Files
poky/meta/recipes-multimedia/libtiff/files/CVE-2017-9936.patch
Yi Zhao f77fdc9f9f tiff: Security fixes
Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335

References:
https://nvd.nist.gov/vuln/detail/CVE-2017-9147
https://nvd.nist.gov/vuln/detail/CVE-2017-9936
https://nvd.nist.gov/vuln/detail/CVE-2017-10668
https://nvd.nist.gov/vuln/detail/CVE-2017-11335

Patches from:
CVE-2017-9147:
4d4fa0b68a
CVE-2017-9936:
fe8d716595
CVE-2017-10688:
6173a57d39
CVE-2017-11355:
69bfeec247

(From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3)

(From OE-Core rev: eaf72d105bed54e332e2e5c0c5c0a0087ecd91dd)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

minor fixes to get to apply

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11 22:15:58 +01:00

47 lines
1.5 KiB
Diff

From 62efea76592647426deec5592fd7274d5c950646 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Mon, 26 Jun 2017 15:19:59 +0000
Subject: [PATCH] * libtiff/tif_jbig.c: fix memory leak in error code path of
JBIGDecode() Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2706 Reported
by team OWL337
* libtiff/tif_jpeg.c: error out at decoding time if anticipated libjpeg
Upstream-Status: Backport
[https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a]
CVE: CVE-2017-9936
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
ChangeLog | 6 ++++++
libtiff/tif_jbig.c | 1 +
2 files changed, 7 insertions(+)
Index: tiff-4.0.7/ChangeLog
===================================================================
--- tiff-4.0.7.orig/ChangeLog
+++ tiff-4.0.7/ChangeLog
@@ -1,3 +1,9 @@
+2017-06-26 Even Rouault <even.rouault at spatialys.com>
+
+ * libtiff/tif_jbig.c: fix memory leak in error code path of JBIGDecode()
+ Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2706
+ Reported by team OWL337
+
2017-06-01 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(),
Index: tiff-4.0.7/libtiff/tif_jbig.c
===================================================================
--- tiff-4.0.7.orig/libtiff/tif_jbig.c
+++ tiff-4.0.7/libtiff/tif_jbig.c
@@ -94,6 +94,7 @@ static int JBIGDecode(TIFF* tif, uint8*
jbg_strerror(decodeStatus)
#endif
);
+ jbg_dec_free(&decoder);
return 0;
}