Petr Gajdos
daa5f36cc1
CVE-2014-8129, CVE-2014-8130, CVE-2015-1547
bnc#914890, bnc#916925, bnc#916927
+ erouault.2856.patch
+ erouault.2857.patch
+ erouault.2858.patch
+ erouault.2859.patch
+ erouault.2860.patch
+ erouault.2861.patch
+ erouault.2862.patch
+ erouault.2863.patch
+ erouault.2876.patch
+ bfriesen.2805.patch
+ tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch
+ tiff-handle-TIFFTAG_PREDICTOR.patch
+ tiff-dither-malloc-check.patch
OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=65
32 lines
931 B
Diff
32 lines
931 B
Diff
---------------------
|
|
PatchSet 2863
|
|
Date: 2014/12/21 22:58:29
|
|
Author: erouault
|
|
Branch: HEAD
|
|
Tag: (none)
|
|
Log:
|
|
* tools/tiff2bw.c: when Photometric=RGB, the utility only works if
|
|
SamplesPerPixel = 3. Enforce that
|
|
http://bugzilla.maptools.org/show_bug.cgi?id=2485 (CVE-2014-8127)
|
|
|
|
Members:
|
|
ChangeLog:1.967->1.968
|
|
tools/tiff2bw.c:1.16->1.17
|
|
|
|
Index: libtiff/tools/tiff2bw.c
|
|
diff -u libtiff/tools/tiff2bw.c:1.16 libtiff/tools/tiff2bw.c:1.17
|
|
--- libtiff/tools/tiff2bw.c:1.16 Thu May 2 09:44:29 2013
|
|
+++ libtiff/tools/tiff2bw.c Sun Dec 21 15:58:30 2014
|
|
@@ -171,6 +171,11 @@
|
|
argv[optind], samplesperpixel);
|
|
return (-1);
|
|
}
|
|
+ if( photometric == PHOTOMETRIC_RGB && samplesperpixel != 3) {
|
|
+ fprintf(stderr, "%s: Bad samples/pixel %u for PHOTOMETRIC_RGB.\n",
|
|
+ argv[optind], samplesperpixel);
|
|
+ return (-1);
|
|
+ }
|
|
TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bitspersample);
|
|
if (bitspersample != 8) {
|
|
fprintf(stderr,
|