tiff: fix CVE-2025-8177 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2025-08-06 17:54:13 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-08-18 13:18:01 -0700
commit	dc468377e8843b52b1a55d4b0ba30bbc4b40a7a5 (patch)
tree	bd3bc3e39cfd046afae252753df7233337094b59 /documentation/conf.py
parent	c2581b7811559bd2220b1d06c027ff612e5295e9 (diff)
download	poky-dc468377e8843b52b1a55d4b0ba30bbc4b40a7a5.tar.gz

tiff: fix CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-8177 Upstream patch: https://gitlab.com/libtiff/libtiff/-/commit/e8de4dc1f923576dce9d625caeebd93f9db697e1 (From OE-Core rev: fbf3238630c104c9e17d6e902986358cea5986ff) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'documentation/conf.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: