- security update:

* CVE-2022-3970 [bsc#1205392] + tiff-CVE-2022-3970.patch OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=162
2022-11-14 11:55:22 +00:00 · 2022-11-14 11:55:22 +00:00 · 9b48e2850a
commit 9b48e2850a
parent 4de82c0597
3 changed files with 33 additions and 0 deletions
--- a/tiff-CVE-2022-3970.patch
+++ b/tiff-CVE-2022-3970.patch
@ -0,0 +1,24 @@
+Index: tiff-4.4.0/libtiff/tif_getimage.c
+===================================================================
+--- tiff-4.4.0.orig/libtiff/tif_getimage.c
+++ tiff-4.4.0/libtiff/tif_getimage.c
+@@ -3058,15 +3058,15 @@ TIFFReadRGBATileExt(TIFF* tif, uint32_t
+         return( ok );
+ 
+     for( i_row = 0; i_row < read_ysize; i_row++ ) {
+-        memmove( raster + (tile_ysize - i_row - 1) * tile_xsize,
+-                 raster + (read_ysize - i_row - 1) * read_xsize,
+        memmove( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
+                 raster + (size_t)(read_ysize - i_row - 1) * read_xsize,
+                  read_xsize * sizeof(uint32_t) );
+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize+read_xsize,
+        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize+read_xsize,
+                      0, sizeof(uint32_t) * (tile_xsize - read_xsize) );
+     }
+ 
+     for( i_row = read_ysize; i_row < tile_ysize; i_row++ ) {
+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize,
+        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
+                      0, sizeof(uint32_t) * tile_xsize );
+     }
+ 
--- a/tiff.changes
+++ b/tiff.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Nov 14 11:54:03 UTC 2022 - Michael Vetter <mvetter@suse.com>
+
+- security update:
+  * CVE-2022-3970 [bsc#1205392]
+    + tiff-CVE-2022-3970.patch
+
 -------------------------------------------------------------------
 Sun Nov 13 20:42:25 UTC 2022 - Michael Vetter <mvetter@suse.com>

--- a/tiff.spec
+++ b/tiff.spec
@ -39,6 +39,7 @@ Patch4:         tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
 Patch5:         tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch
 Patch6:         tiff-CVE-2022-3599.patch
 Patch7:         tiff-CVE-2022-3598.patch
+Patch8:         tiff-CVE-2022-3970.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libjbig-devel
 BuildRequires:  libjpeg-devel
@ -84,6 +85,7 @@ the libtiff library.
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1

 %build
 CFLAGS="%{optflags} -fPIE"