tiff: Security fix CVE-2016-9538 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Mingli Yu <Mingli.Yu@windriver.com>	2016-12-07 16:01:12 +0800
committer	Sona Sarmadi <sona.sarmadi@enea.com>	2017-02-10 12:21:39 +0100
commit	dfde5b94e82264ea16a189252d615d67366e3d98 (patch)
tree	8dc9b8609df8269a9d0ea7f1d64f07c490edfcda /meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
parent	a7301f1b499a971f6b208865f1241aaffa4b1dde (diff)
download	poky-dfde5b94e82264ea16a189252d615d67366e3d98.tar.gz

tiff: Security fix CVE-2016-9538

* tools/tiffcrop.c: fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16 overflow. External References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9538 Patch from: https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f (From OE-Core rev: 9af5d5ea882c853e4cb15006f990d3814eeea9ae) (From OE-Core rev: 33cad1173f6d1b803b794a2ec57fe8a9ef19fb44) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>

Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl_1.0.2h.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: