package/tiff: security bump to version 4.5.1

Fixes the following security issues: - CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. - CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. - CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image Drop the now upstream 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-11-23 13:33:28 +08:00 · 2023-06-25 22:37:35 +02:00 · 2023-06-25 22:37:35 +02:00 · cb496970c0
commit cb496970c0
parent 5ae444e380
4 changed files with 2 additions and 34 deletions
--- a/.checkpackageignore
+++ b/.checkpackageignore
@ -1503,7 +1503,6 @@ package/ti-gfx/esrev.sh Shellcheck
 package/ti-sgx-um/0001-Makefile-do-not-install-init-script.patch Upstream
 package/ti-sgx-um/S80ti-sgx Variables
 package/ti-utils/0001-plt.h-fix-build-with-gcc-10.patch Upstream
-package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch Upstream
 package/tinyalsa/0001-include-time.h-before-asound.h.patch Upstream
 package/tinycbor/0001-Makefile-add-DISABLE_WERROR.patch Upstream
 package/tinycompress/0001-wave-add-time.h-missing-header-inclusion.patch Upstream
--- a/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
+++ b/package/tiff/0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
@ -1,28 +0,0 @@
-From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001
-From: Su Laus <sulau@freenet.de>
-Date: Sat, 21 Jan 2023 15:58:10 +0000
-Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488.
-
-[Retrieved from:
-https://gitlab.com/libtiff/libtiff/-/commit/97d65859bc29ee334012e9c73022d8a8e55ed586]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
- tools/tiffcrop.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index 14fa18da..7db69883 100644
--- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -8591,7 +8591,7 @@ static int processCropSelections(struct image_data *image,
-                     cropsize + NUM_BUFF_OVERSIZE_BYTES);
-             else
-             {
-                prev_cropsize = seg_buffs[0].size;
-+                prev_cropsize = seg_buffs[i].size;
-                 if (prev_cropsize < cropsize)
-                 {
-                     next_buff = _TIFFrealloc(
-- 
-GitLab
-
--- a/package/tiff/tiff.hash
+++ b/package/tiff/tiff.hash
@ -1,3 +1,3 @@
 # Locally computed
-sha256  c7a1d9296649233979fa3eacffef3fa024d73d05d589cb622727b5b08c423464  tiff-4.5.0.tar.gz
+sha256  d7f38b6788e4a8f5da7940c5ac9424f494d8a79eba53d555f4a507167dca5e2b  tiff-4.5.1.tar.gz
 sha256  0780558a8bfba0af1160ec1ff11ade4f41c0d7deafd6ecfc796b492a788e380d  LICENSE.md
--- a/package/tiff/tiff.mk
+++ b/package/tiff/tiff.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-TIFF_VERSION = 4.5.0
+TIFF_VERSION = 4.5.1
 TIFF_SITE = http://download.osgeo.org/libtiff
 TIFF_LICENSE = tiff license
 TIFF_LICENSE_FILES = LICENSE.md
@ -12,9 +12,6 @@ TIFF_CPE_ID_VENDOR = libtiff
 TIFF_CPE_ID_PRODUCT = libtiff
 TIFF_INSTALL_STAGING = YES

-# 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch
-TIFF_IGNORE_CVES += CVE-2022-48281
-
 # webp has a (optional) dependency on tiff, so we can't have webp
 # support in tiff, or that would create a circular dependency.
 TIFF_CONF_OPTS = \