mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-03 01:40:07 +00:00
Code Issues Projects Releases Wiki Activity
40,201 Commits 38 Branches 625 Tags
krogoth
Commit Graph

1 Commits

Author SHA1 Message Date
Yi Zhao 0ed07f2658 tiff: Security fix CVE-2016-3622 
CVE-2016-3622 libtiff: The fpAcc function in tif_predict.c in the
tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to
cause a denial of service (divide-by-zero error) via a crafted TIFF
image.

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3622
http://www.openwall.com/lists/oss-security/2016/04/07/4

Patch from:
https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286

(From OE-Core rev: 0af0466f0381a72b560f4f2852e1d19be7b6a7fb)

(From OE-Core rev: 928eadf8442cf87fb2d4159602bd732336d74bb7)

(From OE-Core rev: e2eeb68f33e671d9520afda149f5aea27ab546bd)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-05-18 13:14:21 +01:00