* [PATCH 1/1] tiff: security fix CVE-2018-10963
@ 2018-07-10 23:03 Joe Slater
2018-07-10 23:48 ` akuster808
0 siblings, 1 reply; 6+ messages in thread
From: Joe Slater @ 2018-07-10 23:03 UTC (permalink / raw)
To: openembedded-core
Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
---
.../libtiff/files/CVE-2018-10963.patch | 41 ++++++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 1 +
2 files changed, 42 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
new file mode 100644
index 0000000..13a1eb5
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
@@ -0,0 +1,41 @@
+From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sat, 12 May 2018 14:24:15 +0200
+Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
+ http://bugzilla.maptools.org/show_bug.cgi?id=2795.
+ CVE-2018-10963
+
+---
+CVE: CVE-2018-10963
+
+Same patch as applied to 4.0.8.
+
+Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+---
+ libtiff/tif_dirwrite.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
+index 2430de6..c15a28d 100644
+--- a/libtiff/tif_dirwrite.c
++++ b/libtiff/tif_dirwrite.c
+@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
+ }
+ break;
+ default:
+- assert(0); /* we should never get here */
+- break;
++ TIFFErrorExt(tif->tif_clientdata,module,
++ "Cannot write tag %d (%s)",
++ TIFFFieldTag(o),
++ o->field_name ? o->field_name : "unknown");
++ goto bad;
+ }
+ }
+ }
+--
+1.7.9.5
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
index 8c3bba5..e8e2a11 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
@@ -9,6 +9,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2017-9935.patch \
file://CVE-2017-18013.patch \
file://CVE-2018-5784.patch \
+ file://CVE-2018-10963.patch \
"
SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
--
2.7.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 1/1] tiff: security fix CVE-2018-10963
2018-07-10 23:03 [PATCH 1/1] tiff: security fix CVE-2018-10963 Joe Slater
@ 2018-07-10 23:48 ` akuster808
2018-07-10 23:56 ` Slater, Joseph
0 siblings, 1 reply; 6+ messages in thread
From: akuster808 @ 2018-07-10 23:48 UTC (permalink / raw)
To: Joe Slater, openembedded-core
On 07/10/2018 04:03 PM, Joe Slater wrote:
> Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
>
> Signed-off-by: Joe Slater <joe.slater@windriver.com>
> ---
> .../libtiff/files/CVE-2018-10963.patch | 41 ++++++++++++++++++++++
> meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 1 +
> 2 files changed, 42 insertions(+)
> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>
> diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
> new file mode 100644
> index 0000000..13a1eb5
> --- /dev/null
> +++ b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
> @@ -0,0 +1,41 @@
> +From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
> +From: Even Rouault <even.rouault@spatialys.com>
> +Date: Sat, 12 May 2018 14:24:15 +0200
> +Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
> + http://bugzilla.maptools.org/show_bug.cgi?id=2795.
> + CVE-2018-10963
> +
> +---
> +CVE: CVE-2018-10963
> +
> +Same patch as applied to 4.0.8.
I don't know what that means. The fix is in 4.0.8 or this patch applies
cleanly to 4.0.8 or affects < 4.0.8.
