tiff: Security fix CVE-2017-13726 and CVE-2017-13727

References: https://nvd.nist.gov/vuln/detail/CVE-2017-13726 https://nvd.nist.gov/vuln/detail/CVE-2017-13727 Patches from: CVE-2017-13726: https://github.com/vadz/libtiff/commit/f91ca83a21a6a583050e5a5755ce1441b2bf1d7e CVE-2017-13727: https://github.com/vadz/libtiff/commit/b6af137bf9ef852f1a48a50a5afb88f9e9da01cc (From OE-Core rev: 8dc9d74b7e6816f59eb61dcda6a93c0753a5e4ab) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Yi Zhao <yi.zhao@windriver.com> 2017-09-21 11:21:39 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-09-22 17:15:30 +0100
commit: 89c81eedcaf45eecad9e5b20214d89e15db310c7 (patch)
tree: 932a300156e1be7994c0b1aa6d05ed4c205287e9 /meta/recipes-multimedia/libtiff/tiff_4.0.8.bb
parent: 141bfb844ed3d36a873a6514ba28964d42fec70c (diff)
download: poky-89c81eedcaf45eecad9e5b20214d89e15db310c7.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb
index c8ad5d5c06..cb91baa607 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb
@@ -10,6 +10,8 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
           file://CVE-2017-9936.patch \
           file://CVE-2017-10688.patch \
           file://CVE-2017-11335.patch \
+           file://CVE-2017-13726.patch \
+           file://CVE-2017-13727.patch \
          "
 SRC_URI[md5sum] = "2a7d1c1318416ddf36d5f6fa4600069b"
author	Yi Zhao <yi.zhao@windriver.com>	2017-09-21 11:21:39 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-22 17:15:30 +0100
commit	89c81eedcaf45eecad9e5b20214d89e15db310c7 (patch)
tree	932a300156e1be7994c0b1aa6d05ed4c205287e9 /meta/recipes-multimedia/libtiff/tiff_4.0.8.bb
parent	141bfb844ed3d36a873a6514ba28964d42fec70c (diff)
download	poky-89c81eedcaf45eecad9e5b20214d89e15db310c7.tar.gz

diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb index c8ad5d5c06..cb91baa607 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.8.bb
@@ -10,6 +10,8 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
10	file://CVE-2017-9936.patch \	10	file://CVE-2017-9936.patch \
11	file://CVE-2017-10688.patch \	11	file://CVE-2017-10688.patch \
12	file://CVE-2017-11335.patch \	12	file://CVE-2017-11335.patch \
		13	file://CVE-2017-13726.patch \
		14	file://CVE-2017-13727.patch \
13	"	15	"
14		16
15	SRC_URI[md5sum] = "2a7d1c1318416ddf36d5f6fa4600069b"	17	SRC_URI[md5sum] = "2a7d1c1318416ddf36d5f6fa4600069b"