summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/libtiff-CVE-2016-3623.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2016-3623.patch')
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3623.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3623.patch b/gnu/packages/patches/libtiff-CVE-2016-3623.patch
new file mode 100644
index 0000000000..08705861e3
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3623.patch
@@ -0,0 +1,30 @@
+Fix CVE-2016-3623.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
+http://bugzilla.maptools.org/show_bug.cgi?id=2569
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.16 -r1.17 tools/rgb2ycbcr.c
+
+Index: tools/rgb2ycbcr.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/rgb2ycbcr.c,v
+retrieving revision 1.16
+retrieving revision 1.17
+diff -u -r1.16 -r1.17
+--- libtiff/tools/rgb2ycbcr.c 21 Jun 2015 01:09:10 -0000 1.16
++++ libtiff/tools/rgb2ycbcr.c 15 Aug 2016 21:26:56 -0000 1.17
+@@ -95,9 +95,13 @@
+ break;
+ case 'h':
+ horizSubSampling = atoi(optarg);
++ if( horizSubSampling != 1 && horizSubSampling != 2 && horizSubSampling != 4 )
++ usage(-1);
+ break;
+ case 'v':
+ vertSubSampling = atoi(optarg);
++ if( vertSubSampling != 1 && vertSubSampling != 2 && vertSubSampling != 4 )
++ usage(-1);
+ break;
+ case 'r':
+ rowsperstrip = atoi(optarg);
generated by cgit v1.2.3 (git 2.45.2) at 2024-07-28 05:44:14 +0000