diff options
| author | Teoh Jay Shen <jay.shen.teoh@intel.com> | 2022-10-05 19:07:03 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-10-20 15:36:01 +0100 |
| commit | 6d80584e9f095537b8d3a2e37db3feb7c608dd69 (patch) | |
| tree | a6674ec8a08ebf72c9e252bbcea464e85a2dd005 /scripts/lib/scriptpath.py | |
| parent | eaf8ce9d39a2c0d9c42b32fb6596ab4302f93a1a (diff) | |
| download | poky-6d80584e9f095537b8d3a2e37db3feb7c608dd69.tar.gz | |
tiff: Security fixes CVE-2022-2867,CVE-2022-2868 and CVE-2022-2869
This series of patches include fixes for CVE-2022-2867,CVE-2022-2868 and CVE-2022-2869.
These patches are modified using devtool and a review was conducted to make sure they all get applied in the correct location.
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2867
https://security-tracker.debian.org/tracker/CVE-2022-2867
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2868
https://security-tracker.debian.org/tracker/CVE-2022-2868
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2869
https://security-tracker.debian.org/tracker/CVE-2022-2869
Merge request:
https://gitlab.com/libtiff/libtiff/-/merge_requests/294/diffs?commit_id=7d7bfa4416366ec64068ac389414241ed4730a54
Patches from:
https://gitlab.com/libtiff/libtiff/-/commit/bcf28bb7f630f24fa47701a9907013f3548092cd?merge_request_iid=294
https://gitlab.com/libtiff/libtiff/-/commit/7d7bfa4416366ec64068ac389414241ed4730a54?merge_request_iid=294
https://gitlab.com/libtiff/libtiff/-/commit/b258ed69a485a9cfb299d9f060eb2a46c54e5903?merge_request_iid=294
Notes:
These CVEs are fixed in tiff v4.4.0
(From OE-Core rev: 90a65fbefee1b7f615933f1bbbf5f83b6f928e8d)
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'scripts/lib/scriptpath.py')
0 files changed, 0 insertions, 0 deletions