commit tiff for openSUSE:Factory

Tue, 02 Aug 2022 13:08:55 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package tiff for openSUSE:Factory checked in 
at 2022-08-02 22:08:37
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tiff (Old)
 and      /work/SRC/openSUSE:Factory/.tiff.new.1533 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "tiff"

Tue Aug  2 22:08:37 2022 rev:85 rq:992028 version:4.4.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/tiff/tiff.changes        2022-07-07 
12:56:29.755245706 +0200
+++ /work/SRC/openSUSE:Factory/.tiff.new.1533/tiff.changes      2022-08-02 
22:08:45.569697694 +0200
@@ -1,0 +2,7 @@
+Mon Aug  1 12:06:01 UTC 2022 - Michael Vetter <mvet...@suse.com>
+
+- security update:
+  * CVE-2022-34526 [bsc#1202026]
+    + tiff-CVE-2022-34526.patch
+
+-------------------------------------------------------------------

New:
----
  tiff-CVE-2022-34526.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tiff.spec ++++++
--- /var/tmp/diff_new_pack.Qn9sjp/_old  2022-08-02 22:08:46.113699262 +0200
+++ /var/tmp/diff_new_pack.Qn9sjp/_new  2022-08-02 22:08:46.117699274 +0200
@@ -34,6 +34,7 @@
 # http://bugzilla.maptools.org/show_bug.cgi?id=2442
 Patch1:         tiff-4.0.3-compress-warning.patch
 Patch2:         tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch
+Patch3:         tiff-CVE-2022-34526.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libjbig-devel
 BuildRequires:  libjpeg-devel
@@ -74,6 +75,7 @@
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 CFLAGS="%{optflags} -fPIE"


++++++ tiff-CVE-2022-34526.patch ++++++
Index: tiff-4.4.0/libtiff/tif_dirinfo.c
===================================================================
--- tiff-4.4.0.orig/libtiff/tif_dirinfo.c
+++ tiff-4.4.0/libtiff/tif_dirinfo.c
@@ -1191,6 +1191,9 @@ _TIFFCheckFieldIsValidForCodec(TIFF *tif
            default:
                return 1;
        }
+       if( !TIFFIsCODECConfigured(tif->tif_dir.td_compression) ) {
+               return 0;
+       }
        /* Check if codec specific tags are allowed for the current
         * compression scheme (codec) */
        switch (tif->tif_dir.td_compression) {

Reply via email to