tiff: Security fix CVE-2016-9538 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Mingli Yu <Mingli.Yu@windriver.com>	2016-12-07 16:01:12 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-05-18 13:14:21 +0100
commit	863bfa81afcb643cb1e22b1ba3cb765b8f24a51d (patch)
tree	0cded2b3c39ec968deedc29392fee3d81981ad13 /meta/classes/populate_sdk_ext.bbclass
parent	014af27dcbbaf5d8482a2cf063a5aa7eeba1a915 (diff)
download	poky-863bfa81afcb643cb1e22b1ba3cb765b8f24a51d.tar.gz

tiff: Security fix CVE-2016-9538

* tools/tiffcrop.c: fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16 overflow. External References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9538 Patch from: https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f (From OE-Core rev: 9af5d5ea882c853e4cb15006f990d3814eeea9ae) (From OE-Core rev: 33cad1173f6d1b803b794a2ec57fe8a9ef19fb44) (From OE-Core rev: 5597998cf8b852bfe9b794d83314090a148bf78b) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/classes/populate_sdk_ext.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: