diff options
author | Vijay Anusuri <vanusuri@mvista.com> | 2023-10-31 09:57:34 +0530 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2023-11-17 06:00:32 -1000 |
commit | 5e9e6627ac74295b311786d4acec1520b46b3105 (patch) | |
tree | dad5a64b33222aed3ffebe585fe6b5b870964ca8 /meta/recipes-multimedia | |
parent | facedadb5c600ae3e4119e3af1674ecf5fb2fdf4 (diff) | |
download | poky-5e9e6627ac74295b311786d4acec1520b46b3105.tar.gz |
tiff: CVE patch correction for CVE-2023-3576
- The commit [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37]
fixes CVE-2023-3576
- Hence, renamed the CVE-2023-3618-1.patch to CVE-2023-3576.patch
- Reference: https://security-tracker.debian.org/tracker/CVE-2023-3576
https://security-tracker.debian.org/tracker/CVE-2023-3618
(From OE-Core rev: 56088368bdd22a939b813c7aefd5ba475c6d4021)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-multimedia')
-rw-r--r-- | meta/recipes-multimedia/libtiff/files/CVE-2023-3576.patch (renamed from meta/recipes-multimedia/libtiff/files/CVE-2023-3618-1.patch) | 3 | ||||
-rw-r--r-- | meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch (renamed from meta/recipes-multimedia/libtiff/files/CVE-2023-3618-2.patch) | 0 | ||||
-rw-r--r-- | meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 4 |
3 files changed, 4 insertions, 3 deletions
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-3618-1.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-3576.patch index 35ed852519..67837fe142 100644 --- a/meta/recipes-multimedia/libtiff/files/CVE-2023-3618-1.patch +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-3576.patch | |||
@@ -4,8 +4,9 @@ Date: Tue, 7 Mar 2023 15:02:08 +0800 | |||
4 | Subject: [PATCH] Fix memory leak in tiffcrop.c | 4 | Subject: [PATCH] Fix memory leak in tiffcrop.c |
5 | 5 | ||
6 | Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37] | 6 | Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37] |
7 | CVE: CVE-2023-3618 | 7 | CVE: CVE-2023-3576 |
8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | 8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> |
9 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
9 | --- | 10 | --- |
10 | tools/tiffcrop.c | 7 ++++++- | 11 | tools/tiffcrop.c | 7 ++++++- |
11 | 1 file changed, 6 insertions(+), 1 deletion(-) | 12 | 1 file changed, 6 insertions(+), 1 deletion(-) |
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-3618-2.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch index fd67305c0b..fd67305c0b 100644 --- a/meta/recipes-multimedia/libtiff/files/CVE-2023-3618-2.patch +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-3618.patch | |||
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb index 6df4244697..d27381b4cd 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | |||
@@ -43,8 +43,8 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ | |||
43 | file://CVE-2023-26966.patch \ | 43 | file://CVE-2023-26966.patch \ |
44 | file://CVE-2023-2908.patch \ | 44 | file://CVE-2023-2908.patch \ |
45 | file://CVE-2023-3316.patch \ | 45 | file://CVE-2023-3316.patch \ |
46 | file://CVE-2023-3618-1.patch \ | 46 | file://CVE-2023-3576.patch \ |
47 | file://CVE-2023-3618-2.patch \ | 47 | file://CVE-2023-3618.patch \ |
48 | " | 48 | " |
49 | SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424" | 49 | SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424" |
50 | SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634" | 50 | SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634" |