tiff: Security fixes
Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335 References: https://nvd.nist.gov/vuln/detail/CVE-2017-9147 https://nvd.nist.gov/vuln/detail/CVE-2017-9936 https://nvd.nist.gov/vuln/detail/CVE-2017-10668 https://nvd.nist.gov/vuln/detail/CVE-2017-11335 Patches from: CVE-2017-9147:4d4fa0b68a
CVE-2017-9936:fe8d716595
CVE-2017-10688:6173a57d39
CVE-2017-11355:69bfeec247
(From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3) (From OE-Core rev: eaf72d105bed54e332e2e5c0c5c0a0087ecd91dd) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> minor fixes to get to apply Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
cb4fd41504
commit
f77fdc9f9f
|
@ -0,0 +1,88 @@
|
|||
From 333ba5599e87bd7747516d7863d61764e4ca2d92 Mon Sep 17 00:00:00 2001
|
||||
From: Even Rouault <even.rouault@spatialys.com>
|
||||
Date: Fri, 30 Jun 2017 17:29:44 +0000
|
||||
Subject: [PATCH] * libtiff/tif_dirwrite.c: in
|
||||
TIFFWriteDirectoryTagCheckedXXXX() functions associated with LONG8/SLONG8
|
||||
data type, replace assertion that the file is BigTIFF, by a non-fatal error.
|
||||
Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2712 Reported by team
|
||||
OWL337
|
||||
|
||||
Upstream-Status: Backport
|
||||
[https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1]
|
||||
|
||||
CVE: CVE-2017-10688
|
||||
|
||||
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
||||
---
|
||||
ChangeLog | 8 ++++++++
|
||||
libtiff/tif_dirwrite.c | 20 ++++++++++++++++----
|
||||
2 files changed, 24 insertions(+), 4 deletions(-)
|
||||
|
||||
Index: tiff-4.0.7/ChangeLog
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/ChangeLog
|
||||
+++ tiff-4.0.7/ChangeLog
|
||||
@@ -1,3 +1,11 @@
|
||||
+2017-06-30 Even Rouault <even.rouault at spatialys.com>
|
||||
+
|
||||
+ * libtiff/tif_dirwrite.c: in TIFFWriteDirectoryTagCheckedXXXX()
|
||||
+ functions associated with LONG8/SLONG8 data type, replace assertion that
|
||||
+ the file is BigTIFF, by a non-fatal error.
|
||||
+ Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2712
|
||||
+ Reported by team OWL337
|
||||
+
|
||||
2017-06-26 Even Rouault <even.rouault at spatialys.com>
|
||||
|
||||
* libtiff/tif_jbig.c: fix memory leak in error code path of JBIGDecode()
|
||||
Index: tiff-4.0.7/libtiff/tif_dirwrite.c
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/libtiff/tif_dirwrite.c
|
||||
+++ tiff-4.0.7/libtiff/tif_dirwrite.c
|
||||
@@ -2047,7 +2047,10 @@ TIFFWriteDirectoryTagCheckedLong8(TIFF*
|
||||
{
|
||||
uint64 m;
|
||||
assert(sizeof(uint64)==8);
|
||||
- assert(tif->tif_flags&TIFF_BIGTIFF);
|
||||
+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
|
||||
+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","LONG8 not allowed for ClassicTIFF");
|
||||
+ return(0);
|
||||
+ }
|
||||
m=value;
|
||||
if (tif->tif_flags&TIFF_SWAB)
|
||||
TIFFSwabLong8(&m);
|
||||
@@ -2060,7 +2063,10 @@ TIFFWriteDirectoryTagCheckedLong8Array(T
|
||||
{
|
||||
assert(count<0x20000000);
|
||||
assert(sizeof(uint64)==8);
|
||||
- assert(tif->tif_flags&TIFF_BIGTIFF);
|
||||
+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
|
||||
+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","LONG8 not allowed for ClassicTIFF");
|
||||
+ return(0);
|
||||
+ }
|
||||
if (tif->tif_flags&TIFF_SWAB)
|
||||
TIFFSwabArrayOfLong8(value,count);
|
||||
return(TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_LONG8,count,count*8,value));
|
||||
@@ -2072,7 +2078,10 @@ TIFFWriteDirectoryTagCheckedSlong8(TIFF*
|
||||
{
|
||||
int64 m;
|
||||
assert(sizeof(int64)==8);
|
||||
- assert(tif->tif_flags&TIFF_BIGTIFF);
|
||||
+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
|
||||
