[oe-commits] Muzaffar Mahmood : libtiff: fix CVE-2013-1961
git at git.openembedded.org
git at git.openembedded.org
Wed Aug 27 11:13:11 UTC 2014
Module: openembedded-core.git
Branch: master
Commit: f24e3456c60951d2985d7c23bdcc1f8c15d6c167
URL: http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=f24e3456c60951d2985d7c23bdcc1f8c15d6c167
Author: Muzaffar Mahmood <muzaffar_mahmood at mentor.com>
Date: Mon Aug 25 16:51:06 2014 +0500
libtiff: fix CVE-2013-1961
Integrate community fix for the issue CVE-2013-1961
and migrated to version 4.0.3.
Stack-based buffer overflow in the t2p_write_pdf_page function
in tiff2pdf in libtiff before 4.0.3 allows remote attackers to
cause a denial of service (application crash) via a crafted
image length and resolution in a TIFF image file.
Signed-off-by: Priyanka Shobhan <priyanka_shobhan at mentor.com>
Signed-off-by: Christopher Larson <chris_larson at mentor.com>
Signed-off-by: Muzaffar Mahmood <muzaffar_mahmood at mentor.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
.../libtiff/files/libtiff-CVE-2013-1961.patch | 786 +++++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.0.3.bb | 1 +
2 files changed, 787 insertions(+)
Diff: http://git.openembedded.org/?p=openembedded-core.git/?a=commitdiff;h=f24e3456c60951d2985d7c23bdcc1f8c15d6c167
More information about the Openembedded-commits
mailing list