Pawan Badganchi
2023-04-11 19:58:36 +05:30
committed by Steve Sakoman
parent 762c35a049
commit 25aa5dfcae
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
+3 -2
View File
@@ -23,9 +23,10 @@ This MR will close the following issues: #149, #150, #152, #168 (to be checked)
It also fixes the old bug at http://bugzilla.maptools.org/show_bug.cgi?id=2599, for which the limitation of `NumberOfInks = SPP` was introduced, which is in my opinion not necessary and does not solve the general issue.
CVE: CVE-2022-3599
Upstream-Status: Backport
CVE: CVE-2022-3599 CVE-2022-4645
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246.patch]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>
---
libtiff/tif_dir.c | 119 ++++++++++++++++++++++++-----------------
libtiff/tif_dir.h | 2 +