+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","SLONG8 not allowed for ClassicTIFF");
|
||||
+ return(0);
|
||||
+ }
|
||||
m=value;
|
||||
if (tif->tif_flags&TIFF_SWAB)
|
||||
TIFFSwabLong8((uint64*)(&m));
|
||||
@@ -2085,7 +2094,10 @@ TIFFWriteDirectoryTagCheckedSlong8Array(
|
||||
{
|
||||
assert(count<0x20000000);
|
||||
assert(sizeof(int64)==8);
|
||||
- assert(tif->tif_flags&TIFF_BIGTIFF);
|
||||
+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
|
||||
+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","SLONG8 not allowed for ClassicTIFF");
|
||||
+ return(0);
|
||||
+ }
|
||||
if (tif->tif_flags&TIFF_SWAB)
|
||||
TIFFSwabArrayOfLong8((uint64*)value,count);
|
||||
return(TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_SLONG8,count,count*8,value));
|
|
@ -0,0 +1,54 @@
|
|||
From e8b15ccf8c9c593000f8202cf34cc6c4b936d01e Mon Sep 17 00:00:00 2001
|
||||
From: Even Rouault <even.rouault@spatialys.com>
|
||||
Date: Sat, 15 Jul 2017 11:13:46 +0000
|
||||
Subject: [PATCH] * tools/tiff2pdf.c: prevent heap buffer overflow write in
|
||||
"Raw" mode on PlanarConfig=Contig input images. Fixes
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2715 Reported by team OWL337
|
||||
|
||||
Upstream-Status: Backport
|
||||
[https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556]
|
||||
|
||||
CVE: CVE-2017-11355
|
||||
|
||||
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
||||
---
|
||||
ChangeLog | 7 +++++++
|
||||
tools/tiff2pdf.c | 7 ++++++-
|
||||
2 files changed, 13 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ChangeLog b/ChangeLog
|
||||
index 42eaeb7..6980da8 100644
|
||||
--- a/ChangeLog
|
||||
+++ b/ChangeLog
|
||||
@@ -1,3 +1,10 @@
|
||||
+2017-07-15 Even Rouault <even.rouault at spatialys.com>
|
||||
+
|
||||
+ * tools/tiff2pdf.c: prevent heap buffer overflow write in "Raw"
|
||||
+ mode on PlanarConfig=Contig input images.
|
||||
+ Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2715
|
||||
+ Reported by team OWL337
|
||||
+
|
||||
2017-06-30 Even Rouault <even.rouault at spatialys.com>
|
||||
|
||||
* libtiff/tif_dirwrite.c: in TIFFWriteDirectoryTagCheckedXXXX()
|
||||
diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
|
||||
index db196e0..cd1e235 100644
|
||||
--- a/tools/tiff2pdf.c
|
||||
+++ b/tools/tiff2pdf.c
|
||||
@@ -1737,7 +1737,12 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){
|
||||
return;
|
||||
|
||||
t2p->pdf_transcode = T2P_TRANSCODE_ENCODE;
|
||||
- if(t2p->pdf_nopassthrough==0){
|
||||
+ /* It seems that T2P_TRANSCODE_RAW mode doesn't support separate->contig */
|
||||
+ /* conversion. At least t2p_read_tiff_size and t2p_read_tiff_size_tile */
|
||||
+ /* do not take into account the number of samples, and thus */
|
||||
+ /* that can cause heap buffer overflows such as in */
|
||||
+ /* http://bugzilla.maptools.org/show_bug.cgi?id=2715 */
|
||||
+ if(t2p->pdf_nopassthrough==0 && t2p->tiff_planar!=PLANARCONFIG_SEPARATE){
|
||||
#ifdef CCITT_SUPPORT
|
||||
if(t2p->tiff_compression==COMPRESSION_CCITTFAX4
|
||||
){
|
||||
--
|
||||
2.7.4
|
||||
|
|
@ -0,0 +1,203 @@
|
|||
From 0acf01fea714af573b814e10cf105c3359a236c3 Mon Sep 17 00:00:00 2001
|
||||
From: erouault <erouault>
|
||||
Date: Thu, 1 Jun 2017 12:44:04 +0000
|
||||
Subject: [PATCH] * libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(),
|
||||
and use it in TIFFReadDirectory() so as to ignore fields whose tag is a
|
||||
codec-specified tag but this codec is not enabled. This avoids TIFFGetField()
|
||||
to behave differently depending on whether the codec is enabled or not, and
|
||||
thus can avoid stack based buffer overflows in a number of TIFF utilities
|
||||
such as tiffsplit, tiffcmp, thumbnail, etc.