- armin
> +
> +Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
> +
> +Signed-off-by: Joe Slater <joe.slater@windriver.com>
> +
> +---
> + libtiff/tif_dirwrite.c | 7 +++++--
> + 1 file changed, 5 insertions(+), 2 deletions(-)
> +
> +diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
> +index 2430de6..c15a28d 100644
> +--- a/libtiff/tif_dirwrite.c
> ++++ b/libtiff/tif_dirwrite.c
> +@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
> + }
> + break;
> + default:
> +- assert(0); /* we should never get here */
> +- break;
> ++ TIFFErrorExt(tif->tif_clientdata,module,
> ++ "Cannot write tag %d (%s)",
> ++ TIFFFieldTag(o),
> ++ o->field_name ? o->field_name : "unknown");
> ++ goto bad;
> + }
> + }
> + }
> +--
> +1.7.9.5
> +
> diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> index 8c3bba5..e8e2a11 100644
> --- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> @@ -9,6 +9,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
> file://CVE-2017-9935.patch \
> file://CVE-2017-18013.patch \
> file://CVE-2018-5784.patch \
> + file://CVE-2018-10963.patch \
> "
>
> SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/1] tiff: security fix CVE-2018-10963
2018-07-10 23:48 ` akuster808
@ 2018-07-10 23:56 ` Slater, Joseph
2018-07-12 16:29 ` Slater, Joseph
0 siblings, 1 reply; 6+ messages in thread
From: Slater, Joseph @ 2018-07-10 23:56 UTC (permalink / raw)
To: akuster808, openembedded-core
Yes, it is not clear. What it means is that the patch was applied to 4.0.8 code, but not, I think, 4.0.8 code as seen on openembedded-core before 4.0.8 was obsolete. It still applies for 4.0.9.
Joe
-----Original Message-----
From: akuster808 [mailto:akuster808@gmail.com]
Sent: Tuesday, July 10, 2018 4:48 PM
To: Slater, Joseph; openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [oe-core][PATCH 1/1] tiff: security fix CVE-2018-10963
On 07/10/2018 04:03 PM, Joe Slater wrote:
> Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
>
> Signed-off-by: Joe Slater <joe.slater@windriver.com>
> ---
> .../libtiff/files/CVE-2018-10963.patch | 41 ++++++++++++++++++++++
> meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 1 +
> 2 files changed, 42 insertions(+)
> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>
> diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
> new file mode 100644
> index 0000000..13a1eb5
> --- /dev/null
> +++ b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
> @@ -0,0 +1,41 @@
> +From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
> +From: Even Rouault <even.rouault@spatialys.com>
> +Date: Sat, 12 May 2018 14:24:15 +0200
> +Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
> + http://bugzilla.maptools.org/show_bug.cgi?id=2795.
> + CVE-2018-10963
> +
> +---
> +CVE: CVE-2018-10963
> +
> +Same patch as applied to 4.0.8.
I don't know what that means. The fix is in 4.0.8 or this patch applies
cleanly to 4.0.8 or affects < 4.0.8.
- armin
> +
> +Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
> +
> +Signed-off-by: Joe Slater <joe.slater@windriver.com>
> +
> +---
> + libtiff/tif_dirwrite.c | 7 +++++--
> + 1 file changed, 5 insertions(+), 2 deletions(-)
> +
> +diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
> +index 2430de6..c15a28d 100644
> +--- a/libtiff/tif_dirwrite.c
> ++++ b/libtiff/tif_dirwrite.c
> +@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
> + }
> + break;
> + default:
> +- assert(0); /* we should never get here */
> +- break;
> ++ TIFFErrorExt(tif->tif_clientdata,module,
> ++ "Cannot write tag %d (%s)",
> ++ TIFFFieldTag(o),
> ++ o->field_name ? o->field_name : "unknown");
> ++ goto bad;
> + }
> + }
> + }
> +--
> +1.7.9.5
> +
> diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> index 8c3bba5..e8e2a11 100644
> --- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> @@ -9,6 +9,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
> file://CVE-2017-9935.patch \
> file://CVE-2017-18013.patch \
> file://CVE-2018-5784.patch \
> + file://CVE-2018-10963.patch \
> "
>
> SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/1] tiff: security fix CVE-2018-10963
2018-07-10 23:56 ` Slater, Joseph
@ 2018-07-12 16:29 ` Slater, Joseph
2018-07-12 16:40 ` Burton, Ross
0 siblings, 1 reply; 6+ messages in thread
From: Slater, Joseph @ 2018-07-12 16:29 UTC (permalink / raw)
To: akuster808, openembedded-core
Should this be resubmitted? I could always remove the comment about 4.0.8. Joe
________________________________________
From: Slater, Joseph
Sent: Tuesday, July 10, 2018 4:56 PM
To: akuster808; openembedded-core@lists.openembedded.org
Subject: RE: [OE-core] [oe-core][PATCH 1/1] tiff: security fix CVE-2018-10963
Yes, it is not clear. What it means is that the patch was applied to 4.0.8 code, but not, I think, 4.0.8 code as seen on openembedded-core before 4.0.8 was obsolete. It still applies for 4.0.9.
