diff options
| author | Joe Slater <joe.slater@windriver.com> | 2018-07-12 11:48:17 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-07-18 10:18:42 +0100 |
| commit | 90a06269df747aa9e08a9b904cf6529cc2ee0027 (patch) | |
| tree | 188c6a0680ed71a366ff25c6fe9d4d645f94840c /meta | |
| parent | d3c639f5c953944760827c116e0d38985db48961 (diff) | |
| download | poky-90a06269df747aa9e08a9b904cf6529cc2ee0027.tar.gz | |
tiff: security fix CVE-2018-10963
Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
(From OE-Core rev: d19a9b41d3b2dcba3b102a8289b7787b4b131e96)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
| -rw-r--r-- | meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch | 39 | ||||
| -rw-r--r-- | meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 1 |
2 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch new file mode 100644 index 0000000000..7252298b52 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch | |||
| @@ -0,0 +1,39 @@ | |||
| 1 | From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Even Rouault <even.rouault@spatialys.com> | ||
| 3 | Date: Sat, 12 May 2018 14:24:15 +0200 | ||
| 4 | Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes | ||
| 5 | http://bugzilla.maptools.org/show_bug.cgi?id=2795. | ||
| 6 | CVE-2018-10963 | ||
| 7 | |||
| 8 | --- | ||
| 9 | CVE: CVE-2018-10963 | ||
| 10 | |||
| 11 | Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...] | ||
| 12 | |||
| 13 | Signed-off-by: Joe Slater <joe.slater@windriver.com> | ||
| 14 | |||
| 15 | --- | ||
| 16 | libtiff/tif_dirwrite.c | 7 +++++-- | ||
| 17 | 1 file changed, 5 insertions(+), 2 deletions(-) | ||
| 18 | |||
| 19 | diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c | ||
| 20 | index 2430de6..c15a28d 100644 | ||
| 21 | --- a/libtiff/tif_dirwrite.c | ||
| 22 | +++ b/libtiff/tif_dirwrite.c | ||
| 23 | @@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) | ||
| 24 | } | ||
| 25 | break; | ||
| 26 | default: | ||
| 27 | - assert(0); /* we should never get here */ | ||
| 28 | - break; | ||
| 29 | + TIFFErrorExt(tif->tif_clientdata,module, | ||
| 30 | + "Cannot write tag %d (%s)", | ||
| 31 | + TIFFFieldTag(o), | ||
| 32 | + o->field_name ? o->field_name : "unknown"); | ||
| 33 | + goto bad; | ||
| 34 | } | ||
| 35 | } | ||
| 36 | } | ||
| 37 | -- | ||
| 38 | 1.7.9.5 | ||
| 39 | |||
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb index 8c3bba5c64..e8e2a119f1 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | |||
| @@ -9,6 +9,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ | |||
| 9 | file://CVE-2017-9935.patch \ | 9 | file://CVE-2017-9935.patch \ |
| 10 | file://CVE-2017-18013.patch \ | 10 | file://CVE-2017-18013.patch \ |
| 11 | file://CVE-2018-5784.patch \ | 11 | file://CVE-2018-5784.patch \ |
| 12 | file://CVE-2018-10963.patch \ | ||
| 12 | " | 13 | " |
| 13 | 14 | ||
| 14 | SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79" | 15 | SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79" |