* [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1
@ 2023-06-25 20:37 Peter Korsgaard
2023-06-26 3:00 ` Baruch Siach via buildroot
2023-07-16 6:20 ` Peter Korsgaard
0 siblings, 2 replies; 5+ messages in thread
From: Peter Korsgaard @ 2023-06-25 20:37 UTC (permalink / raw)
To: buildroot
Fixes the following security issues:
- CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
libtiff package. A specially crafted tiff file can lead to an
out-of-bounds read in the extractImageSection function in
tools/tiffcrop.c, resulting in a denial of service and limited information
disclosure. This issue affects libtiff versions 4.x.
- CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
- CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
has a heap-based use after free via a crafted TIFF image
Drop the now upstream
0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
...rect-simple-copy-paste-error-Fix-488.patch | 28 -------------------
package/tiff/tiff.hash | 2 +-
package/tiff/tiff.mk | 5 +---
3 files changed, 2 insertions(+), 33 deletions(-)
delete mode 100644 package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
diff --git a/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch b/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
deleted file mode 100644
index 73c0d10ffc..0000000000
--- a/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001
-From: Su Laus <sulau@freenet.de>
-Date: Sat, 21 Jan 2023 15:58:10 +0000
-Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488.
-
-[Retrieved from:
-https://gitlab.com/libtiff/libtiff/-/commit/97d65859bc29ee334012e9c73022d8a8e55ed586]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- tools/tiffcrop.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index 14fa18da..7db69883 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -8591,7 +8591,7 @@ static int processCropSelections(struct image_data *image,
- cropsize + NUM_BUFF_OVERSIZE_BYTES);
- else
- {
-- prev_cropsize = seg_buffs[0].size;
-+ prev_cropsize = seg_buffs[i].size;
- if (prev_cropsize < cropsize)
- {
- next_buff = _TIFFrealloc(
---
-GitLab
-
diff --git a/package/tiff/tiff.hash b/package/tiff/tiff.hash
index 73732892a5..0fa503a02a 100644
--- a/package/tiff/tiff.hash
+++ b/package/tiff/tiff.hash
@@ -1,3 +1,3 @@
# Locally computed
-sha256 c7a1d9296649233979fa3eacffef3fa024d73d05d589cb622727b5b08c423464 tiff-4.5.0.tar.gz
+sha256 d7f38b6788e4a8f5da7940c5ac9424f494d8a79eba53d555f4a507167dca5e2b tiff-4.5.1.tar.gz
sha256 0780558a8bfba0af1160ec1ff11ade4f41c0d7deafd6ecfc796b492a788e380d LICENSE.md
diff --git a/package/tiff/tiff.mk b/package/tiff/tiff.mk
index f9754a4b49..0006f461a0 100644
--- a/package/tiff/tiff.mk
+++ b/package/tiff/tiff.mk
@@ -4,7 +4,7 @@
#
################################################################################
-TIFF_VERSION = 4.5.0
+TIFF_VERSION = 4.5.1
TIFF_SITE = http://download.osgeo.org/libtiff
TIFF_LICENSE = tiff license
TIFF_LICENSE_FILES = LICENSE.md
@@ -12,9 +12,6 @@ TIFF_CPE_ID_VENDOR = libtiff
TIFF_CPE_ID_PRODUCT = libtiff
TIFF_INSTALL_STAGING = YES
-# 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
-TIFF_IGNORE_CVES += CVE-2022-48281
-
# webp has a (optional) dependency on tiff, so we can't have webp
# support in tiff, or that would create a circular dependency.
TIFF_CONF_OPTS = \
--
2.30.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1
2023-06-25 20:37 [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1 Peter Korsgaard
@ 2023-06-26 3:00 ` Baruch Siach via buildroot
2023-06-26 5:50 ` Peter Korsgaard
2023-07-16 6:20 ` Peter Korsgaard
1 sibling, 1 reply; 5+ messages in thread
From: Baruch Siach via buildroot @ 2023-06-26 3:00 UTC (permalink / raw)
To: Peter Korsgaard; +Cc: buildroot
Hi Peter,
On Sun, Jun 25 2023, Peter Korsgaard wrote:
> Fixes the following security issues:
>
> - CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
> libtiff package. A specially crafted tiff file can lead to an
> out-of-bounds read in the extractImageSection function in
> tools/tiffcrop.c, resulting in a denial of service and limited information
> disclosure. This issue affects libtiff versions 4.x.
>
> - CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
> extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
>
> - CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
> has a heap-based use after free via a crafted TIFF image
>
> Drop the now upstream
> 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
Should be removed from .checkpackageignore as well.
baruch
>
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> ---
> ...rect-simple-copy-paste-error-Fix-488.patch | 28 -------------------
> package/tiff/tiff.hash | 2 +-
> package/tiff/tiff.mk | 5 +---
> 3 files changed, 2 insertions(+), 33 deletions(-)
> delete mode 100644 package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
>
> diff --git a/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch b/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
> deleted file mode 100644
> index 73c0d10ffc..0000000000
> --- a/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
> +++ /dev/null
> @@ -1,28 +0,0 @@
> -From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001
> -From: Su Laus <sulau@freenet.de>
> -Date: Sat, 21 Jan 2023 15:58:10 +0000
> -Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488.
