From 6c79f0424b34a329f6421d9f7b1da820c931b59c Mon Sep 17 00:00:00 2001
From: Martin Jansa <martin.jansa@gmail.com>
Date: Mon, 28 Nov 2022 20:24:05 +0100
Subject: tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch

* according to https://bugzilla.redhat.com/show_bug.cgi?id=2118863
  this commit should be the fix for CVE-2022-2868

* resolves false-possitive entry in:
  https://lists.yoctoproject.org/g/yocto-security/message/705

  CVE-2022-2868 (CVSS3: 8.1 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2868

(From OE-Core rev: 97ad71541996023075950337e8b133c1a8551e0f)

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../libtiff/tiff/b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch      | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-multimedia/libtiff/tiff/b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch b/meta/recipes-multimedia/libtiff/tiff/b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
index 272dd3d713..83d5db7fc6 100644
--- a/meta/recipes-multimedia/libtiff/tiff/b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
+++ b/meta/recipes-multimedia/libtiff/tiff/b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
@@ -5,11 +5,12 @@ Subject: [PATCH] Move the crop_width and crop_length computation after the
  sanity check to avoid warnings when built with
  -fsanitize=unsigned-integer-overflow.
 
-Upstream-Status: Backport
-[https://gitlab.com/libtiff/libtiff/-/commit/b258ed69a485a9cfb299d9f060eb2a46c54e5903?merge_request_iid=294]
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/b258ed69a485a9cfb299d9f060eb2a46c54e5903?merge_request_iid=294]
 
 Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
 
+CVE: CVE-2022-2868
+
 ---
  tools/tiffcrop.c | 5 ++---
  1 file changed, 2 insertions(+), 3 deletions(-)
-- 
cgit v1.2.3-54-g00ecf