diff options
Diffstat (limited to 'poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb')
-rw-r--r-- | poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 9c9108a6af..c2d4b35d49 100644 --- a/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -18,6 +18,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://0004-TIFFFetchNormalTag-avoid-calling-memcpy-with-a-null-.patch \ file://0005-fix-the-FPE-in-tiffcrop-393.patch \ file://0006-fix-heap-buffer-overflow-in-tiffcp-278.patch \ + file://0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" @@ -28,6 +29,12 @@ UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar" # Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 # and 4.3.0 doesn't have the issue CVE_CHECK_IGNORE += "CVE-2015-7313" +# These issues only affect libtiff post-4.3.0 but before 4.4.0, +# caused by 3079627e and fixed by b4e79bfa. +CVE_CHECK_IGNORE += "CVE-2022-1622 CVE-2022-1623" + +# Issue is in jbig which we don't enable +CVE_CHECK_IGNORE += "CVE-2022-1210" inherit autotools multilib_header @@ -37,6 +44,7 @@ PACKAGECONFIG ?= "cxx jpeg zlib lzma \ strip-chopping extrasample-as-alpha check-ycbcr-subsampling" PACKAGECONFIG[cxx] = "--enable-cxx,--disable-cxx,," +PACKAGECONFIG[jbig] = "--enable-jbig,--disable-jbig,jbig," PACKAGECONFIG[jpeg] = "--enable-jpeg,--disable-jpeg,jpeg," PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib," PACKAGECONFIG[lzma] = "--enable-lzma,--disable-lzma,xz," |