cb496970c0
Fixes the following security issues: - CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. - CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. - CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image Drop the now upstream 0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 lines
196 B
Plaintext
4 lines
196 B
Plaintext
# Locally computed
|
|
sha256 d7f38b6788e4a8f5da7940c5ac9424f494d8a79eba53d555f4a507167dca5e2b tiff-4.5.1.tar.gz
|
|
sha256 0780558a8bfba0af1160ec1ff11ade4f41c0d7deafd6ecfc796b492a788e380d LICENSE.md
|