tiff: mark CVE-2023-30774 as patched

[1] points tu issue [2] which was fixed by [3] together with lot of other issues. We already have this patch, so mark CVE-2023-30774 in it. Also split CVE tag to separate entries. [1] https://nvd.nist.gov/vuln/detail/CVE-2023-30774 [2] https://gitlab.com/libtiff/libtiff/-/issues/463 [3] https://gitlab.com/libtiff/libtiff/-/merge_requests/385 (From OE-Core rev: 87893c72efbba029c5f2a9e8e3fff126b2a0cb71) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-06-07 06:52:39 +02:00 · 2025-03-16 17:50:25 +01:00
parent 8660c1bd8d
commit 88aec329b8
1 changed files with 3 additions and 1 deletions
--- a/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
+++ b/meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
@@ -23,7 +23,9 @@ This MR will close the following issues:  #149, #150, #152, #168 (to be checked)

 It also fixes the old bug at http://bugzilla.maptools.org/show_bug.cgi?id=2599, for which the limitation of `NumberOfInks = SPP` was introduced, which is in my opinion not necessary and does not solve the general issue.

-CVE: CVE-2022-3599 CVE-2022-4645
+CVE: CVE-2022-3599
+CVE: CVE-2022-4645
+CVE: CVE-2023-30774
 Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246.patch]
 Signed-off-by: Ross Burton <ross.burton@arm.com>
 Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>