tiff: CVE patch correction for CVE-2023-3576

- The commit [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37] fixes CVE-2023-3576 - Hence, renamed the CVE-2023-3618-1.patch to CVE-2023-3576.patch - Reference: https://security-tracker.debian.org/tracker/CVE-2023-3576 https://security-tracker.debian.org/tracker/CVE-2023-3618 (From OE-Core rev: 56088368bdd22a939b813c7aefd5ba475c6d4021) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-06-03 01:40:07 +00:00 · 2023-10-31 09:57:34 +05:30
parent facedadb5c
commit 5e9e6627ac
3 changed files with 4 additions and 3 deletions
@@ -4,8 +4,9 @@ Date: Tue, 7 Mar 2023 15:02:08 +0800
 Subject: [PATCH] Fix memory leak in tiffcrop.c

 Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37]
-CVE: CVE-2023-3618
+CVE: CVE-2023-3576
 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
 ---
 tools/tiffcrop.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
@@ -43,8 +43,8 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
           file://CVE-2023-26966.patch \
           file://CVE-2023-2908.patch \
           file://CVE-2023-3316.patch \
-           file://CVE-2023-3618-1.patch \
-           file://CVE-2023-3618-2.patch \
+           file://CVE-2023-3576.patch \
+           file://CVE-2023-3618.patch \
          "
 SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424"
 SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634"