mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-20 00:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
2ce56bd707939989cffa77944943e76cbe502d87
poky/meta
History
Yogita Urade 2ce56bd707 tiff: fix CVE-2025-9900 
A flaw was found in Libtiff. This vulnerability is a "write-what-where"
condition, triggered when the library processes a specially crafted TIFF
image file.[EOL][EOL]By providing an abnormally large image height value
in the file's metadata, an attacker can trick the library into writing
attacker-controlled color data to an arbitrary memory location. This
memory corruption can be exploited to cause a denial of service (application
crash) or to achieve arbitrary code execution with the permissions of the user.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9900

Upstream patch:
3e0dcf0ec6

(From OE-Core rev: c1303b8eb4e85a031a175867361876a256bfb763)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-10-09 12:16:45 -07:00
..
classes
cve-check: Add missing call to exit_if_errors
2025-08-22 05:59:54 -07:00
classes-global
sanity.bbclass: skip check_userns for non-local uid
2025-01-09 06:25:36 -08:00
classes-recipe
uboot: Allow for customizing installed/deployed file names
2025-07-07 07:42:58 -07:00
conf
sanity.conf: Update minimum bitbake version to 2.8.1
2025-09-30 08:01:59 -07:00
files
meta: Enable '-o pipefail' for the SDK installer
2025-03-05 06:03:47 -08:00
lib
lib/oe/utils: use multiprocessing from bb
2025-09-30 08:01:59 -07:00
recipes-bsp
grub2: fix CVE-2024-56738
2025-09-22 13:17:52 -07:00
recipes-connectivity
buildtools-tarball: fix unbound variable issues under 'set -u'
2025-09-22 13:17:52 -07:00
recipes-core
util-linux: use ${B} instead of ${WORKDIR}/build, to fix building under devtool
2025-09-30 08:01:59 -07:00
recipes-devtools
llvm: fix build with gcc-15
2025-09-30 08:01:59 -07:00
recipes-extended
examples: genl: fix wrong attribute size
2025-09-30 08:01:59 -07:00
recipes-gnome
gdk-pixbuf: fix CVE-2025-7345
2025-07-21 09:07:21 -07:00
recipes-graphics
cairo: fix build with gcc-15 on host
2025-08-22 05:59:55 -07:00
recipes-kernel
systemtap: Fix task_work_cancel build
2025-09-22 13:17:52 -07:00
recipes-multimedia
tiff: fix CVE-2025-9900
2025-10-09 12:16:45 -07:00
recipes-rt
rt-tests: rt_bmark.py: fix TypeError
2024-08-06 19:11:18 -07:00
recipes-sato
puzzles: ignore three new CVEs for a different puzzles
2025-03-15 06:40:07 -07:00
recipes-support
vim: upgrade 9.1.1652 -> 9.1.1683
2025-09-30 08:01:59 -07:00
site
site: remove at-spi2-core values
2023-09-02 07:45:29 +01:00
COPYING.MIT
recipes.txt
Remove LSB support
2019-08-29 14:05:12 +01:00