Age | Commit message (Collapse) | Author |
|
cve description:
Heap-based buffer overflow in the readgifimage function in the gif2tiff
tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial
of service (crash) and possibly execute arbitrary code via a crafted height
and width values in a GIF image.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4243
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
cve description:
Use-after-free vulnerability in the t2p_readwrite_pdf_image function
in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause
a denial of service (crash) or possible execute arbitrary code via a
crafted TIFF image.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4232
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Heap-based buffer overflow in the tp_process_jpeg_strip function in tiff2pdf
in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a crafted TIFF image
file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1960
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Jeff Polk <jeff.polk@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Having one monolithic packages directory makes it hard to find things
and is generally overwhelming. This commit splits it into several
logical sections roughly based on function, recipes.txt gives more
information about the classifications used.
The opportunity is also used to switch from "packages" to "recipes"
as used in OpenEmbedded as the term "packages" can be confusing to
people and has many different meanings.
Not all recipes have been classified yet, this is just a first pass
at separating things out. Some packages are moved to meta-extras as
they're no longer actively used or maintained.
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
|