Commit Graph

8 Commits

Author SHA1 Message Date
RHEL Packaging Agent
072cfeac1c Fix CVE-2026-12912: heap-buffer-overflow in PixarLog ABGR decoding
Backport fix for CVE-2026-12912 to compat-libtiff3 (libtiff 3.9.4).
Two upstream commits were cherry-picked and adapted to the 3.9.4
API to fix a heap-buffer-overflow in PixarLogDecode when handling
8BITABGR data with stride 3. The first patch adds a bounds check
and fixes the output pointer advance, and the second extends the
bounds check to handle multi-row strip decoding.

CVE: CVE-2026-12912
Upstream patches:
 - ba2b04b114.patch
 - f9bda11bf2.patch
Resolves: RHEL-189375

This commit was backported by Ymir, a Red Hat Enterprise Linux software maintenance AI agent.

Assisted-by: Ymir
2026-06-27 08:18:38 +00:00
Michal Hlavinka
cf89677ea6 fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile (RHEL-159315)
Resolves: RHEL-159315
2026-04-22 13:47:37 +02:00
Jakub Haruda
49a2aa4b6c OSCI: Add fmf and plan 2025-10-06 13:03:05 +02:00
Michal Hlavinka
59ef15e355 fix CVE-2025-9900: Write-What-Where via TIFFReadRGBAImageOriented (RHEL-112528)
Resolves: RHEL-112528
2025-09-25 15:18:47 +02:00
Troy Dawson
bf9736355e Bring gating.yaml over from Brew dist-git
Signed-off-by: Troy Dawson <tdawson@redhat.com>
2023-03-10 10:31:10 -08:00
James Antill
823237660c Import rpm: c8s 2023-02-27 12:30:27 -05:00
James Antill
170ff31c87 Auto sync2gitlab import of compat-libtiff3-3.9.4-13.el8.src.rpm 2022-05-26 01:13:01 -04:00
James Antill
a57d613e87 Initial c8s branch. 2022-05-26 01:12:59 -04:00