openembedded-core.git - Mirror of openembedded-core

diff options

author	Mingli Yu <Mingli.Yu@windriver.com>	2016-12-07 16:01:11 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-01-11 11:46:46 +0000
commit	d55b4470c20f4a4b73b1e6f148a45d94649dfdb5 (patch)
tree	0dabbe27ae4f0bd84e193405bb634f1d794f734b /meta/recipes-multimedia/ffmpeg
parent	a28dc4cf7a8f67444f2f88248966478e385491d2 (diff)
download	openembedded-core-d55b4470c20f4a4b73b1e6f148a45d94649dfdb5.tar.gz openembedded-core-d55b4470c20f4a4b73b1e6f148a45d94649dfdb5.tar.bz2 openembedded-core-d55b4470c20f4a4b73b1e6f148a45d94649dfdb5.zip

tiff: Security fix CVE-2016-9535

* libtiff/tif_predict.h, libtiff/tif_predict.c: Replace assertions by runtime checks to avoid assertions in debug mode, or buffer overflows in release mode. Can happen when dealing with unusual tile size like YCbCr with subsampling. External References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9535 Patch from: https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1 https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33 (From OE-Core rev: 61d3feb9cad9f61f6551b43f4f19bfa33cadd275) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta/recipes-multimedia/ffmpeg')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: