| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| no_smartquotes.patch | Don't use smartquotes for Sphinx Don't let Sphinx inconsistently alter quotes and dashes in rst files. | Laszlo Boszormenyi (GCS) <gcs@debian.org> | no | debian | 2023-01-12 | |
| CVE-2023-6277.patch | [PATCH] Prevent some out-of-memory attacks Some small fuzzer files fake large amounts of data and provoke out-of-memory situations. For non-compressed data content / tags, out-of-memory can be prevented by comparing with the file size. At image reading, data size of some tags / data structures (StripByteCounts, StripOffsets, StripArray, TIFF directory) is compared with file size to prevent provoked out-of-memory attacks. See issue https://gitlab.com/libtiff/libtiff/-/issues/614#note_1602683857 |
Su Laus <sulau@freenet.de> | no | 2023-10-31 | ||
| CVE-2023-52355.patch | [PATCH] manpage: Update TIFF documentation about TIFFOpenOptions.rst and TIFFOpenOptionsSetMaxSingleMemAlloc() usage and some other small fixes. | Su_Laus <sulau@freenet.de> | no | 2023-11-08 | ||
| CVE-2023-52356.patch | [PATCH] TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of col/row (fixes #622) | Even Rouault <even.rouault@spatialys.com> | no | 2023-10-31 | ||
| CVE-2024-7006.patch | [PATCH] Check return value of _TIFFCreateAnonField(). Fixes #624 |
Su_Laus <sulau@freenet.de> | no | 2023-12-01 |