[2/3] tiff: backport fix for CVE-2022-48281

Message ID	20230220162817.180458-2-ross.burton@arm.com
State	Accepted, archived
Commit	bf0cf66c10c95ddada595dd5a84b45235c09ebab
Headers	show Return-Path: <ross.burton@arm.com> ip: 217.140.110.172, mailfrom: ross.burton@arm.com) From: Ross Burton <ross.burton@arm.com> To: openembedded-core@lists.openembedded.org Cc: nd@arm.com Subject: [PATCH 2/3] tiff: backport fix for CVE-2022-48281 Date: Mon, 20 Feb 2023 16:28:16 +0000 Message-Id: <20230220162817.180458-2-ross.burton@arm.com> In-Reply-To: <20230220162817.180458-1-ross.burton@arm.com> References: <20230220162817.180458-1-ross.burton@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable
Series	[1/3] less: backport the fix for CVE-2022-46663 \| expand [1/3] less: backport the fix for CVE-2022-46663 [2/3] tiff: backport fix for CVE-2022-48281 [3/3] glibc: backport the fix for CVE-2023-25139

Message ID

20230220162817.180458-2-ross.burton@arm.com

State

Accepted, archived

Commit

bf0cf66c10c95ddada595dd5a84b45235c09ebab

Headers

From: Ross Burton <ross.burton@arm.com>
To: openembedded-core@lists.openembedded.org
Cc: nd@arm.com
Subject: [PATCH 2/3] tiff: backport fix for CVE-2022-48281
Date: Mon, 20 Feb 2023 16:28:16 +0000
Message-Id: <20230220162817.180458-2-ross.burton@arm.com>
In-Reply-To: <20230220162817.180458-1-ross.burton@arm.com>
References: <20230220162817.180458-1-ross.burton@arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Series

[1/3] less: backport the fix for CVE-2022-46663 | expand

Commit Message

Ross Burton Feb. 20, 2023, 4:28 p.m. UTC

Signed-off-by: Ross Burton <ross.burton@arm.com>
---
 .../libtiff/files/CVE-2022-48281.patch        | 29 +++++++++++++++++++
 meta/recipes-multimedia/libtiff/tiff_4.5.0.bb |  3 +-
 2 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch

diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch b/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch
new file mode 100644
index 00000000000..e356d377ead
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch
@@ -0,0 +1,29 @@ 
+CVE: CVE-2022-48281
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001
+From: Su Laus <sulau@freenet.de>
+Date: Sat, 21 Jan 2023 15:58:10 +0000
+Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488.
+
+---
+ tools/tiffcrop.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index 14fa18da..7db69883 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -8591,7 +8591,7 @@ static int processCropSelections(struct image_data *image,
+                     cropsize + NUM_BUFF_OVERSIZE_BYTES);
+             else
+             {
+-                prev_cropsize = seg_buffs[0].size;
++                prev_cropsize = seg_buffs[i].size;
+                 if (prev_cropsize < cropsize)
+                 {
+                     next_buff = _TIFFrealloc(
+-- 
+GitLab
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
index e2cb512892b..f8a2482a848 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
@@ -8,7 +8,8 @@  LIC_FILES_CHKSUM = "file://LICENSE.md;md5=a3e32d664d6db1386b4689c8121531c3"
 
 CVE_PRODUCT = "libtiff"
 
-SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz"
+SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
+           file://CVE-2022-48281.patch"
 
 SRC_URI[sha256sum] = "c7a1d9296649233979fa3eacffef3fa024d73d05d589cb622727b5b08c423464"

[2/3] tiff: backport fix for CVE-2022-48281

Commit Message

Patch