code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Zhixiong Chi <zhixiong.chi@windriver.com>
	Mon, 28 Nov 2016 09:52:13 +0000 (17:52 +0800)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Wed, 30 Nov 2016 15:47:15 +0000 (15:47 +0000)
commit	58bf0a237ca28459eb8c3afa030c0054f5bc1f16
tree	59870e85c7557764ebfa634a1fb54dd1b0fa2372	tree \| snapshot
parent	cc97dc66006c7892473e3b4790d05e12445bb927	commit \| diff

tiff: Security fix CVE-2016-9539

tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in
readContigTilesIntoBuffer(). Reported as MSVR 35092.

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9539

Patch from:
https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>

meta/recipes-multimedia/libtiff/files/CVE-2016-9539.patch	[new file with mode: 0644]	blob
meta/recipes-multimedia/libtiff/tiff_4.0.6.bb		diff \| blob \| history

Mirror of the official openembedded-core repository

RSS Atom