Joe
-----Original Message-----
From: akuster808 [mailto:akuster808@gmail.com]
Sent: Tuesday, July 10, 2018 4:48 PM
To: Slater, Joseph; openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [oe-core][PATCH 1/1] tiff: security fix CVE-2018-10963
On 07/10/2018 04:03 PM, Joe Slater wrote:
> Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
>
> Signed-off-by: Joe Slater <joe.slater@windriver.com>
> ---
> .../libtiff/files/CVE-2018-10963.patch | 41 ++++++++++++++++++++++
> meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 1 +
> 2 files changed, 42 insertions(+)
> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>
> diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
> new file mode 100644
> index 0000000..13a1eb5
> --- /dev/null
> +++ b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
> @@ -0,0 +1,41 @@
> +From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
> +From: Even Rouault <even.rouault@spatialys.com>
> +Date: Sat, 12 May 2018 14:24:15 +0200
> +Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
> + http://bugzilla.maptools.org/show_bug.cgi?id=2795.
> + CVE-2018-10963
> +
> +---
> +CVE: CVE-2018-10963
> +
> +Same patch as applied to 4.0.8.
I don't know what that means. The fix is in 4.0.8 or this patch applies
cleanly to 4.0.8 or affects < 4.0.8.
- armin
> +
> +Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
> +
> +Signed-off-by: Joe Slater <joe.slater@windriver.com>
> +
> +---
> + libtiff/tif_dirwrite.c | 7 +++++--
> + 1 file changed, 5 insertions(+), 2 deletions(-)
> +
> +diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
> +index 2430de6..c15a28d 100644
> +--- a/libtiff/tif_dirwrite.c
> ++++ b/libtiff/tif_dirwrite.c
> +@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
> + }
> + break;
> + default:
> +- assert(0); /* we should never get here */
> +- break;
> ++ TIFFErrorExt(tif->tif_clientdata,module,
> ++ "Cannot write tag %d (%s)",
> ++ TIFFFieldTag(o),
> ++ o->field_name ? o->field_name : "unknown");
> ++ goto bad;
> + }
> + }
> + }
> +--
> +1.7.9.5
> +
> diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> index 8c3bba5..e8e2a11 100644
> --- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
> @@ -9,6 +9,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
> file://CVE-2017-9935.patch \
> file://CVE-2017-18013.patch \
> file://CVE-2018-5784.patch \
> + file://CVE-2018-10963.patch \
> "
>
> SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/1] tiff: security fix CVE-2018-10963
2018-07-12 16:29 ` Slater, Joseph
@ 2018-07-12 16:40 ` Burton, Ross
2018-07-12 16:56 ` Andre McCurdy
0 siblings, 1 reply; 6+ messages in thread
From: Burton, Ross @ 2018-07-12 16:40 UTC (permalink / raw)
To: Slater, Joseph; +Cc: openembedded-core
Please.
Ross
On 12 July 2018 at 17:29, Slater, Joseph <joe.slater@windriver.com> wrote:
> Should this be resubmitted? I could always remove the comment about 4.0.8. Joe
> ________________________________________
> From: Slater, Joseph
> Sent: Tuesday, July 10, 2018 4:56 PM
> To: akuster808; openembedded-core@lists.openembedded.org
> Subject: RE: [OE-core] [oe-core][PATCH 1/1] tiff: security fix CVE-2018-10963
>
> Yes, it is not clear. What it means is that the patch was applied to 4.0.8 code, but not, I think, 4.0.8 code as seen on openembedded-core before 4.0.8 was obsolete. It still applies for 4.0.9.
>
> Joe
>
> -----Original Message-----
> From: akuster808 [mailto:akuster808@gmail.com]
> Sent: Tuesday, July 10, 2018 4:48 PM
> To: Slater, Joseph; openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core] [oe-core][PATCH 1/1] tiff: security fix CVE-2018-10963
>
>
>
> On 07/10/2018 04:03 PM, Joe Slater wrote:
>> Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
>>
>> Signed-off-by: Joe Slater <joe.slater@windriver.com>
>> ---
>> .../libtiff/files/CVE-2018-10963.patch | 41 ++++++++++++++++++++++
>> meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 1 +
>> 2 files changed, 42 insertions(+)
>> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>>
>> diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>> new file mode 100644
>> index 0000000..13a1eb5
>> --- /dev/null
>> +++ b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>> @@ -0,0 +1,41 @@
>> +From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
>> +From: Even Rouault <even.rouault@spatialys.com>
>> +Date: Sat, 12 May 2018 14:24:15 +0200
>> +Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
>> + http://bugzilla.maptools.org/show_bug.cgi?id=2795.
>> + CVE-2018-10963
>> +
>> +---
>> +CVE: CVE-2018-10963
>> +
>> +Same patch as applied to 4.0.8.
> I don't know what that means. The fix is in 4.0.8 or this patch applies
> cleanly to 4.0.8 or affects < 4.0.8.
> - armin
>
>> +
>> +Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
>> +
>> +Signed-off-by: Joe Slater <joe.slater@windriver.com>
>> +
>> +---
>> + libtiff/tif_dirwrite.c | 7 +++++--
>> + 1 file changed, 5 insertions(+), 2 deletions(-)
>> +
>> +diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
>> +index 2430de6..c15a28d 100644
>> +--- a/libtiff/tif_dirwrite.c
>> ++++ b/libtiff/tif_dirwrite.c
>> +@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
>> + }
>> + break;
>> + default:
>> +- assert(0); /* we should never get here */
>> +- break;
>> ++ TIFFErrorExt(tif->tif_clientdata,module,
>> ++ "Cannot write tag %d (%s)",
>> ++ TIFFFieldTag(o),
>> ++ o->field_name ? o->field_name : "unknown");
>> ++ goto bad;
>> + }
>> + }
>> + }
>> +--
>> +1.7.9.5
>> +
>> diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
>> index 8c3bba5..e8e2a11 100644
>> --- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
>> +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
>> @@ -9,6 +9,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
>> file://CVE-2017-9935.patch \
>> file://CVE-2017-18013.patch \
>> file://CVE-2018-5784.patch \
>> + file://CVE-2018-10963.patch \
>> "
>>
>> SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/1] tiff: security fix CVE-2018-10963
2018-07-12 16:40 ` Burton, Ross
@ 2018-07-12 16:56 ` Andre McCurdy
0 siblings, 0 replies; 6+ messages in thread
From: Andre McCurdy @ 2018-07-12 16:56 UTC (permalink / raw)
To: Burton, Ross; +Cc: openembedded-core
On Thu, Jul 12, 2018 at 9:40 AM, Burton, Ross <ross.burton@intel.com> wrote:
> Please.
>
> Ross
>
> On 12 July 2018 at 17:29, Slater, Joseph <joe.slater@windriver.com> wrote:
>> Should this be resubmitted? I could always remove the comment about 4.0.8. Joe
>> ________________________________________
>> From: Slater, Joseph
>> Sent: Tuesday, July 10, 2018 4:56 PM
>> To: akuster808; openembedded-core@lists.openembedded.org
>> Subject: RE: [OE-core] [oe-core][PATCH 1/1] tiff: security fix CVE-2018-10963
>>
>> Yes, it is not clear. What it means is that the patch was applied to 4.0.8 code, but not, I think, 4.0.8 code as seen on openembedded-core before 4.0.8 was obsolete. It still applies for 4.0.9.
