From: Pawan Badganchi <pawan.badgan...@kpit.com> Below patch fixes the CVE-2022-4645 as well.
0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch Link: https://nvd.nist.gov/vuln/detail/CVE-2022-4645 Signed-off-by: Pawan Badganchi <pawan.badgan...@kpit.com> --- ...evised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch b/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch index 37859c9192..17b37be041 100644 --- a/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch +++ b/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch @@ -23,9 +23,10 @@ This MR will close the following issues: #149, #150, #152, #168 (to be checked) It also fixes the old bug at http://bugzilla.maptools.org/show_bug.cgi?id=2599, for which the limitation of `NumberOfInks = SPP` was introduced, which is in my opinion not necessary and does not solve the general issue. -CVE: CVE-2022-3599 -Upstream-Status: Backport +CVE: CVE-2022-3599 CVE-2022-4645 +Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246.patch] Signed-off-by: Ross Burton <ross.bur...@arm.com> +Signed-off-by: Pawan Badganchi <pawan.badgan...@kpit.com> --- libtiff/tif_dir.c | 119 ++++++++++++++++++++++++----------------- libtiff/tif_dir.h | 2 + -- 2.38.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#179923): https://lists.openembedded.org/g/openembedded-core/message/179923 Mute This Topic: https://lists.openembedded.org/mt/98198689/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
