| Age | Commit message (Collapse) | Author |
|---|
|
(From OE-Core rev: 92a2e6dc73085ccb5482986c6b61d40992fb4f50)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport fix from gitlab.com/libtiff/libtiff.
nvd.nist.gov does not yet reference this patch.
(From OE-Core rev: f72c8af3f2c1ec9e4d9ffcf0cc6e7fdf572b21b9)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
NULL pointer use as described at nvd.nist.gov/vuln/detail/CVE-2018-7456.
(From OE-Core rev: 122da5cec495fc8ddfd880327e7c3ed0dc70e04f)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Buffer overflow described at nvd.nits.gov/vuln/detail/CVE-2018-8905.
(From OE-Core rev: 3f6f2a0619b4e243e6a9e52cee2cdd625ebf6769)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
(From OE-Core rev: d19a9b41d3b2dcba3b102a8289b7787b4b131e96)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix CVE-2017-99935, CVE-2017-18013, CVE-2018-5784
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-9935
https://nvd.nist.gov/vuln/detail/CVE-2017-18013
https://nvd.nist.gov/vuln/detail/CVE-2018-5784
Patches from:
CVE-2017-9935:
https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940
CVE-2017-18013:
https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01
CVE-2018-5784:
https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef
(From OE-Core rev: 798b6b4b3ce370264d036e555185a99ce3aa97b7)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Header file conflict between 32-bit and 64-bit versions.
(From OE-Core rev: 53f320797765b5f184a83cd065f9b5e454ee14e3)
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.
Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450). This is obviously bad.
We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.
(From OE-Core rev: 8d4dd42cf39ac33e2479cb4f9f833701d68cea62)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.
Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450). This is obviously bad.
We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.
(From OE-Core rev: 65155f3719051aae2a2e716c719b78ee7ca1bb29)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
1.Upgrade tiff from 4.0.8 to 4.0.9.
2.Delete CVE-2017-10688.patch, CVE-2017-11335.patch, CVE-2017-13726.patch, CVE-2017-13727.patch, CVE-2017-9147.patch, CVE-2017-9936.patch, since it is integrated upstream.
(From OE-Core rev: df894b523d74f8fd723d1c8fb03f55e46c6af0f5)
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13726
https://nvd.nist.gov/vuln/detail/CVE-2017-13727
Patches from:
CVE-2017-13726:
https://github.com/vadz/libtiff/commit/f91ca83a21a6a583050e5a5755ce1441b2bf1d7e
CVE-2017-13727:
https://github.com/vadz/libtiff/commit/b6af137bf9ef852f1a48a50a5afb88f9e9da01cc
(From OE-Core rev: 8dc9d74b7e6816f59eb61dcda6a93c0753a5e4ab)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-9147
https://nvd.nist.gov/vuln/detail/CVE-2017-9936
https://nvd.nist.gov/vuln/detail/CVE-2017-10668
https://nvd.nist.gov/vuln/detail/CVE-2017-11335
Patches from:
CVE-2017-9147:
https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06
CVE-2017-9936:
https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
CVE-2017-10688:
https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1
CVE-2017-11355:
https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
(From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
1. Upgrade libtiff from 4.0.7 to 4.0.8
2. Delete the following patch file due to CVE-2017-5225 has been fixed in 4.0.8
libtiff-CVE-2017-5225.patch
(From OE-Core rev: 825927e85933322e6f195f0d937359017a9a9b97)
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Libtiff is vulnerable to a heap buffer overflow in the tools/tiffcp
resulting in DoS or code execution via a crafted BitsPerSample value.
Porting patch from <https://github.com/vadz/libtiff/commit/
5c080298d59efa53264d7248bbe3a04660db6ef7> to solve CVE-2017-5225.
(From OE-Core rev: 434990304bdfb70441b399ff8998dbe3fe1b1e1f)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Major changes:
The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution, used for demos.
