summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorEven Rouault <even.rouault@spatialys.com>2017-06-01 12:44:04 +0000
committerEven Rouault <even.rouault@spatialys.com>2017-06-01 12:44:04 +0000
commit6281927e03aed3fdaac4c25e1cd1a5ff7232bcd8 (patch)
tree7cf9fab3cbd3af316bc455396f2c2545a9651f0c /ChangeLog
parented38dcc52c934839353be1ce7a7817b1599ccb31 (diff)
downloadlibtiff-git-6281927e03aed3fdaac4c25e1cd1a5ff7232bcd8.tar.gz
* libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(),
and use it in TIFFReadDirectory() so as to ignore fields whose tag is a codec-specified tag but this codec is not enabled. This avoids TIFFGetField() to behave differently depending on whether the codec is enabled or not, and thus can avoid stack based buffer overflows in a number of TIFF utilities such as tiffsplit, tiffcmp, thumbnail, etc. Patch derived from 0063-Handle-properly-CODEC-specific-tags.patch (http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël Hertzog. Fixes: http://bugzilla.maptools.org/show_bug.cgi?id=2580 http://bugzilla.maptools.org/show_bug.cgi?id=2693 http://bugzilla.maptools.org/show_bug.cgi?id=2625 (CVE-2016-10095) http://bugzilla.maptools.org/show_bug.cgi?id=2564 (CVE-2015-7554) http://bugzilla.maptools.org/show_bug.cgi?id=2561 (CVE-2016-5318) http://bugzilla.maptools.org/show_bug.cgi?id=2499 (CVE-2014-8128) http://bugzilla.maptools.org/show_bug.cgi?id=2441 http://bugzilla.maptools.org/show_bug.cgi?id=2433
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog20
1 files changed, 20 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 04881ba7..ebd1a3c0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,23 @@
+2017-06-01 Even Rouault <even.rouault at spatialys.com>
+
+ * libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(),
+ and use it in TIFFReadDirectory() so as to ignore fields whose tag is a
+ codec-specified tag but this codec is not enabled. This avoids TIFFGetField()
+ to behave differently depending on whether the codec is enabled or not, and
+ thus can avoid stack based buffer overflows in a number of TIFF utilities
+ such as tiffsplit, tiffcmp, thumbnail, etc.
+ Patch derived from 0063-Handle-properly-CODEC-specific-tags.patch
+ (http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël Hertzog.
+ Fixes:
+ http://bugzilla.maptools.org/show_bug.cgi?id=2580
+ http://bugzilla.maptools.org/show_bug.cgi?id=2693
+ http://bugzilla.maptools.org/show_bug.cgi?id=2625 (CVE-2016-10095)
+ http://bugzilla.maptools.org/show_bug.cgi?id=2564 (CVE-2015-7554)
+ http://bugzilla.maptools.org/show_bug.cgi?id=2561 (CVE-2016-5318)
+ http://bugzilla.maptools.org/show_bug.cgi?id=2499 (CVE-2014-8128)
+ http://bugzilla.maptools.org/show_bug.cgi?id=2441
+ http://bugzilla.maptools.org/show_bug.cgi?id=2433
+
2017-05-29 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_getimage.c: initYCbCrConversion(): stricter validation for
View Lorry Controller Status