tiff: Security fix CVE-2016-9535 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Mingli Yu <Mingli.Yu@windriver.com>	2016-12-07 16:01:11 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-01-11 17:21:44 +0000
commit	5d2c218f57d71849427c7b691641246191470e08 (patch)
tree	68f998158f18787b4d6b641012bbd8d22b121eb8 /meta/recipes-multimedia/sbc
parent	b6d7bc53e2327f8975681733aebafb83d9d12167 (diff)
download	poky-5d2c218f57d71849427c7b691641246191470e08.tar.gz

tiff: Security fix CVE-2016-9535

* libtiff/tif_predict.h, libtiff/tif_predict.c: Replace assertions by runtime checks to avoid assertions in debug mode, or buffer overflows in release mode. Can happen when dealing with unusual tile size like YCbCr with subsampling. External References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9535 Patch from: https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1 https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33 (From OE-Core rev: 61d3feb9cad9f61f6551b43f4f19bfa33cadd275) (From OE-Core rev: d55b4470c20f4a4b73b1e6f148a45d94649dfdb5) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-multimedia/sbc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: