It would be quite helpful to me if in the future you would send multiple
patches to the same recipe as a patch series rather than individually.
That way I won't have to try to figure out which order you intended them to
be applied!
Steve
On Tue, Jul 25, 2023 at 8:09 PM Hitendra Prajapati
wrote:
On Wed, 2023-07-26 at 17:20 +0530, Hitendra Prajapati wrote:
> +Upstream-Status: Backport
> [https://gitlab.com/libtiff/libtiff/-/commit/b5c7d4c4e0ac16b5cfb1
> 1acaaeaa493334f8]
> +CVE: CVE-2023-3618
> +Signed-off-by: Hitendra Prajapati
> +---
> + tools/tiffcrop.c | 18 +++---
> + 1
Backport fixes for:
* CVE-2023-2908 - Upstream-Status: Backport from
https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f
* CVE-2023-3316 - Upstream-Status: Backport from
https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536
* CVE-202
Backport fixes for:
* CVE-2023-25433 - Upstream-Status: Backport from
https://gitlab.com/libtiff/libtiff/-/commit/9c22495e5eeeae9e00a1596720c969656bb8d678
&&
https://gitlab.com/libtiff/libtiff/-/commit/688012dca2c39033aa2dc7bcea9796787cfd1b44
* CVE-2023-25434 & CVE-2023-25435 - Upstream-Status:
Bug-Debian: https://bugs.debian.org/1031632
Origin:
https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
import from debian
http://security.debian.org/debian-security/pool/updates/main/t/tiff/tiff_4.1.0+git191117-2~deb10u7.debian.tar.xz
fix multiple CVEs:
CVE-20