CVEs fixed:
CVE-2016-9297
CVE-2016-9448
CVE-2016-9273
CVE-2014-8127
CVE-2016-3658
CVE-2016-5875
CVE-2016-5652
CVE-2016-3632
plus more that are not identified in the changelog.
removed patches integrated into update.
more info: http://libtiff.maptools.org/v4.0.7.html
(From OE-Core rev: 9945cbccc4c737c84ad441773061acbf90c7baed)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is 'libtiff' in NVD.
(From OE-Core rev: 0c8d1523f3ad0ada2d1b8f9abffbc2b898a744ca)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix CVE-2016-9533, CVE-2016-9534, CVE-2016-9536 and
CVE-2016-9537
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9533
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9534
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9536
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9537
Patch from:
https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-c8b4b355f9b5c06d585b23138e1c185f
(From OE-Core rev: f75ecefee21ef89b147fff9afae01a6f09c93198)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* tools/tiffcrop.c: fix read of undefined buffer in
readContigStripsIntoBuffer() due to uint16 overflow.
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9538
Patch from:
https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
(From OE-Core rev: 9af5d5ea882c853e4cb15006f990d3814eeea9ae)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* libtiff/tif_predict.h, libtiff/tif_predict.c:
Replace assertions by runtime checks to avoid assertions in debug mode,
or buffer overflows in release mode. Can happen when dealing with
unusual tile size like YCbCr with subsampling.
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9535
Patch from:
https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1
https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33
(From OE-Core rev: 61d3feb9cad9f61f6551b43f4f19bfa33cadd275)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in
readContigTilesIntoBuffer(). Reported as MSVR 35092.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9539
Patch from:
https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53
(From OE-Core rev: 58bf0a237ca28459eb8c3afa030c0054f5bc1f16)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled
images with odd tile width versus image width. Reported as MSVR 35103,
aka "cpStripToTile heap-buffer-overflow."
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9540
Patch from:
https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3
(From OE-Core rev: cc97dc66006c7892473e3b4790d05e12445bb927)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-3632 libtiff: The _TIFFVGetField function in tif_dirinfo.c in
LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of
service (out-of-bounds write) or execute arbitrary code via a crafted
TIFF image.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3632
http://bugzilla.maptools.org/show_bug.cgi?id=2549
https://bugzilla.redhat.com/show_bug.cgi?id=1325095
The patch is from RHEL7.
(From OE-Core rev: 9206c86239717718be840a32724fd1c190929370)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool
allows remote attackers to cause a denial of service (out-of-bounds read) via vectors
involving the ma variable.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3658
http://bugzilla.maptools.org/show_bug.cgi?id=2546
Patch from:
https://github.com/vadz/libtiff/commit/45c68450bef8ad876f310b495165c513cad8b67d
(From OE-Core rev: c060e91d2838f976774d074ef07c9e7cf709f70a)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-3622 libtiff: The fpAcc function in tif_predict.c in the
tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to
cause a denial of service (divide-by-zero error) via a crafted TIFF
image.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3622
http://www.openwall.com/lists/oss-security/2016/04/07/4
Patch from:
https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286
(From OE-Core rev: 0af0466f0381a72b560f4f2852e1d19be7b6a7fb)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-3623 libtiff: The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier
allows remote attackers to cause a denial of service (divide-by-zero) by
setting the (1) v or (2) h parameter to 0.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3623
http://bugzilla.maptools.org/show_bug.cgi?id=2569
Patch from:
https://github.com/vadz/libtiff/commit/bd024f07019f5d9fea236675607a69f74a66bc7b
(From OE-Core rev: d66824eee47b7513b919ea04bdf41dc48a9d85e9)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-3991 libtiff: Heap-based buffer overflow in the loadImage
function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote
attackers to cause a denial of service (out-of-bounds write) or execute
