1 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
new file mode 100644
index 0000000000..2020508fdf
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
@@ -0,0 +1,31 @@
+From 1e7d217a323eac701b134afc4ae39b6bdfdbc96a Mon Sep 17 00:00:00 2001
+From: Su_Laus <sulau@freenet.de>
+Date: Wed, 17 Jan 2024 06:57:08 +0000
+Subject: [PATCH] codec of input image is available, independently from codec
+ check of output image and return with error if not.
+Fixes #606.
+CVE: CVE-2023-6228
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a]
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ tools/tiffcp.c | 2 ++
+ 1 file changed, 2 insertions(+)
+diff --git a/tools/tiffcp.c b/tools/tiffcp.c
+index aff0626..a4f7f6b 100644
+--- a/tools/tiffcp.c
+++ b/tools/tiffcp.c
+@@ -846,6 +846,8 @@ static int tiffcp(TIFF *in, TIFF *out)
+     if (!TIFFIsCODECConfigured(compression))
+         return FALSE;
+     TIFFGetFieldDefaulted(in, TIFFTAG_COMPRESSION, &input_compression);
+    if (!TIFFIsCODECConfigured(input_compression))
+           return FALSE;
+     TIFFGetFieldDefaulted(in, TIFFTAG_PHOTOMETRIC, &input_photometric);
+     if (input_compression == COMPRESSION_JPEG)
+     {
+--
+2.40.0

diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch new file mode 100644 index 0000000000..2020508fdf --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
@@ -0,0 +1,31 @@
	1	From 1e7d217a323eac701b134afc4ae39b6bdfdbc96a Mon Sep 17 00:00:00 2001
	2	From: Su_Laus <sulau@freenet.de>
	3	Date: Wed, 17 Jan 2024 06:57:08 +0000
	4	Subject: [PATCH] codec of input image is available, independently from codec
	5	check of output image and return with error if not.
	6
	7	Fixes #606.
	8
	9	CVE: CVE-2023-6228
	10	Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a]
	11
	12	Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
	13	---
	14	tools/tiffcp.c \| 2 ++
	15	1 file changed, 2 insertions(+)
	16
	17	diff --git a/tools/tiffcp.c b/tools/tiffcp.c
	18	index aff0626..a4f7f6b 100644
	19	--- a/tools/tiffcp.c
	20	+++ b/tools/tiffcp.c
	21	@@ -846,6 +846,8 @@ static int tiffcp(TIFF in, TIFF out)
	22	if (!TIFFIsCODECConfigured(compression))
	23	return FALSE;
	24	TIFFGetFieldDefaulted(in, TIFFTAG_COMPRESSION, &input_compression);
	25	+ if (!TIFFIsCODECConfigured(input_compression))
	26	+ return FALSE;
	27	TIFFGetFieldDefaulted(in, TIFFTAG_PHOTOMETRIC, &input_photometric);
	28	if (input_compression == COMPRESSION_JPEG)
	29	{
	30	--
	31	2.40.0