libtiff: fix CVE-2013-1960 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Ming Liu <ming.liu@windriver.com>	2013-11-21 01:05:04 -0600
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2013-12-12 22:17:33 +0000
commit	88fe0cba5be21f9aa0b1c11b8892a755a5325ffe (patch)
tree	afa8d480451f41697219eb289547ac7d2196008c /bitbake
parent	1d31f44f8cf213a5174e2d3b31a7dd7b10c798ee (diff)
download	poky-88fe0cba5be21f9aa0b1c11b8892a755a5325ffe.tar.gz

libtiff: fix CVE-2013-1960

Heap-based buffer overflow in the tp_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1960 (From OE-Core dora rev: 66387677cbd85ba4a76a254942377621acd68249) (From OE-Core rev: 70f37e59b9d2c5e5ebb67283363acb02c76504a8) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Jeff Polk <jeff.polk@windriver.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'bitbake')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: