Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2022-06-03 14:15:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new.1548 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tiff" Fri Jun 3 14:15:28 2022 rev:83 rq:979828 version:4.4.0 Changes: -------- --- /work/SRC/openSUSE:Factory/tiff/tiff.changes 2022-05-10 15:11:41.603552113 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new.1548/tiff.changes 2022-06-03 14:15:41.573240588 +0200 @@ -1,0 +2,41 @@ +Sun May 29 20:32:14 UTC 2022 - Dirk M??ller <dmuel...@suse.com> + +- update to 4.4.0: + * TIFFIsBigTiff() function added. + * Functions TIFFFieldSetGetSize() and TIFFieldSetGetCountSize() added. + * LZWDecode(): major speed improvements (~30% faster) + * Predictor 2 (horizontal differenciation): support 64-bit + * Support libjpeg 9d + * avoid hang in TIFFRewriteDirectory() if a classic file > 4 GB is attempted + to be created + * tif_jbig.c: fix crash when reading a file with multiple IFD in + memory-mapped mode and when bit reversal is needed + * TIFFFetchNormalTag(): avoid calling memcpy() with a null source pointer and + size of zero + * TIFFWriteDirectoryTagData(): turn assertion on data length into a runtime + check + * TIFFFetchStripThing(): avoid calling memcpy() with a null source pointer + and size of zero + * TIFFReadDirectory(): avoid calling memcpy() with a null source pointer and + size of zero + * TIFFYCbCrToRGBInit(): avoid Integer-overflow + * TIFFGetField(TIFFTAG_STRIPBYTECOUNTS/TIFFTAG_STRIPOFFSETS): return error if + returned pointer is NULL (fixes #342) + * OJPEG: avoid assertion when using TIFFReadScanline() + * TIFFReadDirectory: fix OJPEG hack + * LZW codec: fix support for strips/tiles > 2 GB on Windows + * TIFFAppendToStrip(): fix rewrite-in-place logic + * Fix TIFFRewriteDirectory discarding directories. + * TIFFReadCustomDirectory(): avoid crash when reading SubjectDistance tag on + a non EXIF directory + * Fix Segmentation fault printing GPS directory if Altitude tag is present + * tif_jpeg.c: do not emit progressive scans with mozjpeg. (#266) + * _TIFFRewriteField(): fix when writing a IFD with a single tile that is a + sparse one, on big endian hosts + * Fix all remaining uses of legacy Deflate compression id and warn on use. +- drop tiff-CVE-2022-0907.patch, tiff-CVE-2022-0561.patch, tiff-CVE-2022-0562.patch, + tiff-CVE-2022-0865.patch, tiff-CVE-2022-0909.patch, tiff-CVE-2022-0924.patch, + tiff-CVE-2022-0908.patch, tiff-CVE-2022-1056,CVE-2022-0891.patch: all upstream +- add signature validation, adds tiff.keyring + +------------------------------------------------------------------- Old: ---- tiff-4.3.0.tar.gz tiff-CVE-2022-0561.patch tiff-CVE-2022-0562.patch tiff-CVE-2022-0865.patch tiff-CVE-2022-0907.patch tiff-CVE-2022-0908.patch tiff-CVE-2022-0909.patch tiff-CVE-2022-0924.patch tiff-CVE-2022-1056,CVE-2022-0891.patch New: ---- tiff-4.4.0.tar.xz tiff-4.4.0.tar.xz.sig tiff.keyring ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tiff.spec ++++++ --- /var/tmp/diff_new_pack.fqG6vB/_old 2022-06-03 14:15:42.269241492 +0200 +++ /var/tmp/diff_new_pack.fqG6vB/_new 2022-06-03 14:15:42.285241513 +0200 @@ -19,26 +19,20 @@ %define asan_build 0 %define debug_build 0 Name: tiff -Version: 4.3.0 +Version: 4.4.0 Release: 0 Summary: Tools for Converting from and to the Tagged Image File Format License: HPND Group: Productivity/Graphics/Convertors -URL: http://www.simplesystems.org/libtiff/ -Source: https://download.osgeo.org/libtiff/tiff-%{version}.tar.gz +URL: https://libtiff.gitlab.io/libtiff/ +Source: https://download.osgeo.org/libtiff/tiff-%{version}.tar.xz +Source1: https://download.osgeo.org/libtiff/tiff-%{version}.tar.xz.sig Source2: README.SUSE Source3: baselibs.conf +Source99: tiff.keyring Patch0: tiff-4.0.3-seek.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch1: tiff-4.0.3-compress-warning.patch -Patch2: tiff-CVE-2022-1056,CVE-2022-0891.patch -Patch3: tiff-CVE-2022-0908.patch -Patch4: tiff-CVE-2022-0924.patch -Patch5: tiff-CVE-2022-0909.patch -Patch6: tiff-CVE-2022-0865.patch -Patch7: tiff-CVE-2022-0562.patch -Patch8: tiff-CVE-2022-0561.patch -Patch9: tiff-CVE-2022-0907.patch BuildRequires: gcc-c++ BuildRequires: libjbig-devel BuildRequires: libjpeg-devel @@ -78,14 +72,6 @@ %setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 %build CFLAGS="%{optflags} -fPIE"
