mirror of
https://git.yoctoproject.org/poky
synced 2026-06-01 00:59:48 +00:00
Mingli Yu
863bfa81af
* tools/tiffcrop.c: fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16 overflow. External References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9538 Patch from: https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f (From OE-Core rev: 9af5d5ea882c853e4cb15006f990d3814eeea9ae) (From OE-Core rev: 33cad1173f6d1b803b794a2ec57fe8a9ef19fb44) (From OE-Core rev: 5597998cf8b852bfe9b794d83314090a148bf78b) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
65 lines
2.5 KiB
BlitzBasic
65 lines
2.5 KiB
BlitzBasic
SUMMARY = "Provides support for the Tag Image File Format (TIFF)"
|
|
LICENSE = "BSD-2-Clause"
|
|
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=34da3db46fab7501992f9615d7e158cf"
|
|
|
|
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
|
|
file://libtool2.patch \
|
|
file://CVE-2015-8665_8683.patch \
|
|
file://CVE-2015-8781.patch \
|
|
file://CVE-2015-8784.patch \
|
|
file://CVE-2016-3186.patch \
|
|
file://CVE-2016-5321.patch \
|
|
file://CVE-2016-5323.patch \
|
|
file://CVE-2016-3945.patch \
|
|
file://CVE-2016-3990.patch \
|
|
file://CVE-2016-3991.patch \
|
|
file://CVE-2016-3623.patch \
|
|
file://CVE-2016-3622.patch \
|
|
file://CVE-2016-3658.patch \
|
|
file://CVE-2016-3632.patch \
|
|
file://CVE-2016-9540.patch \
|
|
file://CVE-2016-9539.patch \
|
|
file://CVE-2016-9535-1.patch \
|
|
file://CVE-2016-9535-2.patch \
|
|
file://CVE-2016-9538.patch \
|
|
"
|
|
|
|
SRC_URI[md5sum] = "d1d2e940dea0b5ad435f21f03d96dd72"
|
|
SRC_URI[sha256sum] = "4d57a50907b510e3049a4bba0d7888930fdfc16ce49f1bf693e5b6247370d68c"
|
|
|
|
# exclude betas
|
|
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
|
|
|
|
inherit autotools
|
|
|
|
CACHED_CONFIGUREVARS = "ax_cv_check_gl_libgl=no"
|
|
|
|
PACKAGECONFIG ?= "cxx jpeg zlib lzma \
|
|
strip-chopping extrasample-as-alpha check-ycbcr-subsampling"
|
|
|
|
PACKAGECONFIG[cxx] = "--enable-cxx,--disable-cxx,,"
|
|
PACKAGECONFIG[jpeg] = "--enable-jpeg,--disable-jpeg,jpeg,"
|
|
PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib,"
|
|
PACKAGECONFIG[lzma] = "--enable-lzma,--disable-lzma,xz,"
|
|
|
|
# Convert single-strip uncompressed images to multiple strips of specified
|
|
# size (default: 8192) to reduce memory usage
|
|
PACKAGECONFIG[strip-chopping] = "--enable-strip-chopping,--disable-strip-chopping,,"
|
|
|
|
# Treat a fourth sample with no EXTRASAMPLE_ value as being ASSOCALPHA
|
|
PACKAGECONFIG[extrasample-as-alpha] = "--enable-extrasample-as-alpha,--disable-extrasample-as-alpha,,"
|
|
|
|
# Control picking up YCbCr subsample info. Disable to support files lacking
|
|
# the tag
|
|
PACKAGECONFIG[check-ycbcr-subsampling] = "--enable-check-ycbcr-subsampling,--disable-check-ycbcr-subsampling,,"
|
|
|
|
# Support a mechanism allowing reading large strips (usually one strip files)
|
|
# in chunks when using TIFFReadScanline. Experimental 4.0+ feature
|
|
PACKAGECONFIG[chunky-strip-read] = "--enable-chunky-strip-read,--disable-chunky-strip-read,,"
|
|
|
|
PACKAGES =+ "tiffxx tiff-utils"
|
|
FILES_tiffxx = "${libdir}/libtiffxx.so.*"
|
|
FILES_tiff-utils = "${bindir}/*"
|
|
|
|
BBCLASSEXTEND = "native"
|