Mark CVE-2023-52355 as mitigated in third_party/libtiff/METADATA Since there are no callers to TIFFRasterScanlineSize() and TIFFRasterScanlineSize64() in this code base, the potential OOM issue cannot occur. Bug: 323286416 Change-Id: I6d1882cac97d8cb152bc6539a5da2c25ab7d2196 Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/116292 Reviewed-by: Thomas Sepez <tsepez@google.com> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Thomas Sepez <tsepez@google.com>
diff --git a/third_party/libtiff/METADATA b/third_party/libtiff/METADATA index 7d36a06..7956a6f 100644 --- a/third_party/libtiff/METADATA +++ b/third_party/libtiff/METADATA
@@ -15,5 +15,8 @@ mitigated_security_patch: "CVE-2023-26965" mitigated_security_patch: "CVE-2023-40745" mitigated_security_patch: "CVE-2023-41175" + + # There are no callers to TIFFRasterScanlineSize() in PDFium's code base. + mitigated_security_patch: "CVE-2023-52355" } }