diff options
| author | Vijay Anusuri <vanusuri@mvista.com> | 2023-10-31 11:23:20 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2023-11-03 04:26:13 -1000 |
| commit | 83d53dc031b3d67491d95e9e1c216fbd962ba57a (patch) | |
| tree | db80a7884c5b10e867faf536d204dac5434e5c46 | |
| parent | f948c66f7556610d24cefe56ecd06a4d26a6d134 (diff) | |
| download | poky-83d53dc031b3d67491d95e9e1c216fbd962ba57a.tar.gz | |
tiff: CVE patch correction for CVE-2023-3576
- The commit [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37]
fixes CVE-2023-3576
- Hence, renamed the CVE-2023-3618-1.patch to CVE-2023-3576.patch
- Reference: https://security-tracker.debian.org/tracker/CVE-2023-3576
https://security-tracker.debian.org/tracker/CVE-2023-3618
(From OE-Core rev: 63daa00279c0c3a8650d6e08a68cc32a2b98d843)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-multimedia/libtiff/tiff/CVE-2023-3576.patch (renamed from meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-1.patch) | 3 | ||||
| -rw-r--r-- | meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618.patch (renamed from meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-2.patch) | 0 | ||||
| -rw-r--r-- | meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 4 |
3 files changed, 4 insertions, 3 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-1.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3576.patch index 8f55d2b496..b17dd72170 100644 --- a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-1.patch +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3576.patch | |||
| @@ -4,8 +4,9 @@ Date: Tue, 7 Mar 2023 15:02:08 +0800 | |||
| 4 | Subject: [PATCH] Fix memory leak in tiffcrop.c | 4 | Subject: [PATCH] Fix memory leak in tiffcrop.c |
| 5 | 5 | ||
| 6 | Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37] | 6 | Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/881a070194783561fd209b7c789a4e75566f7f37] |
| 7 | CVE: CVE-2023-3618 | 7 | CVE: CVE-2023-3576 |
| 8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | 8 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> |
| 9 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
| 9 | --- | 10 | --- |
| 10 | tools/tiffcrop.c | 7 ++++++- | 11 | tools/tiffcrop.c | 7 ++++++- |
| 11 | 1 file changed, 6 insertions(+), 1 deletion(-) | 12 | 1 file changed, 6 insertions(+), 1 deletion(-) |
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-2.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618.patch index 4179145722..4179145722 100644 --- a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-2.patch +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618.patch | |||
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 8dcd73273e..e925b7d652 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | |||
| @@ -40,8 +40,8 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ | |||
| 40 | file://CVE-2023-26965.patch \ | 40 | file://CVE-2023-26965.patch \ |
| 41 | file://CVE-2023-2908.patch \ | 41 | file://CVE-2023-2908.patch \ |
| 42 | file://CVE-2023-3316.patch \ | 42 | file://CVE-2023-3316.patch \ |
| 43 | file://CVE-2023-3618-1.patch \ | 43 | file://CVE-2023-3576.patch \ |
| 44 | file://CVE-2023-3618-2.patch \ | 44 | file://CVE-2023-3618.patch \ |
| 45 | file://CVE-2023-26966.patch \ | 45 | file://CVE-2023-26966.patch \ |
| 46 | file://CVE-2022-40090.patch \ | 46 | file://CVE-2022-40090.patch \ |
| 47 | file://CVE-2023-1916.patch \ | 47 | file://CVE-2023-1916.patch \ |