[Bug 267276] graphics/tiff: Backport fixes for CVE-2022-2519, CVE-2022-2520 and CVE-2022-2521

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 22 Oct 2022 20:24:52 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267276

            Bug ID: 267276
           Summary: graphics/tiff: Backport fixes for CVE-2022-2519,
                    CVE-2022-2520 and CVE-2022-2521
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: desktop@FreeBSD.org
          Reporter: diizzy@FreeBSD.org
          Assignee: desktop@FreeBSD.org
             Flags: maintainer-feedback?(desktop@FreeBSD.org)

Created attachment 237539
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=237539&action=edit
Patch for tiff

Backport upstream commits 8fe3735942ea1d90d8cef843b55b3efe8ab6feaf and
bad48e90b410df32172006c7876da449ba62cdba

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521

Compile tested on FreeBSD 13.1-STABLE (amd64) (make, make test, make
check-plist)
Poudriere testport OK 12.3-RELEASE (amd64)
Poudriere testport OK 13.1-RELEASE (i386)

-- 
You are receiving this mail because:
You are the assignee for the bug.