> -
> -[Retrieved from:
> -https://gitlab.com/libtiff/libtiff/-/commit/97d65859bc29ee334012e9c73022d8a8e55ed586]
> -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ----
> - tools/tiffcrop.c | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
> -index 14fa18da..7db69883 100644
> ---- a/tools/tiffcrop.c
> -+++ b/tools/tiffcrop.c
> -@@ -8591,7 +8591,7 @@ static int processCropSelections(struct image_data *image,
> - cropsize + NUM_BUFF_OVERSIZE_BYTES);
> - else
> - {
> -- prev_cropsize = seg_buffs[0].size;
> -+ prev_cropsize = seg_buffs[i].size;
> - if (prev_cropsize < cropsize)
> - {
> - next_buff = _TIFFrealloc(
> ---
> -GitLab
> -
> diff --git a/package/tiff/tiff.hash b/package/tiff/tiff.hash
> index 73732892a5..0fa503a02a 100644
> --- a/package/tiff/tiff.hash
> +++ b/package/tiff/tiff.hash
> @@ -1,3 +1,3 @@
> # Locally computed
> -sha256 c7a1d9296649233979fa3eacffef3fa024d73d05d589cb622727b5b08c423464 tiff-4.5.0.tar.gz
> +sha256 d7f38b6788e4a8f5da7940c5ac9424f494d8a79eba53d555f4a507167dca5e2b tiff-4.5.1.tar.gz
> sha256 0780558a8bfba0af1160ec1ff11ade4f41c0d7deafd6ecfc796b492a788e380d LICENSE.md
> diff --git a/package/tiff/tiff.mk b/package/tiff/tiff.mk
> index f9754a4b49..0006f461a0 100644
> --- a/package/tiff/tiff.mk
> +++ b/package/tiff/tiff.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -TIFF_VERSION = 4.5.0
> +TIFF_VERSION = 4.5.1
> TIFF_SITE = http://download.osgeo.org/libtiff
> TIFF_LICENSE = tiff license
> TIFF_LICENSE_FILES = LICENSE.md
> @@ -12,9 +12,6 @@ TIFF_CPE_ID_VENDOR = libtiff
> TIFF_CPE_ID_PRODUCT = libtiff
> TIFF_INSTALL_STAGING = YES
>
> -# 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
> -TIFF_IGNORE_CVES += CVE-2022-48281
> -
> # webp has a (optional) dependency on tiff, so we can't have webp
> # support in tiff, or that would create a circular dependency.
> TIFF_CONF_OPTS = \
--
~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch@tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1
2023-06-26 3:00 ` Baruch Siach via buildroot
@ 2023-06-26 5:50 ` Peter Korsgaard
2023-06-26 7:04 ` Peter Korsgaard
0 siblings, 1 reply; 5+ messages in thread
From: Peter Korsgaard @ 2023-06-26 5:50 UTC (permalink / raw)
To: Baruch Siach; +Cc: buildroot
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:
> Hi Peter,
> On Sun, Jun 25 2023, Peter Korsgaard wrote:
>> Fixes the following security issues:
>>
>> - CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
>> libtiff package. A specially crafted tiff file can lead to an
>> out-of-bounds read in the extractImageSection function in
>> tools/tiffcrop.c, resulting in a denial of service and limited information
>> disclosure. This issue affects libtiff versions 4.x.
>>
>> - CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
>> extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
>>
>> - CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
>> has a heap-based use after free via a crafted TIFF image
>>
>> Drop the now upstream
>> 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
> Should be removed from .checkpackageignore as well.
Ahh yes, thanks for reminding me.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1
2023-06-26 5:50 ` Peter Korsgaard
@ 2023-06-26 7:04 ` Peter Korsgaard
0 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2023-06-26 7:04 UTC (permalink / raw)
To: Baruch Siach; +Cc: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:
>> Hi Peter,
>> On Sun, Jun 25 2023, Peter Korsgaard wrote:
>>> Fixes the following security issues:
>>>
>>> - CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
>>> libtiff package. A specially crafted tiff file can lead to an
>>> out-of-bounds read in the extractImageSection function in
>>> tools/tiffcrop.c, resulting in a denial of service and limited information
>>> disclosure. This issue affects libtiff versions 4.x.
>>>
>>> - CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
>>> extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
>>>
>>> - CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
>>> has a heap-based use after free via a crafted TIFF image
>>>
>>> Drop the now upstream
>>> 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
>> Should be removed from .checkpackageignore as well.
> Ahh yes, thanks for reminding me.
Committed with that fixed, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1
2023-06-25 20:37 [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1 Peter Korsgaard
2023-06-26 3:00 ` Baruch Siach via buildroot
@ 2023-07-16 6:20 ` Peter Korsgaard
1 sibling, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2023-07-16 6:20 UTC (permalink / raw)
To: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> Fixes the following security issues:
> - CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
> libtiff package. A specially crafted tiff file can lead to an
> out-of-bounds read in the extractImageSection function in
> tools/tiffcrop.c, resulting in a denial of service and limited information
> disclosure. This issue affects libtiff versions 4.x.
> - CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
> extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
> - CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
> has a heap-based use after free via a crafted TIFF image
> Drop the now upstream
> 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed to 2023.02.x and 2023.05.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-07-16 6:20 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-06-25 20:37 [Buildroot] [PATCH] package/tiff: security bump to version 4.5.1 Peter Korsgaard
2023-06-26 3:00 ` Baruch Siach via buildroot
2023-06-26 5:50 ` Peter Korsgaard
2023-06-26 7:04 ` Peter Korsgaard
2023-07-16 6:20 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).