| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
| |
CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596,
CVE-2017-7598, CVE-2017-7601, CVE-2017-7602
CVE-2017-7597, CVE-2017-7599, CVE-2017-7600 are already included in upstream release
|
|
|
|
| |
CVE-2017-5225: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2016-9273: heap-buffer-overflow in cpStrips
CVE-2016-9297: segfault in _TIFFPrintField
CVE-2016-9448: Invalid read of size 1 in TIFFFetchNormalTag
CVE-2016-9453: out-of-bounds Write Caused by memcpy and no bound check in tiff2pdf
CVE-2016-3186: Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
CVE-2016-3621: Out-of-bounds Read in the bmp2tiff tool
CVE-2016-3622: Divide By Zero in the tiff2rgba tool
CVE-2016-3623, CVE-2016-3624: Divide By Zero in the rgb2ycbcr tool
CVE-2016-3625: Out-of-bounds Read in the tiff2bw tool
CVE-2016-3658, CVE-2014-8127: Illegal read in TIFFWriteDirectoryTagLongLong8Array function in tiffset / tif_dirwrite.c
CVE-2016-5314, CVE-2016-5315, CVE-2016-5316, CVE-2016-5317: PixarLogDecode() out-of-bound writes
CVE-2016-5320, CVE-2016-5875: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c
bugzilla suppose that CVE-2016-5320 is a duplicate of CVE-2016-5314 (https://bugs.alpinelinux.org/issues/6661) which was fixed in tiff 4.0.7 (http://bugzilla.maptools.org/show_bug.cgi?id=2554#c1)
CVE-2016-5321: out-of-bounds read in tiffcrop / DumpModeDecode() function
CVE-2016-5323: Divide-by-zero in _TIFFFax3fillruns() function
CVE-2016-5652: tiff2pdf JPEG Compression Tables Heap Buffer Overflow
|
|
|
|
|
| |
CVE-2015-7554, CVE-2015-8668, CVE-2016-3945,
CVE-2016-3632, CVE-2016-3990, CVE-2016-3991
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2015-8665
CVE-2015-8683
CVE-2015-8781
CVE-2015-8782
CVE-2015-8784
(cherry picked from commit 7f2845dc97725af0dc4230433d9cb42a76c552db)
(cherry picked from commit df6ff3e3449ac74fc39165229f9764d968aa58f4)
|
| |
|
|
|
|
| |
ref #3081
|
| |
|
| |
|
|
|
|
|
|
|
| |
(CVE-2012-4447,CVE-2012-4564,CVE-2013-1960,CVE-2013-1961)
ref #2203
fixes #2204
|
| |
|
|
|
|
| |
fixes #1501
|
| |
|
| |
|
|
|
|
| |
fixes #1325
|
|
|
|
| |
fixes #1325
|
|
|
|
| |
fixes #1245
|
| |
|
| |
|
|
|
|
| |
and clean up the APKBUILD
|
|
|
|
| |
this is needed for apk-tools-2.1 migration
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
and fixed misc build issues
|