|
||||
Patch derived from 0063-Handle-properly-CODEC-specific-tags.patch
|
||||
(http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël Hertzog.
|
||||
Fixes:
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2580
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2693
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2625 (CVE-2016-10095)
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2564 (CVE-2015-7554)
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2561 (CVE-2016-5318)
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2499 (CVE-2014-8128)
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2441
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2433
|
||||
|
||||
Upstream-Status: Backport
|
||||
[https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06]
|
||||
|
||||
CVE: CVE-2017-9147
|
||||
|
||||
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
||||
---
|
||||
ChangeLog | 20 ++++++++++
|
||||
libtiff/tif_dir.h | 1 +
|
||||
libtiff/tif_dirinfo.c | 103 ++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
libtiff/tif_dirread.c | 4 ++
|
||||
4 files changed, 128 insertions(+)
|
||||
|
||||
Index: tiff-4.0.7/ChangeLog
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/ChangeLog
|
||||
+++ tiff-4.0.7/ChangeLog
|
||||
@@ -1,3 +1,23 @@
|
||||
+2017-06-01 Even Rouault <even.rouault at spatialys.com>
|
||||
+
|
||||
+ * libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(),
|
||||
+ and use it in TIFFReadDirectory() so as to ignore fields whose tag is a
|
||||
+ codec-specified tag but this codec is not enabled. This avoids TIFFGetField()
|
||||
+ to behave differently depending on whether the codec is enabled or not, and
|
||||
+ thus can avoid stack based buffer overflows in a number of TIFF utilities
|
||||
+ such as tiffsplit, tiffcmp, thumbnail, etc.
|
||||
+ Patch derived from 0063-Handle-properly-CODEC-specific-tags.patch
|
||||
+ (http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël Hertzog.
|
||||
+ Fixes:
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2580
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2693
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2625 (CVE-2016-10095)
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2564 (CVE-2015-7554)
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2561 (CVE-2016-5318)
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2499 (CVE-2014-8128)
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2441
|
||||
+ http://bugzilla.maptools.org/show_bug.cgi?id=2433
|
||||
+
|
||||
2017-01-11 Even Rouault <even.rouault at spatialys.com>
|
||||
|
||||
* tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and
|
||||
Index: tiff-4.0.7/libtiff/tif_dir.h
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/libtiff/tif_dir.h
|
||||
+++ tiff-4.0.7/libtiff/tif_dir.h
|
||||
@@ -291,6 +291,7 @@ struct _TIFFField {
|
||||
extern int _TIFFMergeFields(TIFF*, const TIFFField[], uint32);
|
||||
extern const TIFFField* _TIFFFindOrRegisterField(TIFF *, uint32, TIFFDataType);
|
||||
extern TIFFField* _TIFFCreateAnonField(TIFF *, uint32, TIFFDataType);
