]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b0ac1ea) | patch
libtiff: fix CVE-2013-1961
authorMuzaffar Mahmood <muzaffar_mahmood@mentor.com>
Mon, 25 Aug 2014 11:51:06 +0000 (16:51 +0500)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 10 Oct 2014 14:05:51 +0000 (15:05 +0100)
commit9b8ca9d9b0b12dff8a3908da00020d253685958f
tree03fff2cf9a4f7f3be99d9d9bbf693a83193bbdc9tree | snapshot
parentb0ac1ea1f7eaca92b613f874ee2cbf6830743a71commit | diff
libtiff: fix CVE-2013-1961

Integrate community fix for the issue CVE-2013-1961
and migrated to version 4.0.3.

Stack-based buffer overflow in the t2p_write_pdf_page function
in tiff2pdf in libtiff before 4.0.3 allows remote attackers to
cause a denial of service (application crash) via a crafted
image length and resolution in a TIFF image file.

(From OE-Core rev: f24e3456c60951d2985d7c23bdcc1f8c15d6c167)

Signed-off-by: Priyanka Shobhan <priyanka_shobhan@mentor.com>
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Muzaffar Mahmood <muzaffar_mahmood@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-1961.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libtiff/tiff_4.0.3.bb diff | blob | history
Mirror of the official openembedded-core repository