diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2018-03-20 07:53:20 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-03-25 09:33:34 +0100 |
commit | 798b6b4b3ce370264d036e555185a99ce3aa97b7 (patch) | |
tree | afdd6b190e8ebe7046763a35acc85e6f9556d0ee /meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | |
parent | 086308aa2a5e332de6f00ed397c4a55d132f158f (diff) | |
download | openembedded-core-contrib-798b6b4b3ce370264d036e555185a99ce3aa97b7.tar.gz |
tiff: Security fixes
Fix CVE-2017-99935, CVE-2017-18013, CVE-2018-5784
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-9935
https://nvd.nist.gov/vuln/detail/CVE-2017-18013
https://nvd.nist.gov/vuln/detail/CVE-2018-5784
Patches from:
CVE-2017-9935:
https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940
CVE-2017-18013:
https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01
CVE-2018-5784:
https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-multimedia/libtiff/tiff_4.0.9.bb')
-rw-r--r-- | meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb index b8f895b143..8c3bba5c64 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb @@ -6,6 +6,9 @@ CVE_PRODUCT = "libtiff" SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://libtool2.patch \ + file://CVE-2017-9935.patch \ + file://CVE-2017-18013.patch \ + file://CVE-2018-5784.patch \ " SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79" |