|
||||
+extern int _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag);
|
||||
|
||||
#if defined(__cplusplus)
|
||||
}
|
||||
Index: tiff-4.0.7/libtiff/tif_dirinfo.c
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/libtiff/tif_dirinfo.c
|
||||
+++ tiff-4.0.7/libtiff/tif_dirinfo.c
|
||||
@@ -956,6 +956,109 @@ TIFFMergeFieldInfo(TIFF* tif, const TIFF
|
||||
return 0;
|
||||
}
|
||||
|
||||
+int
|
||||
+_TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag)
|
||||
+{
|
||||
+ /* Filter out non-codec specific tags */
|
||||
+ switch (tag) {
|
||||
+ /* Shared tags */
|
||||
+ case TIFFTAG_PREDICTOR:
|
||||
+ /* JPEG tags */
|
||||
+ case TIFFTAG_JPEGTABLES:
|
||||
+ /* OJPEG tags */
|
||||
+ case TIFFTAG_JPEGIFOFFSET:
|
||||
+ case TIFFTAG_JPEGIFBYTECOUNT:
|
||||
+ case TIFFTAG_JPEGQTABLES:
|
||||
+ case TIFFTAG_JPEGDCTABLES:
|
||||
+ case TIFFTAG_JPEGACTABLES:
|
||||
+ case TIFFTAG_JPEGPROC:
|
||||
+ case TIFFTAG_JPEGRESTARTINTERVAL:
|
||||
+ /* CCITT* */
|
||||
+ case TIFFTAG_BADFAXLINES:
|
||||
+ case TIFFTAG_CLEANFAXDATA:
|
||||
+ case TIFFTAG_CONSECUTIVEBADFAXLINES:
|
||||
+ case TIFFTAG_GROUP3OPTIONS:
|
||||
+ case TIFFTAG_GROUP4OPTIONS:
|
||||
+ break;
|
||||
+ default:
|
||||
+ return 1;
|
||||
+ }
|
||||
+ /* Check if codec specific tags are allowed for the current
|
||||
+ * compression scheme (codec) */
|
||||
+ switch (tif->tif_dir.td_compression) {
|
||||
+ case COMPRESSION_LZW:
|
||||
+ if (tag == TIFFTAG_PREDICTOR)
|
||||
+ return 1;
|
||||
+ break;
|
||||
+ case COMPRESSION_PACKBITS:
|
||||
+ /* No codec-specific tags */
|
||||
+ break;
|
||||
+ case COMPRESSION_THUNDERSCAN:
|
||||
+ /* No codec-specific tags */
|
||||
+ break;
|
||||
+ case COMPRESSION_NEXT:
|
||||
+ /* No codec-specific tags */
|
||||
+ break;
|
||||
+ case COMPRESSION_JPEG:
|
||||
+ if (tag == TIFFTAG_JPEGTABLES)
|
||||
+ return 1;
|
||||
+ break;
|
||||
+ case COMPRESSION_OJPEG:
|
||||
+ switch (tag) {
|
||||
+ case TIFFTAG_JPEGIFOFFSET:
|
||||
+ case TIFFTAG_JPEGIFBYTECOUNT:
|
||||
+ case TIFFTAG_JPEGQTABLES:
|
||||
+ case TIFFTAG_JPEGDCTABLES:
|
||||
+ case TIFFTAG_JPEGACTABLES:
|
||||
+ case TIFFTAG_JPEGPROC:
|
||||
+ case TIFFTAG_JPEGRESTARTINTERVAL:
|
||||
+ return 1;
|
||||
+ }
|
||||
+ break;
|
||||
+ case COMPRESSION_CCITTRLE:
|
||||
+ case COMPRESSION_CCITTRLEW:
|
||||
+ case COMPRESSION_CCITTFAX3:
|
||||
+ case COMPRESSION_CCITTFAX4:
|
||||
+ switch (tag) {
|
||||
+ case TIFFTAG_BADFAXLINES:
|
||||
+ case TIFFTAG_CLEANFAXDATA:
|
||||
+ case TIFFTAG_CONSECUTIVEBADFAXLINES:
|
||||
+ return 1;
|
||||
+ case TIFFTAG_GROUP3OPTIONS:
|
||||
+ if (tif->tif_dir.td_compression == COMPRESSION_CCITTFAX3)
|
||||
+ return 1;
|
||||
+ break;
|
||||
+ case TIFFTAG_GROUP4OPTIONS:
|
||||
+ if (tif->tif_dir.td_compression == COMPRESSION_CCITTFAX4)
|
||||
+ return 1;
|
||||
+ break;
|
||||
+ }
|
||||
+ break;
|
||||
+ case COMPRESSION_JBIG:
|
||||
+ /* No codec-specific tags */
|
||||
+ break;
|
||||
+ case COMPRESSION_DEFLATE:
|
||||
+ case COMPRESSION_ADOBE_DEFLATE:
|
||||
+ if (tag == TIFFTAG_PREDICTOR)
|
||||
+ return 1;
|
||||
+ break;
|
||||
