cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 15:38:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

tiff: fix multiple CVE's

Browse Source 
This commit fixes multiple CVE's for library tiff:
CVE-2012-4564
CVE-2013-1960
CVE-2013-1961
CVE-2013-4231
CVE-2013-4232
CVE-2013-4244
CVE-2013-4243

Signed-off-by: Jiri Slachta <slachta@cesnet.cz>
This commit is contained in:
Jiri Slachta
2014-08-04 12:08:07 +02:00
committed by Steven Barth
parent 317c39a7ba
commit 20ee7a564c
8 changed files with 1036 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libs/tiff/patches/014-CVE-2013-4232.patch
+18
View File
@@ -0,0 +1,18 @@
Description: use after free in tiff2pdf
Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2449
Bug-Debian: http://bugs.debian.org/719303
Index: tiff-4.0.3/tools/tiff2pdf.c
===================================================================
--- tiff-4.0.3.orig/tools/tiff2pdf.c 2013-08-22 11:46:37.292847242 -0400
+++ tiff-4.0.3/tools/tiff2pdf.c 2013-08-22 11:46:37.292847242 -0400
@@ -2461,7 +2461,8 @@
(unsigned long) t2p->tiff_datasize,
TIFFFileName(input));
t2p->t2p_error = T2P_ERR_ERROR;
- _TIFFfree(buffer);
+ _TIFFfree(buffer);
+ return(0);
} else {
buffer=samplebuffer;
t2p->tiff_datasize *= t2p->tiff_samplesperpixel;