]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d142fce) | patch
libtiff: fix CVE-2013-1960
authorMing Liu <ming.liu@windriver.com>
Thu, 5 Dec 2013 23:52:14 +0000 (17:52 -0600)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 10 Dec 2013 11:36:23 +0000 (11:36 +0000)
commit9db7a897d216a8293152c1a3b96c72b699d469c7
treeeecdaf1a1ce4b4a2580dda9af0dd8250fb5c0573tree | snapshot
parentd142fcea02438e06338a1d1a5644667fdda59172commit | diff
libtiff: fix CVE-2013-1960

Heap-based buffer overflow in the tp_process_jpeg_strip function in tiff2pdf
in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a crafted TIFF image
file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1960

Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Jeff Polk <jeff.polk@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-1960.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libtiff/tiff_4.0.3.bb diff | blob | history
Mirror of the official openembedded-core repository