+ case COMPRESSION_PIXARLOG:
|
||||
+ if (tag == TIFFTAG_PREDICTOR)
|
||||
+ return 1;
|
||||
+ break;
|
||||
+ case COMPRESSION_SGILOG:
|
||||
+ case COMPRESSION_SGILOG24:
|
||||
+ /* No codec-specific tags */
|
||||
+ break;
|
||||
+ case COMPRESSION_LZMA:
|
||||
+ if (tag == TIFFTAG_PREDICTOR)
|
||||
+ return 1;
|
||||
+ break;
|
||||
+
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
/* vim: set ts=8 sts=8 sw=8 noet: */
|
||||
|
||||
/*
|
||||
Index: tiff-4.0.7/libtiff/tif_dirread.c
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/libtiff/tif_dirread.c
|
||||
+++ tiff-4.0.7/libtiff/tif_dirread.c
|
||||
@@ -3566,6 +3566,10 @@ TIFFReadDirectory(TIFF* tif)
|
||||
goto bad;
|
||||
dp->tdir_tag=IGNORE;
|
||||
break;
|
||||
+ default:
|
||||
+ if( !_TIFFCheckFieldIsValidForCodec(tif, dp->tdir_tag) )
|
||||
+ dp->tdir_tag=IGNORE;
|
||||
+ break;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
From 62efea76592647426deec5592fd7274d5c950646 Mon Sep 17 00:00:00 2001
|
||||
From: Even Rouault <even.rouault@spatialys.com>
|
||||
Date: Mon, 26 Jun 2017 15:19:59 +0000
|
||||
Subject: [PATCH] * libtiff/tif_jbig.c: fix memory leak in error code path of
|
||||
JBIGDecode() Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2706 Reported
|
||||
by team OWL337
|
||||
|
||||
* libtiff/tif_jpeg.c: error out at decoding time if anticipated libjpeg
|
||||
|
||||
Upstream-Status: Backport
|
||||
[https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a]
|
||||
|
||||
CVE: CVE-2017-9936
|
||||
|
||||
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
||||
---
|
||||
ChangeLog | 6 ++++++
|
||||
libtiff/tif_jbig.c | 1 +
|
||||
2 files changed, 7 insertions(+)
|
||||
|
||||
Index: tiff-4.0.7/ChangeLog
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/ChangeLog
|
||||
+++ tiff-4.0.7/ChangeLog
|
||||
@@ -1,3 +1,9 @@
|
||||
+2017-06-26 Even Rouault <even.rouault at spatialys.com>
|
||||
+
|
||||
+ * libtiff/tif_jbig.c: fix memory leak in error code path of JBIGDecode()
|
||||
+ Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2706
|
||||
+ Reported by team OWL337
|
||||
+
|
||||
2017-06-01 Even Rouault <even.rouault at spatialys.com>
|
||||
|
||||
* libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(),
|
||||
Index: tiff-4.0.7/libtiff/tif_jbig.c
|
||||
===================================================================
|
||||
--- tiff-4.0.7.orig/libtiff/tif_jbig.c
|
||||
+++ tiff-4.0.7/libtiff/tif_jbig.c
|
||||
@@ -94,6 +94,7 @@ static int JBIGDecode(TIFF* tif, uint8*
|
||||
jbg_strerror(decodeStatus)
|
||||
#endif
|
||||
);
|
||||
+ jbg_dec_free(&decoder);
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -7,6 +7,10 @@ CVE_PRODUCT = "libtiff"
|
|||
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
|
||||
file://libtool2.patch \
|
||||
file://libtiff-CVE-2017-5225.patch \
|
||||
file://CVE-2017-9147.patch \
|
||||
file://CVE-2017-9936.patch \
|
||||
file://CVE-2017-10688.patch \
|
||||
file://CVE-2017-11335.patch \
|
||||
"
|
||||
|
||||
SRC_URI[md5sum] = "77ae928d2c6b7fb46a21c3a29325157b"
|
||||
|
|
Loading…
Reference in New Issue