mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-20 14:19:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

tiff: patch CVE-2025-61144

Browse Source 
Pick patch from merge request mentioned in NVD report.

(From OE-Core rev: de9ef3f41dc00ef53231d76560d8d5face7f9a3e)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
This commit is contained in:
Peter Marko
2026-03-08 23:42:39 +01:00
committed by Paul Barker
parent 20c48403c1
commit 28f7821cc4
2 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
meta/recipes-multimedia/libtiff/tiff/CVE-2025-61144.patch Normal file
View File

@@ -0,0 +1,27 @@
From 88cf9dbb48f6e172629795ecffae35d5052f68aa Mon Sep 17 00:00:00 2001
From: Lee Howard <faxguy@howardsilvan.com>
Date: Fri, 5 Sep 2025 21:46:03 +0000
Subject: [PATCH] tiffcrop: avoid buffer overflow
Fixes #740
CVE: CVE-2025-61144
Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
tools/tiffcrop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
index ae414efc..afa1cce5 100644
--- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c
@@ -3913,7 +3913,7 @@ combineSeparateSamplesBytes (unsigned char *srcbuffs[], unsigned char *out,
{
if ((dumpfile != NULL) && (level == 2))
{
- for (s = 0; s < spp; s++)
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
{
dump_info (dumpfile, format, "combineSeparateSamplesBytes","Input data, Sample %"PRIu16, s);
dump_buffer(dumpfile, format, 1, cols, row, srcbuffs[s] + (row * src_rowsize));

1
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
View File

@@ -66,6 +66,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2025-8961.patch \
file://CVE-2025-9165.patch \
file://CVE-2025-61143.patch \
file://CVE-2025-61144.patch \
"
SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8"