diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2012-09-26 01:10:42 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 22:51:55 +0200 |
commit | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (patch) | |
tree | b428a16618e36ed864a8d76ea3435e19a452bf90 /source/l/libtiff/libtiff-CVE-2011-0192.patch | |
parent | 75a4a592e5ccda30715f93563d741b83e0dcf39e (diff) | |
download | current-9664bee729d487bcc0a0bc35859f8e13d5421c75.tar.gz current-9664bee729d487bcc0a0bc35859f8e13d5421c75.tar.xz |
Slackware 14.0slackware-14.0
Wed Sep 26 01:10:42 UTC 2012
Slackware 14.0 x86_64 stable is released!
We're perfectionists here at Slackware, so this release has been a long
time a-brewing. But we think you'll agree that it was worth the wait.
Slackware 14.0 combines modern components, ease of use, and flexible
configuration... our "KISS" philosophy demands it.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Thanks to everyone who helped make this happen. The Slackware team, the
upstream developers, and (of course) the awesome Slackware user
community.
Have fun! :-)
Diffstat (limited to 'source/l/libtiff/libtiff-CVE-2011-0192.patch')
-rw-r--r-- | source/l/libtiff/libtiff-CVE-2011-0192.patch | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/source/l/libtiff/libtiff-CVE-2011-0192.patch b/source/l/libtiff/libtiff-CVE-2011-0192.patch deleted file mode 100644 index 892f70e01..000000000 --- a/source/l/libtiff/libtiff-CVE-2011-0192.patch +++ /dev/null @@ -1,27 +0,0 @@ -Protect against a fax VL(n) codeword commanding a move left. Without -this, a malicious input file can generate an indefinitely large series -of runs without a0 ever reaching the right margin, thus overrunning -our buffer of run lengths. Per CVE-2011-0192. This is a modified -version of a patch proposed by Drew Yao of Apple Product Security. -It adds an unexpected() report, and disallows the equality case except -for the first run of a line, since emitting a run without increasing a0 -still allows buffer overrun. (We have to allow it for the first run to -cover the case of encoding a zero-length run at start of line using VL.) - - -diff -Naur tiff-3.9.4.orig/libtiff/tif_fax3.h tiff-3.9.4/libtiff/tif_fax3.h ---- tiff-3.9.4.orig/libtiff/tif_fax3.h 2010-06-08 14:50:42.000000000 -0400 -+++ tiff-3.9.4/libtiff/tif_fax3.h 2011-03-10 12:11:20.850839162 -0500 -@@ -478,6 +478,12 @@ - break; \ - case S_VL: \ - CHECK_b1; \ -+ if (b1 <= (int) (a0 + TabEnt->Param)) { \ -+ if (b1 < (int) (a0 + TabEnt->Param) || pa != thisrun) { \ -+ unexpected("VL", a0); \ -+ goto eol2d; \ -+ } \ -+ } \ - SETVALUE(b1 - a0 - TabEnt->Param); \ - b1 -= *--pb; \ - break; \ |