>>
>> Joe
>>
>> -----Original Message-----
>> From: akuster808 [mailto:akuster808@gmail.com]
>> Sent: Tuesday, July 10, 2018 4:48 PM
>> To: Slater, Joseph; openembedded-core@lists.openembedded.org
>> Subject: Re: [OE-core] [oe-core][PATCH 1/1] tiff: security fix CVE-2018-10963
>>
>> On 07/10/2018 04:03 PM, Joe Slater wrote:
>>> Denial of service described at https://nvd.nist.gov/vuln/detail/CVE-2018-10963.
>>>
>>> Signed-off-by: Joe Slater <joe.slater@windriver.com>
>>> ---
>>> .../libtiff/files/CVE-2018-10963.patch | 41 ++++++++++++++++++++++
>>> meta/recipes-multimedia/libtiff/tiff_4.0.9.bb | 1 +
>>> 2 files changed, 42 insertions(+)
>>> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>>>
>>> diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>>> new file mode 100644
>>> index 0000000..13a1eb5
>>> --- /dev/null
>>> +++ b/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
>>> @@ -0,0 +1,41 @@
>>> +From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
>>> +From: Even Rouault <even.rouault@spatialys.com>
>>> +Date: Sat, 12 May 2018 14:24:15 +0200
>>> +Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
>>> + http://bugzilla.maptools.org/show_bug.cgi?id=2795.
>>> + CVE-2018-10963
>>> +
>>> +---
>>> +CVE: CVE-2018-10963
>>> +
>>> +Same patch as applied to 4.0.8.
>> I don't know what that means. The fix is in 4.0.8 or this patch applies
>> cleanly to 4.0.8 or affects < 4.0.8.
>> - armin
>>
>>> +
>>> +Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
This link seems to have got corrupted somehow. It would be good to fix that too.
>>> +
>>> +Signed-off-by: Joe Slater <joe.slater@windriver.com>
>>> +
>>> +---
>>> + libtiff/tif_dirwrite.c | 7 +++++--
>>> + 1 file changed, 5 insertions(+), 2 deletions(-)
>>> +
>>> +diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
>>> +index 2430de6..c15a28d 100644
>>> +--- a/libtiff/tif_dirwrite.c
>>> ++++ b/libtiff/tif_dirwrite.c
>>> +@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
>>> + }
>>> + break;
>>> + default:
>>> +- assert(0); /* we should never get here */
>>> +- break;
>>> ++ TIFFErrorExt(tif->tif_clientdata,module,
>>> ++ "Cannot write tag %d (%s)",
>>> ++ TIFFFieldTag(o),
>>> ++ o->field_name ? o->field_name : "unknown");
>>> ++ goto bad;
>>> + }
>>> + }
>>> + }
>>> +--
>>> +1.7.9.5
>>> +
>>> diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
>>> index 8c3bba5..e8e2a11 100644
>>> --- a/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
>>> +++ b/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
>>> @@ -9,6 +9,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
>>> file://CVE-2017-9935.patch \
>>> file://CVE-2017-18013.patch \
>>> file://CVE-2018-5784.patch \
>>> + file://CVE-2018-10963.patch \
>>> "
>>>
>>> SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-07-12 16:56 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-10 23:03 [PATCH 1/1] tiff: security fix CVE-2018-10963 Joe Slater
2018-07-10 23:48 ` akuster808
2018-07-10 23:56 ` Slater, Joseph
2018-07-12 16:29 ` Slater, Joseph
2018-07-12 16:40 ` Burton, Ross
2018-07-12 16:56 ` Andre McCurdy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.