arbitrary code via a crafted TIFF image with zero tiles.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3991
http://bugzilla.maptools.org/show_bug.cgi?id=2543
Patch from:
https://github.com/vadz/libtiff/commit/e596d4e27c5afb7960dc360fdd3afd90ba0fb8ba
(From OE-Core rev: d31267438a654ecb396aefced201f52164171055)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-3990 libtiff: Heap-based buffer overflow in the
horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and
earlier allows remote attackers to cause a denial of service (crash) or
execute arbitrary code via a crafted TIFF image to tiffcp.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3990
http://bugzilla.maptools.org/show_bug.cgi?id=2544
Patch from:
https://github.com/vadz/libtiff/commit/6a4dbb07ccf92836bb4adac7be4575672d0ac5f1
(From OE-Core rev: c6492563037bcdf7f9cc50c8639f7b6ace261e62)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-3945 libtiff: Multiple integer overflows in the (1)
cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in
LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote
attackers to cause a denial of service (crash) or execute arbitrary code
via a crafted TIFF image, which triggers an out-of-bounds write.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3945
http://bugzilla.maptools.org/show_bug.cgi?id=2545
Patch from:
https://github.com/vadz/libtiff/commit/7c39352ccd9060d311d3dc9a1f1bc00133a160e6
(From OE-Core rev: 04b9405c7e980d7655c2fd601aeeae89c0d83131)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
remotesensing.org domain has been taken over by someone unrelated.
There does not seem to be an up-to-date tiff homepage, but
osgeo.org is a reliable download site.
(From OE-Core rev: f544e1d10e9dc0f750efdb45a78ce9d5c9603070)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-5323 libtiff: a maliciously crafted TIFF file could cause the
application to crash when using tiffcrop command
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5323
http://bugzilla.maptools.org/show_bug.cgi?id=2559
Patch from:
https://github.com/vadz/libtiff/commit/2f79856097f423eb33796a15fcf700d2ea41bf31
(From OE-Core rev: 4ad1220e0a7f9ca9096860f4f9ae7017b36e29e4)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-5321 libtiff: a maliciously crafted TIFF file could cause the
application to crash when using tiffcrop command
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5321
http://bugzilla.maptools.org/show_bug.cgi?id=2558
Patch from:
https://github.com/vadz/libtiff/commit/d9783e4a1476b6787a51c5ae9e9b3156527589f0
(From OE-Core rev: 4a167cfb6ad79bbe2a2ff7f7b43c4a162ca42a4d)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-3186 libtiff: buffer overflow in the readextension function in
gif2tiff.c allows remote attackers to cause a denial of service via a
crafted GIF file
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3186
https://bugzilla.redhat.com/show_bug.cgi?id=1319503
Patch from:
https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff
(From OE-Core rev: 3d818fc862b1d85252443fefa2222262542a10ae)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2015-8784 libtiff: out-of-bound write in NeXTDecode()
External Reference:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8784
(From OE-Core rev: 36097da9679ab2ce3c4044cd8ed64e5577e3f63e)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2015-8781 libtiff: out-of-bounds writes for invalid images
External Reference:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781
(From OE-Core rev: 9e97ff5582fab9f157ecd970c7c3559265210131)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
same fix for both CVE's
tiff <= 4.0.6
(From OE-Core rev: b7a38a45bf404b8f9b419bf7c054102d68cf2673)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 88a2a8f2f03faa19c1400a9badf16845ba217861)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
recipes
(From OE-Core rev: 1eb9e190ef3bb1170b3eaabd9f7900e7ce176624)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update tiff to latest version. None of the local CVE patches
are needed based on reviewing the ChangeLog so remove them.
(From OE-Core rev: 5c5d7c2ab0d32faca43ba360d5d42ecd2822c730)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There should be only one dev and dbg package
(From OE-Core rev: dd65ee47d04f3f8e51a7abec02d564b9e46626ae)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Integrate community fix for the issue CVE-2013-1961
and migrated to version 4.0.3.
Stack-based buffer overflow in the t2p_write_pdf_page function
in tiff2pdf in libtiff before 4.0.3 allows remote attackers to
cause a denial of service (application crash) via a crafted
image length and resolution in a TIFF image file.
(From OE-Core rev: f24e3456c60951d2985d7c23bdcc1f8c15d6c167)
Signed-off-by: Priyanka Shobhan <priyanka_shobhan@mentor.com>
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Muzaffar Mahmood <muzaffar_mahmood@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
v2 changes:
* update format for commit log
* add Upstream-Status for patch
ppm2tiff does not check the return value of the TIFFScanlineSize
function, which allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted PPM image that
triggers an integer overflow, a zero-memory allocation, and a heap-based
buffer overflow.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4564
(From OE-Core rev: 9f02922d44de483ef4d02ce95b55efe79a8b09a2)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers
to cause a denial of service (out-of-bounds write) via a crafted (1)
extension block in a GIF image or (2) GIF raster image to
tools/gif2tiff.c or (3) a long filename for a TIFF image to
tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which
states that the input cannot exceed the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231Multiple
buffer overflows in libtiff before 4.0.3 allow remote attackers to cause
a denial of service (out-of-bounds write) via a crafted (1) extension
block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3)
a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1
and 3 are disputed by Red Hat, which states that the input cannot exceed
the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231
(From OE-Core rev: 19e6d05161ef9f4e5f7277f6eb35eb5d94ecf629)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
cve description:
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier
allows context-dependent attackers to cause a denial of service
(out-of-bounds write and crash) or possibly execute arbitrary code via
a crafted GIF image.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4244
(From OE-Core rev: 4eec8fae3f972a27bfb986066f5b3603599ebc25)
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adds packageconfigs for all appropriate configure arguments (other than jpeg
8/12 bit mode support, where I wasn't clear on the deps, and which I doubt we
care about).
jpeg, zlib, and xz dependencies can now be controlled.
(From OE-Core rev: 314b07181a3c7ef6d8f002f555a68ed6feaf99bb)
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A lot of our recipes had short one-line DESCRIPTION values and no
SUMMARY value set. In this case it's much better to just set SUMMARY
since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY
is at least useful. I also took the opportunity to fix up a lot of the
new SUMMARY values, making them concisely explain the function of the
recipe / package where possible.
(From OE-Core rev: b8feee3cf21f70ba4ec3b822d2f596d4fc02a292)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
cve description:
Heap-based buffer overflow in the readgifimage function in the gif2tiff
tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial
of service (crash) and possibly execute arbitrary code via a crafted height
and width values in a GIF image.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4243
(From OE-Core rev: 47388363f69bfbf5ed1816a9367627182ee10e88)
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
cve description:
Use-after-free vulnerability in the t2p_readwrite_pdf_image function
in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause
a denial of service (crash) or possible execute arbitrary code via a
crafted TIFF image.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4232
(From OE-Core rev: bd4a878815e7033b1114940e2a5a16568322655b)
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Heap-based buffer overflow in the tp_process_jpeg_strip function in tiff2pdf
in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a crafted TIFF image
file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1960
(From OE-Core rev: 9db7a897d216a8293152c1a3b96c72b699d469c7)
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Jeff Polk <jeff.polk@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove all PR = "r0" from all .bb files in oe-core. This was done
with the command sed -e '/^PR.*=.*r0\"/d' recipes*/*/*.bb -i
We've switching to the PR server, PR bumps are no longer needed and
this saves people either accidentally bumping them or forgetting to
remove the lines (r0 is the default anyway).
(From OE-Core rev: 58ae94f1b06d0e6234413dbf9869bde85f154c85)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Alexander Kanavin
Joe Slater
Yi Zhao
Zhang Xiao
Ross Burton
Huang Qiyu
Fan Xin
Li Zhou
Armin Kuster
Mingli Yu
Zhixiong Chi
Jussi Kukkonen
Armin Kuster
Alexander Kanavin
Randy MacLeod
Robert Yang
Muzaffar Mahmood
Yue Tao
Baogen Shang
Christopher Larson
Paul Eggleton
Ming Liu
Richard Purdie