8e28d22c91
* gnu/packages/patches/libtiff-CVE-2012-4564.patch, gnu/packages/patches/libtiff-CVE-2013-1960.patch, gnu/packages/patches/libtiff-CVE-2013-1961.patch, gnu/packages/patches/libtiff-CVE-2013-4231.patch, gnu/packages/patches/libtiff-CVE-2013-4232.patch, gnu/packages/patches/libtiff-CVE-2013-4243.patch, gnu/packages/patches/libtiff-CVE-2013-4244.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch, gnu/packages/patches/libtiff-CVE-2014-8129.patch, gnu/packages/patches/libtiff-CVE-2014-9330.patch, gnu/packages/patches/libtiff-CVE-2014-9655.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (libtiff)[source]: Add patches.
21 lines
644 B
Diff
21 lines
644 B
Diff
Copied from Debian
|
|
|
|
Description: OOB write in gif2tiff
|
|
Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=996468
|
|
|
|
Index: tiff-4.0.3/tools/gif2tiff.c
|
|
===================================================================
|
|
--- tiff-4.0.3.orig/tools/gif2tiff.c 2013-08-24 11:17:13.546447901 -0400
|
|
+++ tiff-4.0.3/tools/gif2tiff.c 2013-08-24 11:17:13.546447901 -0400
|
|
@@ -400,6 +400,10 @@
|
|
}
|
|
|
|
if (oldcode == -1) {
|
|
+ if (code >= clear) {
|
|
+ fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear);
|
|
+ return 0;
|
|
+ }
|
|
*(*fill)++ = suffix[code];
|
|
firstchar = oldcode = code;
|
|
return 1;
|