GNU bug report logs - #27370
[PATCH] gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Thu, 15 Jun 2017 03:47:02 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: ludo <at> gnu.org (Ludovic Courtès)
To: Leo Famulari <leo <at> famulari.name>
Cc: 27370 <at> debbugs.gnu.org
Subject: [bug#27370] [PATCH] gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].
Date: Thu, 15 Jun 2017 10:13:43 +0200

Leo Famulari <leo <at> famulari.name> skribis:

> Fixes CVE-2014-8128, CVE-2015-7554, CVE-2016-5318, CVE-2016-10095, and
> the other bugs listed in 'libtiff-tiffgetfield-bugs.patch'.
>
> * gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/image.scm (libtiff-4.0.8)[source]: Use it.

LGTM.  ‘guix lint -c cve’ will keep complaining, but I guess splitting
the patch in one patch per CVE might be hard and not worth the effort.
Thoughts?

Could you apply them to ‘core-updates’ as well?

Thank you!

Ludo’.

This bug report was last modified 8 years and 56 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #27370 [PATCH] gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].

GNU bug report logs - #27370
[PATCH] gnu: libtiff: Fix several bugs related to improper codec usage [security fixes].