Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2026-07-08 17:35:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new.1982 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tiff" Wed Jul 8 17:35:02 2026 rev:111 rq:1364009 version:4.7.2 Changes: -------- --- /work/SRC/openSUSE:Factory/tiff/tiff.changes 2026-04-28 14:30:34.666988105 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new.1982/tiff.changes 2026-07-08 17:36:46.289957150 +0200 @@ -1,0 +2,75 @@ +Mon Jul 6 09:15:10 UTC 2026 - Michael Vetter <[email protected]> + +- Update to 4.7.2: + Software configuration changes: + * cmake: Fix bundle identifiers to use reverse-DNS format + * cmake: Fix and improve Apple framework build support + * cmake: Use TurboJPEG CONFIG by default (issue #767) + * cmake: changes related to 8-/12-bit modes + * cmake: Replace CMath::CMath with direct link to avoid export. + * Support for iOS-derived builds + * Simplify cmake byte order version check + * Add additional warnings, primarily floating precision conversions and integer arithmetic conversions + * configure.ac: Require bootstrap with at least Autoconf 2.71. + Library changes: + * New/improved functionalities:: + + Add TIFFGetMaxCompressionRatio() and use it in _TIFFReadEncoded[Tile|Strip)AndAllocBuffer() (issue #781) (CVE-2026-36849) (bsc#1268434) + * API/ABI breaks: + + None + Bug fixes: + * Handle negative TIFFReadFile results before state updates (issue #854) + * tif_dirread.c: fix copy-paste bug in ChopUpSingleUncompressedStrip + * tif_read.c: Fixed division by zero in TIFFStartStrip() (issue #777) + * tif_dirwrite.c: add integer overflow checks to allocation size calculations + * tif_print.c: add integer overflow checks to allocation size calculations + * tif_write.c: fix OOB read and underflow in TIFFAppendToStrip copy loop + * DumpModeSeek: add bounds check to prevent OOB pointer advance + * TIFFGrowStrips: fix use-after-free on partial realloc failure. + * Fix NULL dereference in _TIFFReserveLargeEnoughWriteBuffer() by validating the strip bytecount array before accessing it. + * TIFFRGBAImage: avoid int overflows in put functions (issue #830) + * tif_getimage: fix inconsistent fromskew handling in put16bitbwtile (issue #792) + * tif_getimage: Widen pointer-offset arithmetic in tif_getimage + * putcontig8bitYCbCr44tile: fix wrong fromskew computation (issue #798) + * putcontig8bitYCbCr42tile: Reject invalid YCbCr subsampling when image dimensions are smaller than the subsampling block to prevent out-of-bounds writes. (issue #753) + * TIFFReadRGBAImage(): prevent integer overflow and later heap overflow (issue #787) (CVE-2026-4775) (bsc#1260411) + * TIFFFillStrip/Tile(): avoid excessive memory allocation (issue #831) + * TIFFLinkDirectory() checks for IFD loops (issue #788) + * Check result of _TIFFCheckRealloc to prevent memory leaks and segmentation fault when reallocation fails. + * TIFFVTileSize64(): in YCbCr contig non upsampled mode, validate td_samplesperpixel==3 (issue #805) + * TIFFReadDirEntryPersampleShort(): be tolerant to tags like SampleFormat not having 1 or SamplesPerPixel values (https://github.com/OSGeo/gdal/issues/13465) + * tif_getimage: reject tile widths that would overflow toskew (issue #808) + * Fix integer overflow in _TIFFPartialReadStripArray on 32-bit. + * TIFFAppendToStrip(): add some checks to avoid null-pointer-dereferencing (issue #777). + * _TIFFGetStrileOffsetOrByteCountValue(): fix potential crash on corrupted files when file opened in 'O' mode (https://issues.oss-fuzz.com/issues/471328917) + * TIFFReadDirectory(): re-set TIFF_LAZYSTRILELOAD if file opened in 'O' mode + * _TIFFMergeFields(): avoid NULL ptr dereference (issue #755). + * Check td_stripbytecount_p and td_stripoffset_p for NULL pointer before (re-)writing to file. (issue #749) + * JPEGDecodeRaw: initialize output buffer to avoid returning uninitialized memory (issue #892) + * JPEG decompressor: initialize output buffer when JPEG image is smaller than strile dimension to avoid heap memory disclosure (issue #826) + * JPEG: fix generation of tiled 12-bit JPEG compressed files with libjpeg-turbo 3.0.3 (issue #773) + * JPEGDecode(): fix memory leak in error code path (https://issues.oss-fuzz.com/issues/471945501) + * tif_jpeg: reject mismatched JPEG data precision to avoid write overflow + * Fix signed left-shift UB in LogLuv RANDITHER encoding (issue #850) + * PixarLog: error out on invalid ABGR output buffer sizes. + * PixarLog: complete ABGR bounds check for multi-row strip decoding. + * PixarLog: fix heap-buffer-overflow in 8BITABGR decode with stride 3 (issue #824) (CVE-2026-12912) (bsc#1269779) + * PixarLog: fix undoing horizontal differencing when SamplesPerPixel != 3 and 4 (issue #789). + * PixarLog codec: fix potential integer overflow/out-of-bounds access (issue #797) + * TIFFAdvanceDirectory(): avoid potential read heap-buffer-overflow in mmap code path on 32 bit builds (https://issues.oss-fuzz.com/issues/506737072) + * OJPEG: fix integer overflow in subsampling buffer allocation. + * OJPEG: fix nullptr deref when changing compression method from OJPEG to something else (issue #795). + * OJPEG fix potential integer overflow/out-of-bounds access (issue #796). + * ojpeg: prevent EOF infinite loop (fixes commit 2a3d55b) + * fix null pointer deference in issue #782. + * fix stack-overflow in issue #784. + Other changes: + * Change EXIF and GPS tag type from IFD8 to LONG8 per EXIF-specification (issue #739). + * Harden integer size and offset calculations (issue #897) + * TIFFComputeTile/TIFFComputeStrip: use overflow-checked multiplication + * Move widening casts inside multiplication scope. + * Lots of compiler warning fixes related to enabling more warning flags + * Align writing and reading of TIFF_LONG8 and TIFF_IFD8 tags (issue #773) + * TIFFFillStrip(): prevent harmless unsigned integer overflow +- Drop tiff-CVE-2026-4775.patch + +------------------------------------------------------------------- Old: ---- tiff-4.7.1.tar.xz tiff-4.7.1.tar.xz.sig tiff-CVE-2026-4775.patch New: ---- tiff-4.7.2.tar.xz tiff-4.7.2.tar.xz.sig ----------(Old B)---------- Old: * TIFFFillStrip(): prevent harmless unsigned integer overflow - Drop tiff-CVE-2026-4775.patch ----------(Old E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tiff.spec ++++++ --- /var/tmp/diff_new_pack.eFvwjr/_old 2026-07-08 17:36:47.269991244 +0200 +++ /var/tmp/diff_new_pack.eFvwjr/_new 2026-07-08 17:36:47.273991383 +0200 @@ -33,7 +33,7 @@ %else Name: tiff-%{build_flavor} %endif -Version: 4.7.1 +Version: 4.7.2 Release: 0 Summary: Tools for Converting from and to the Tagged Image File Format License: HPND @@ -44,7 +44,6 @@ Source3: baselibs.conf Source99: tiff.keyring Patch0: tiff-4.0.3-seek.patch -Patch1: tiff-CVE-2026-4775.patch %if %{with tiff_manpages} BuildRequires: python3-Sphinx %endif ++++++ tiff-4.7.1.tar.xz -> tiff-4.7.2.tar.xz ++++++ ++++ 97004 lines of diff (skipped)
