From bbcdf7ef1ce89e9bd17e0de39ffe6e512105dc14 Mon Sep 17 00:00:00 2001 From: Andrew Lukoshko Date: Wed, 28 Jun 2023 14:57:01 +0000 Subject: [PATCH] import CS libtiff-4.0.9-28.el8_8 --- ...iffcrop-Correct-simple-copy-paste-er.patch | 24 +++++++++++++++++++ SPECS/libtiff.spec | 7 +++++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0037-CVE-2022-48281-tiffcrop-Correct-simple-copy-paste-er.patch diff --git a/SOURCES/0037-CVE-2022-48281-tiffcrop-Correct-simple-copy-paste-er.patch b/SOURCES/0037-CVE-2022-48281-tiffcrop-Correct-simple-copy-paste-er.patch new file mode 100644 index 0000000..bb7d439 --- /dev/null +++ b/SOURCES/0037-CVE-2022-48281-tiffcrop-Correct-simple-copy-paste-er.patch @@ -0,0 +1,24 @@ +From 72bbfc1ecd58f7732946719a0aeb2070f056bb6f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Matej=20Mu=C5=BEila?= +Date: Tue, 16 May 2023 13:04:55 +0200 +Subject: [PATCH] (CVE-2022-48281) tiffcrop: Correct simple copy paste error. + Fix #488. + +(cherry picked from commit d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5) +--- + tools/tiffcrop.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index 848b2b49..7f738d91 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -7537,7 +7537,7 @@ processCropSelections(struct image_data *image, struct crop_mask *crop, + crop_buff = (unsigned char *)_TIFFmalloc(cropsize); + else + { +- prev_cropsize = seg_buffs[0].size; ++ prev_cropsize = seg_buffs[i].size; + if (prev_cropsize < cropsize) + { + next_buff = _TIFFrealloc(crop_buff, cropsize); diff --git a/SPECS/libtiff.spec b/SPECS/libtiff.spec index eaa717c..5fe0169 100644 --- a/SPECS/libtiff.spec +++ b/SPECS/libtiff.spec @@ -1,7 +1,7 @@ Summary: Library of functions for manipulating TIFF format image files Name: libtiff Version: 4.0.9 -Release: 27%{?dist} +Release: 28%{?dist} License: libtiff Group: System Environment/Libraries URL: http://www.simplesystems.org/libtiff/ @@ -47,6 +47,7 @@ Patch0033: 0033-CVE-2022-2519-CVE-2022-2520-CVE-2022-2521-CVE-2022-2.patch Patch0034: 0034-CVE-2022-2519-CVE-2022-2520-CVE-2022-2521-CVE-2022-2.patch Patch0035: 0035-CVE-2022-3597-CVE-2022-3626-CVE-2022-3627-tiffcrop-d.patch Patch0036: 0036-CVE-2022-3970-TIFFReadRGBATileExt-fix-unsigned-integ.patch +Patch0037: 0037-CVE-2022-48281-tiffcrop-Correct-simple-copy-paste-er.patch BuildRequires: gcc, gcc-c++ @@ -201,6 +202,10 @@ find html -name 'Makefile*' | xargs rm %{_mandir}/man1/* %changelog +* Tue May 16 2023 Matej Mužila - 4.0.9-28 +- Fix CVE-2022-48281 +- Resolves: CVE-2022-48281 + * Mon Jan 16 2023 Matej Mužila - 4.0.9-27 - Fix various CVEs - Resolves: CVE-2022-3627 CVE-2022-3970