rpms
/
libtiff
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import libtiff-4.0.9-28.el8_8

Browse Source
i8c changed/i8c/libtiff-4.0.9-28.el8_8
MSVSphere Packaging Team 1 year ago
parent 5db0962e68
commit 9aa080326d
2 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File

24
SOURCES/0037-CVE-2022-48281-tiffcrop-Correct-simple-copy-paste-er.patch
Unescape View File

@ -0,0 +1,24 @@
From 72bbfc1ecd58f7732946719a0aeb2070f056bb6f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuzila@redhat.com>
Date: Tue, 16 May 2023 13:04:55 +0200
Subject: [PATCH] (CVE-2022-48281) tiffcrop: Correct simple copy paste error.
Fix #488.
(cherry picked from commit d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5)
---
tools/tiffcrop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
index 848b2b49..7f738d91 100644
--- a/tools/tiffcrop.c
+++ b/tools/tiffcrop.c
@@ -7537,7 +7537,7 @@ processCropSelections(struct image_data *image, struct crop_mask *crop,
crop_buff = (unsigned char *)_TIFFmalloc(cropsize);
else
{
- prev_cropsize = seg_buffs[0].size;
+ prev_cropsize = seg_buffs[i].size;
if (prev_cropsize < cropsize)
{
next_buff = _TIFFrealloc(crop_buff, cropsize);

9
SPECS/libtiff.spec
Unescape View File

@ -1,7 +1,7 @@
Summary: Library of functions for manipulating TIFF format image files
Name: libtiff
Version: 4.0.9
Release: 27%{?dist}
Release: 28%{?dist}
License: libtiff
Group: System Environment/Libraries
URL: http://www.simplesystems.org/libtiff/
@ -47,6 +47,7 @@ Patch0033: 0033-CVE-2022-2519-CVE-2022-2520-CVE-2022-2521-CVE-2022-2.patch
Patch0034: 0034-CVE-2022-2519-CVE-2022-2520-CVE-2022-2521-CVE-2022-2.patch
Patch0035: 0035-CVE-2022-3597-CVE-2022-3626-CVE-2022-3627-tiffcrop-d.patch
Patch0036: 0036-CVE-2022-3970-TIFFReadRGBATileExt-fix-unsigned-integ.patch
Patch0037: 0037-CVE-2022-48281-tiffcrop-Correct-simple-copy-paste-er.patch
BuildRequires: gcc, gcc-c++
@ -201,9 +202,13 @@ find html -name 'Makefile*' | xargs rm
%{_mandir}/man1/*
%changelog
* Wed Jul 26 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 4.0.9-27
* Wed Jul 26 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 4.0.9-28
- Rebuilt for MSVSphere 8.8
* Tue May 16 2023 Matej Mužila <mmuzila@redhat.com> - 4.0.9-28
- Fix CVE-2022-48281
- Resolves: CVE-2022-48281
* Mon Jan 16 2023 Matej Mužila <mmuzila@redhat.com> - 4.0.9-27
- Fix various CVEs
- Resolves: CVE-2022-3627 CVE-2022-3970

Write Preview
Loading…
Cancel
Save