tiff: fix CVE-2025-8851 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2025-08-26 16:18:34 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-09-08 08:27:11 -0700
commit	7e420c5834bcde13ed28f84f2cec8c77b9d6b684 (patch)
tree	7ff01b175fd889f95664448ed55e9c03d450c735 /meta/recipes-support/vim/files/no-path-adjust.patch
parent	999a2e1aa450814e2f6a42c170a92dc62a08766a (diff)
download	poky-7e420c5834bcde13ed28f84f2cec8c77b9d6b684.tar.gz

tiff: fix CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-8851 Upstream patch: https://gitlab.com/libtiff/libtiff/-/commit/8a7a48d7a645992ca83062b3a1873c951661e2b3 (From OE-Core rev: 1ced84bbd4ab15f0f16176e367744b496a0ea97c) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/recipes-support/vim/files/no-path-adjust.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: