summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
Commit message (Collapse)AuthorAgeFilesLines
* tiff: upgrade to 4.5.1Ross Burton2023-07-101-70/+0
| | | | | | | | | | Also remove old CVE_CHECK_IGNOREs which are no longer needed due to CPE updates. (From OE-Core rev: 2200fde7011c4206382150c2602b2eb17423d45e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: backport a fix for CVE-2023-26965Natasha Bailey2023-06-271-0/+1
| | | | | | | | | | Fixes a bug where a buffer was used after a potential reallocation. (From OE-Core rev: 48b8945fa570edcdf1e19ed4a4ca81c4416f1a6a) Signed-off-by: Natasha Bailey <nat.bailey@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: backport a fix for CVE-2023-2731Natasha Bailey2023-06-011-1/+3
| | | | | | | | | | | This patch fixes an issue in libtiff's LZWDecode function which could cause a null pointer dereference. (From OE-Core rev: 7da5abf23232f61bf8009b4b8e97632768867e07) Signed-off-by: Natasha Bailey <nat.bailey@windriver.com> Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: backport fix for CVE-2022-48281Ross Burton2023-02-241-1/+2
| | | | | | | | (From OE-Core rev: bf0cf66c10c95ddada595dd5a84b45235c09ebab) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtiff: add PACKAGECONFIG for libdeflate and zstdMarkus Volk2023-01-311-0/+2
| | | | | | | | | | | | | | | | | The main reason for this is an issue with latest libtiff update that causes gtk4-native configure to fail in finding libtiff (while it just builds fine for target). By comparing libtiff-4.pc for native and target it turned out, that it links for native with zstd and libdeflate. Probably because those libs were found on my host system. Adding PACKAGECONFIGS for the libs prevents us from taking them from the host. (From OE-Core rev: ca2e2035b9d81a230a1a63f51b1300418e9b9ca6) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Add packageconfig knob for webpKhem Raj2023-01-091-0/+1
| | | | | | | | | | tiff-native otherwise falsely detects webp if its installed on build host. This ensures deterministic behavior regardless of host. (From OE-Core rev: 718c44f282310b2ca85877fed706460ccc1eebea) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: update 4.4.0 -> 4.5.0Alexander Kanavin2023-01-061-0/+63
Drop all CVE backports. License-Update: formatting (From OE-Core rev: 9a255a3b114686b04bf54560c7485552ec3b438c) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-22 05:27:33 +0000