aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
diff options
context:
space:
mode:
authorYi Zhao <yi.zhao@windriver.com>2018-03-20 07:53:20 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-03-25 09:33:34 +0100
commit798b6b4b3ce370264d036e555185a99ce3aa97b7 (patch)
treeafdd6b190e8ebe7046763a35acc85e6f9556d0ee /meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
parent086308aa2a5e332de6f00ed397c4a55d132f158f (diff)
downloadopenembedded-core-contrib-798b6b4b3ce370264d036e555185a99ce3aa97b7.tar.gz
tiff: Security fixes
Fix CVE-2017-99935, CVE-2017-18013, CVE-2018-5784 References: https://nvd.nist.gov/vuln/detail/CVE-2017-9935 https://nvd.nist.gov/vuln/detail/CVE-2017-18013 https://nvd.nist.gov/vuln/detail/CVE-2018-5784 Patches from: CVE-2017-9935: https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940 CVE-2017-18013: https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01 CVE-2018-5784: https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-multimedia/libtiff/tiff_4.0.9.bb')
-rw-r--r--meta/recipes-multimedia/libtiff/tiff_4.0.9.bb3
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
index b8f895b143..8c3bba5c64 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
@@ -6,6 +6,9 @@ CVE_PRODUCT = "libtiff"
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://libtool2.patch \
+ file://CVE-2017-9935.patch \
+ file://CVE-2017-18013.patch \
+ file://CVE-2018-5784.patch \
"
SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-21 04:43:46 +0000