]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: fa2a90c) | patch
libtiff: fix CVE-2013-1961
authorMuzaffar Mahmood <muzaffar_mahmood@mentor.com>
Mon, 25 Aug 2014 11:51:06 +0000 (16:51 +0500)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 27 Aug 2014 11:12:07 +0000 (12:12 +0100)
commitf24e3456c60951d2985d7c23bdcc1f8c15d6c167
tree5a81a77b2edf5412b92162f2fd1a844c6cd2e970tree | snapshot
parentfa2a90ca632d10fe1a14098c3f4fcacc7cea6ac5commit | diff
libtiff: fix CVE-2013-1961

Integrate community fix for the issue CVE-2013-1961
and migrated to version 4.0.3.

Stack-based buffer overflow in the t2p_write_pdf_page function
in tiff2pdf in libtiff before 4.0.3 allows remote attackers to
cause a denial of service (application crash) via a crafted
image length and resolution in a TIFF image file.

Signed-off-by: Priyanka Shobhan <priyanka_shobhan@mentor.com>
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Muzaffar Mahmood <muzaffar_mahmood@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-1961.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libtiff/tiff_4.0.3.bb diff | blob | history
Mirror of the official openembedded-core repository