commit: 883b6568ba687b503bcf2e709bdfddc94efef9ce Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> AuthorDate: Tue Nov 19 21:59:04 2024 +0000 Commit: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> CommitDate: Tue Nov 19 21:59:04 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=883b6568
Revert "media-libs/tiff: drop 4.5.0-r2, 4.5.1" This reverts commit 65658e69ca2fbab2b6b762bf7631f638f676479f. Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org> media-libs/tiff/Manifest | 4 + .../tiff/files/tiff-4.5.0-CVE-2022-48281.patch | 14 + ...CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch | 287 +++++++++++++++++++++ ...CVE-2023-0802-CVE-2023-0803-CVE-2023-0804.patch | 131 ++++++++++ .../tiff-4.5.0_rc1-skip-tools-tests-multilib.patch | 52 ++++ media-libs/tiff/tiff-4.5.0-r2.ebuild | 92 +++++++ media-libs/tiff/tiff-4.5.1.ebuild | 84 ++++++ 7 files changed, 664 insertions(+) diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest index 4a09898bc72a..b9ee3c2b77a6 100644 --- a/media-libs/tiff/Manifest +++ b/media-libs/tiff/Manifest @@ -1,3 +1,7 @@ +DIST tiff-4.5.0.tar.xz 2320900 BLAKE2B c69801ba9d55b1ed27a92d31d8cd16937fe69299fbf5450efb4a6caa60245b72ddade110daae78f2198613640383623f76ec2265ba785375d0a85c7909b73fe9 SHA512 c6c866064c2dd5d1711c6ece7bafe5f011f5ce26c0aeaecbff79c05b5671f44150324bea95a0665cc43331883114de855ee1cd87ed733bff0f4d0814515b9f10 +DIST tiff-4.5.0.tar.xz.sig 310 BLAKE2B bbe7f9600061416227276424eb220714a1375d3e295cb0c5b7f76074324c1a2698a5029dde3e734331e9caf02d8a086273ded2ab09285857dbbfe3ad83506912 SHA512 8cef09755f4efe68db69591967e495852cf63c2d8113a877a2254f536d38c60b6dc864c07089249cd8109a8408672a297ae9e59d8233687bc2796dc158ccfb32 +DIST tiff-4.5.1.tar.xz 2228040 BLAKE2B 793c03593c46d6f804f622f5ff7e799751ee79e87ec1575801d2238fbcd2e89ed657a5081d3651e337f1bb14603ff94a15aad878e7fdf2cf75ada38eed64d9d2 SHA512 fc6af93d36598527480c517ddc4f19fe72e9f07ef4997e5731604253c8db0b9bae816ba7a56985bf22fbbb48db1fab5ed4c2b32a5145bc9477ef24b221a61179 +DIST tiff-4.5.1.tar.xz.sig 310 BLAKE2B fd5e3ff9c55790777b9d2587910cfb47953a27925bdf8610fc5b9db05a5662b534df542e3658db7b897c8de510479d0a7f0773092ac2f71e3c7bcb4beb14594f SHA512 10e434de0140bbd7e3830860bb611796b65fff5e718a2d5fb2857959ff63149d73b4e1f3f7c4be2c27f8ca863b0e4b7731332544eba948ce10097552e1779aee DIST tiff-4.6.0.tar.xz 2124388 BLAKE2B 3b508b02b0a536c5bc8e67fe4c1b09ae9c830252786ef4764202c14d673d1ef9634694de7a5893a3551dec684d00bad9d0442c7fea7bcd09238b9960d443cf62 SHA512 4cd9bb485bcac9c5efdd0c4814f2a38a762a3b69e70d909c05a24e2e9d2bd27357b9814e0cb1cee3898355d6ccfcf1615f715125c8ab8c651db474073734ab03 DIST tiff-4.6.0.tar.xz.sig 310 BLAKE2B 9f159a5839dd41bda34eceeed6e451455fbcfec5d51ebb097038e3977a391a751e91a9f683375593f45af0f9c8f0dbe55a0cc437fe4512537b30d513adfdb2c0 SHA512 da87b4294e17d49cf60e81ec5285f503291532423330552e41dddfb672c0636e95b8a80d603c3095abbee469cb7dce63c2df0c22b751a3bf8541550f97f78b49 DIST tiff-4.7.0.tar.xz 2286220 BLAKE2B a5df7f3ae71821a13ff5a31db012191dd1b022b1c87fe81f90fd4b4a1349b7aa15d7b336d5fa8ac9e84edcfac5fe46214d9ea54790cb037438c6a5334980c11e SHA512 4234bc3d1a4de38587e21eb7d5785d6e11bc5f73c3d412dd44b9f7bcc42122d940ad017450a949dce5c3b270018829593202bff815a02d23268d9b9723266fe0 diff --git a/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch b/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch new file mode 100644 index 000000000000..e38d17df9cc2 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch @@ -0,0 +1,14 @@ +https://gitlab.com/libtiff/libtiff/-/issues/488 +https://bugs.gentoo.org/891839 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -8591,7 +8591,7 @@ static int processCropSelections(struct + cropsize + NUM_BUFF_OVERSIZE_BYTES); + else + { +- prev_cropsize = seg_buffs[0].size; ++ prev_cropsize = seg_buffs[i].size; + if (prev_cropsize < cropsize) + { + next_buff = _TIFFrealloc( + diff --git a/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0795-CVE-2023-0796-CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch b/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0795-CVE-2023-0796-CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch new file mode 100644 index 000000000000..70a9b8269ec5 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0795-CVE-2023-0796-CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch @@ -0,0 +1,287 @@ +Index: tiff-4.5.0/tools/tiffcrop.c +=================================================================== +Upstream commits: +https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68 +https://gitlab.com/libtiff/libtiff/-/commit/9c22495e5eeeae9e00a1596720c969656bb8d678 +From 9c22495e5eeeae9e00a1596720c969656bb8d678 Mon Sep 17 00:00:00 2001 +From: Su_Laus <[email protected]> +Date: Fri, 3 Feb 2023 15:31:31 +0100 +Subject: [PATCH] tiffcrop correctly update buffersize after rotateImage() + fix#520 rotateImage() set up a new buffer and calculates its size + individually. Therefore, seg_buffs[] size needs to be updated accordingly. + Before this fix, the seg_buffs buffer size was calculated with a different + formula than within rotateImage(). + +Closes #520. +--- + tools/tiffcrop.c | 36 ++++++++++++++++++++---------------- + 1 file changed, 20 insertions(+), 16 deletions(-) + +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index 7db69883..f8b66188 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -577,7 +577,7 @@ static int rotateContigSamples24bits(uint16_t, uint16_t, uint16_t, uint32_t, + static int rotateContigSamples32bits(uint16_t, uint16_t, uint16_t, uint32_t, + uint32_t, uint32_t, uint8_t *, uint8_t *); + static int rotateImage(uint16_t, struct image_data *, uint32_t *, uint32_t *, +- unsigned char **); ++ unsigned char **, size_t *); + static int mirrorImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, + unsigned char *); + static int invertImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, +@@ -7243,7 +7243,7 @@ static int correct_orientation(struct image_data *image, + } + + if (rotateImage(rotation, image, &image->width, &image->length, +- work_buff_ptr)) ++ work_buff_ptr, NULL)) + { + TIFFError("correct_orientation", "Unable to rotate image"); + return (-1); +@@ -8563,8 +8563,12 @@ static int processCropSelections(struct image_data *image, + if (crop->crop_mode & CROP_ROTATE) /* rotate should be last as it can + reallocate the buffer */ + { ++ /* rotateImage() set up a new buffer and calculates its size ++ * individually. Therefore, seg_buffs size needs to be updated ++ * accordingly. */ ++ size_t rot_buf_size = 0; + if (rotateImage(crop->rotation, image, &crop->combined_width, +- &crop->combined_length, &crop_buff)) ++ &crop->combined_length, &crop_buff, &rot_buf_size)) + { + TIFFError("processCropSelections", + "Failed to rotate composite regions by %" PRIu32 +@@ -8573,9 +8577,7 @@ static int processCropSelections(struct image_data *image, + return (-1); + } + seg_buffs[0].buffer = crop_buff; +- seg_buffs[0].size = +- (((crop->combined_width * image->bps + 7) / 8) * image->spp) * +- crop->combined_length; ++ seg_buffs[0].size = rot_buf_size; + } + } + else /* Separated Images */ +@@ -8686,10 +8688,13 @@ static int processCropSelections(struct image_data *image, + * ->yres, what it schouldn't do here, when more than one + * section is processed. ToDo: Therefore rotateImage() and its + * usage has to be reworked (e.g. like mirrorImage()) !! +- */ +- if (rotateImage(crop->rotation, image, +- &crop->regionlist[i].width, +- &crop->regionlist[i].length, &crop_buff)) ++ * Furthermore, rotateImage() set up a new buffer and calculates ++ * its size individually. Therefore, seg_buffs size needs to be ++ * updated accordingly. */ ++ size_t rot_buf_size = 0; ++ if (rotateImage( ++ crop->rotation, image, &crop->regionlist[i].width, ++ &crop->regionlist[i].length, &crop_buff, &rot_buf_size)) + { + TIFFError("processCropSelections", + "Failed to rotate crop region by %" PRIu16 +@@ -8702,10 +8707,7 @@ static int processCropSelections(struct image_data *image, + crop->combined_width = total_width; + crop->combined_length = total_length; + seg_buffs[i].buffer = crop_buff; +- seg_buffs[i].size = +- (((crop->regionlist[i].width * image->bps + 7) / 8) * +- image->spp) * +- crop->regionlist[i].length; ++ seg_buffs[i].size = rot_buf_size; + } + } /* for crop->selections loop */ + } /* Separated Images (else case) */ +@@ -8836,7 +8838,7 @@ static int createCroppedImage(struct image_data *image, struct crop_mask *crop, + CROP_ROTATE) /* rotate should be last as it can reallocate the buffer */ + { + if (rotateImage(crop->rotation, image, &crop->combined_width, +- &crop->combined_length, crop_buff_ptr)) ++ &crop->combined_length, crop_buff_ptr, NULL)) + { + TIFFError("createCroppedImage", + "Failed to rotate image or cropped selection by %" PRIu16 +@@ -9552,7 +9554,7 @@ static int rotateContigSamples32bits(uint16_t rotation, uint16_t spp, + /* Rotate an image by a multiple of 90 degrees clockwise */ + static int rotateImage(uint16_t rotation, struct image_data *image, + uint32_t *img_width, uint32_t *img_length, +- unsigned char **ibuff_ptr) ++ unsigned char **ibuff_ptr, size_t *rot_buf_size) + { + int shift_width; + uint32_t bytes_per_pixel, bytes_per_sample; +@@ -9610,6 +9612,8 @@ static int rotateImage(uint16_t rotation, struct image_data *image, + return (-1); + } + _TIFFmemset(rbuff, '\0', buffsize + NUM_BUFF_OVERSIZE_BYTES); ++ if (rot_buf_size != NULL) ++ *rot_buf_size = buffsize; + + ibuff = *ibuff_ptr; + switch (rotation) +-- +GitLab + +From 69818e2f2d246e6631ac2a2da692c3706b849c38 Mon Sep 17 00:00:00 2001 +From: Su_Laus <[email protected]> +Date: Sun, 29 Jan 2023 11:09:26 +0100 +Subject: [PATCH] tiffcrop: Amend rotateImage() not to toggle the input (main) + image width and length parameters when only cropped image sections are + rotated. Remove buffptr from region structure because never used. + +Closes #492 #493 #494 #495 #499 #518 #519 +--- + tools/tiffcrop.c | 59 ++++++++++++++++++++++++++++-------------------- + 1 file changed, 35 insertions(+), 24 deletions(-) + +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index ebea7475..519871ec 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -296,7 +296,6 @@ struct region + uint32_t width; /* width in pixels */ + uint32_t length; /* length in pixels */ + uint32_t buffsize; /* size of buffer needed to hold the cropped region */ +- unsigned char *buffptr; /* address of start of the region */ + }; + + /* Cropping parameters from command line and image data +@@ -577,7 +576,7 @@ static int rotateContigSamples24bits(uint16_t, uint16_t, uint16_t, uint32_t, + static int rotateContigSamples32bits(uint16_t, uint16_t, uint16_t, uint32_t, + uint32_t, uint32_t, uint8_t *, uint8_t *); + static int rotateImage(uint16_t, struct image_data *, uint32_t *, uint32_t *, +- unsigned char **, size_t *); ++ unsigned char **, size_t *, int); + static int mirrorImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, + unsigned char *); + static int invertImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, +@@ -5782,7 +5781,6 @@ static void initCropMasks(struct crop_mask *cps) + cps->regionlist[i].width = 0; + cps->regionlist[i].length = 0; + cps->regionlist[i].buffsize = 0; +- cps->regionlist[i].buffptr = NULL; + cps->zonelist[i].position = 0; + cps->zonelist[i].total = 0; + } +@@ -7266,9 +7264,13 @@ static int correct_orientation(struct image_data *image, + (uint16_t)(image->adjustments & ROTATE_ANY)); + return (-1); + } +- +- if (rotateImage(rotation, image, &image->width, &image->length, +- work_buff_ptr, NULL)) ++ /* Dummy variable in order not to switch two times the ++ * image->width,->length within rotateImage(), ++ * but switch xres, yres there. */ ++ uint32_t width = image->width; ++ uint32_t length = image->length; ++ if (rotateImage(rotation, image, &width, &length, work_buff_ptr, NULL, ++ TRUE)) + { + TIFFError("correct_orientation", "Unable to rotate image"); + return (-1); +@@ -7377,7 +7379,6 @@ static int extractCompositeRegions(struct image_data *image, + /* These should not be needed for composite images */ + crop->regionlist[i].width = crop_width; + crop->regionlist[i].length = crop_length; +- crop->regionlist[i].buffptr = crop_buff; + + src_rowsize = ((img_width * bps * spp) + 7) / 8; + dst_rowsize = (((crop_width * bps * count) + 7) / 8); +@@ -7640,7 +7641,6 @@ static int extractSeparateRegion(struct image_data *image, + + crop->regionlist[region].width = crop_width; + crop->regionlist[region].length = crop_length; +- crop->regionlist[region].buffptr = crop_buff; + + src = read_buff; + dst = crop_buff; +@@ -8635,7 +8635,8 @@ static int processCropSelections(struct image_data *image, + * accordingly. */ + size_t rot_buf_size = 0; + if (rotateImage(crop->rotation, image, &crop->combined_width, +- &crop->combined_length, &crop_buff, &rot_buf_size)) ++ &crop->combined_length, &crop_buff, &rot_buf_size, ++ FALSE)) + { + TIFFError("processCropSelections", + "Failed to rotate composite regions by %" PRIu32 +@@ -8759,9 +8760,10 @@ static int processCropSelections(struct image_data *image, + * its size individually. Therefore, seg_buffs size needs to be + * updated accordingly. */ + size_t rot_buf_size = 0; +- if (rotateImage( +- crop->rotation, image, &crop->regionlist[i].width, +- &crop->regionlist[i].length, &crop_buff, &rot_buf_size)) ++ if (rotateImage(crop->rotation, image, ++ &crop->regionlist[i].width, ++ &crop->regionlist[i].length, &crop_buff, ++ &rot_buf_size, FALSE)) + { + TIFFError("processCropSelections", + "Failed to rotate crop region by %" PRIu16 +@@ -8905,7 +8907,7 @@ static int createCroppedImage(struct image_data *image, struct crop_mask *crop, + CROP_ROTATE) /* rotate should be last as it can reallocate the buffer */ + { + if (rotateImage(crop->rotation, image, &crop->combined_width, +- &crop->combined_length, crop_buff_ptr, NULL)) ++ &crop->combined_length, crop_buff_ptr, NULL, TRUE)) + { + TIFFError("createCroppedImage", + "Failed to rotate image or cropped selection by %" PRIu16 +@@ -9621,7 +9623,8 @@ static int rotateContigSamples32bits(uint16_t rotation, uint16_t spp, + /* Rotate an image by a multiple of 90 degrees clockwise */ + static int rotateImage(uint16_t rotation, struct image_data *image, + uint32_t *img_width, uint32_t *img_length, +- unsigned char **ibuff_ptr, size_t *rot_buf_size) ++ unsigned char **ibuff_ptr, size_t *rot_buf_size, ++ int rot_image_params) + { + int shift_width; + uint32_t bytes_per_pixel, bytes_per_sample; +@@ -9869,11 +9872,15 @@ static int rotateImage(uint16_t rotation, struct image_data *image, + + *img_width = length; + *img_length = width; +- image->width = length; +- image->length = width; +- res_temp = image->xres; +- image->xres = image->yres; +- image->yres = res_temp; ++ /* Only toggle image parameters if whole input image is rotated. */ ++ if (rot_image_params) ++ { ++ image->width = length; ++ image->length = width; ++ res_temp = image->xres; ++ image->xres = image->yres; ++ image->yres = res_temp; ++ } + break; + + case 270: +@@ -9956,11 +9963,15 @@ static int rotateImage(uint16_t rotation, struct image_data *image, + + *img_width = length; + *img_length = width; +- image->width = length; +- image->length = width; +- res_temp = image->xres; +- image->xres = image->yres; +- image->yres = res_temp; ++ /* Only toggle image parameters if whole input image is rotated. */ ++ if (rot_image_params) ++ { ++ image->width = length; ++ image->length = width; ++ res_temp = image->xres; ++ image->xres = image->yres; ++ image->yres = res_temp; ++ } + break; + default: + break; +-- +GitLab diff --git a/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0800-CVE-2023-0801-CVE-2023-0802-CVE-2023-0803-CVE-2023-0804.patch b/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0800-CVE-2023-0801-CVE-2023-0802-CVE-2023-0803-CVE-2023-0804.patch new file mode 100644 index 000000000000..41fe439f9159 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0800-CVE-2023-0801-CVE-2023-0802-CVE-2023-0803-CVE-2023-0804.patch @@ -0,0 +1,131 @@ +Index: tiff-4.5.0/tools/tiffcrop.c +=================================================================== +Upstream commit: +https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00 +From 82a7fbb1fa7228499ffeb3a57a1d106a9626d57c Mon Sep 17 00:00:00 2001 +From: Su Laus <[email protected]> +Date: Sun, 5 Feb 2023 15:53:15 +0000 +Subject: [PATCH] tiffcrop: added check for assumption on composite images + (fixes #496) + +tiffcrop: For composite images with more than one region, the combined_length or combined_width always needs to be equal, respectively. Otherwise, even the first section/region copy action might cause buffer overrun. This is now checked before the first copy action. + +Closes #496, #497, #498, #500, #501. +--- + tools/tiffcrop.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 66 insertions(+), 2 deletions(-) + +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index 84e26ac6..480b927c 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -5935,18 +5935,40 @@ static int computeInputPixelOffsets(struct crop_mask *crop, + + crop->regionlist[i].buffsize = buffsize; + crop->bufftotal += buffsize; ++ ++ /* For composite images with more than one region, the ++ * combined_length or combined_width always needs to be equal, ++ * respectively. ++ * Otherwise, even the first section/region copy ++ * action might cause buffer overrun. */ + if (crop->img_mode == COMPOSITE_IMAGES) + { + switch (crop->edge_ref) + { + case EDGE_LEFT: + case EDGE_RIGHT: ++ if (i > 0 && zlength != crop->combined_length) ++ { ++ TIFFError( ++ "computeInputPixelOffsets", ++ "Only equal length regions can be combined for " ++ "-E left or right"); ++ return (-1); ++ } + crop->combined_length = zlength; + crop->combined_width += zwidth; + break; + case EDGE_BOTTOM: + case EDGE_TOP: /* width from left, length from top */ + default: ++ if (i > 0 && zwidth != crop->combined_width) ++ { ++ TIFFError("computeInputPixelOffsets", ++ "Only equal width regions can be " ++ "combined for -E " ++ "top or bottom"); ++ return (-1); ++ } + crop->combined_width = zwidth; + crop->combined_length += zlength; + break; +@@ -7301,6 +7323,46 @@ static int extractCompositeRegions(struct image_data *image, + crop->combined_width = 0; + crop->combined_length = 0; + ++ /* If there is more than one region, check beforehand whether all the width ++ * and length values of the regions are the same, respectively. */ ++ switch (crop->edge_ref) ++ { ++ default: ++ case EDGE_TOP: ++ case EDGE_BOTTOM: ++ for (i = 1; i < crop->selections; i++) ++ { ++ uint32_t crop_width0 = ++ crop->regionlist[i - 1].x2 - crop->regionlist[i - 1].x1 + 1; ++ uint32_t crop_width1 = ++ crop->regionlist[i].x2 - crop->regionlist[i].x1 + 1; ++ if (crop_width0 != crop_width1) ++ { ++ TIFFError("extractCompositeRegions", ++ "Only equal width regions can be combined for -E " ++ "top or bottom"); ++ return (1); ++ } ++ } ++ break; ++ case EDGE_LEFT: ++ case EDGE_RIGHT: ++ for (i = 1; i < crop->selections; i++) ++ { ++ uint32_t crop_length0 = ++ crop->regionlist[i - 1].y2 - crop->regionlist[i - 1].y1 + 1; ++ uint32_t crop_length1 = ++ crop->regionlist[i].y2 - crop->regionlist[i].y1 + 1; ++ if (crop_length0 != crop_length1) ++ { ++ TIFFError("extractCompositeRegions", ++ "Only equal length regions can be combined for " ++ "-E left or right"); ++ return (1); ++ } ++ } ++ } ++ + for (i = 0; i < crop->selections; i++) + { + /* rows, columns, width, length are expressed in pixels */ +@@ -7325,7 +7387,8 @@ static int extractCompositeRegions(struct image_data *image, + default: + case EDGE_TOP: + case EDGE_BOTTOM: +- if ((i > 0) && (crop_width != crop->regionlist[i - 1].width)) ++ if ((crop->selections > i + 1) && ++ (crop_width != crop->regionlist[i + 1].width)) + { + TIFFError("extractCompositeRegions", + "Only equal width regions can be combined for -E " +@@ -7418,7 +7481,8 @@ static int extractCompositeRegions(struct image_data *image, + case EDGE_LEFT: /* splice the pieces of each row together, side by + side */ + case EDGE_RIGHT: +- if ((i > 0) && (crop_length != crop->regionlist[i - 1].length)) ++ if ((crop->selections > i + 1) && ++ (crop_length != crop->regionlist[i + 1].length)) + { + TIFFError("extractCompositeRegions", + "Only equal length regions can be combined for " +-- +GitLab diff --git a/media-libs/tiff/files/tiff-4.5.0_rc1-skip-tools-tests-multilib.patch b/media-libs/tiff/files/tiff-4.5.0_rc1-skip-tools-tests-multilib.patch new file mode 100644 index 000000000000..831afd287226 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.5.0_rc1-skip-tools-tests-multilib.patch @@ -0,0 +1,52 @@ +https://gitlab.com/libtiff/libtiff/-/merge_requests/334 + +From e7605b93b12c2bf3c864910c23ac976045b5a05a Mon Sep 17 00:00:00 2001 +From: Sam James <[email protected]> +Date: Sat, 21 May 2022 01:01:35 +0100 +Subject: [PATCH 1/2] test (autotools): skip script tests if tools aren't built + +In Gentoo, we avoid building the tools for multilib (32-bit, x86) builds on +amd64/x86_64 because we only need the library to keep binary applications working. + +This causes a test failure in e.g. tiffcp-thumbnail.sh as the 'thumbnail' +binary isn't built. Skip it if unavailable. + +Fixes: https://gitlab.com/libtiff/libtiff/-/issues/421 +--- a/test/Makefile.am ++++ b/test/Makefile.am +@@ -55,13 +55,14 @@ XFAIL_TESTS = + CLEANFILES = test_packbits.tif o-* + + if HAVE_JPEG ++if TIFF_TOOLS + JPEG_DEPENDENT_CHECK_PROG=raw_decode + JPEG_DEPENDENT_TESTSCRIPTS=\ + tiff2rgba-quad-tile.jpg.sh \ + tiff2rgba-ojpeg_zackthecat_subsamp22_single_strip.sh \ + tiff2rgba-ojpeg_chewey_subsamp21_multi_strip.sh \ + tiff2rgba-ojpeg_single_strip_no_rowsperstrip.sh +- ++endif + else + JPEG_DEPENDENT_CHECK_PROG= + JPEG_DEPENDENT_TESTSCRIPTS= +@@ -76,6 +77,7 @@ check_PROGRAMS = \ + endif + + # Test scripts to execute ++if TIFF_TOOLS + TESTSCRIPTS = \ + ppm2tiff_pbm.sh \ + ppm2tiff_pgm.sh \ +@@ -156,6 +158,9 @@ TESTSCRIPTS = \ + testfax4.sh \ + testdeflatelaststripextradata.sh \ + $(JPEG_DEPENDENT_TESTSCRIPTS) ++else ++TESTSCRIPTS= ++endif + + # This list should contain the references files + # from the 'refs' subdirectory +-- +GitLab diff --git a/media-libs/tiff/tiff-4.5.0-r2.ebuild b/media-libs/tiff/tiff-4.5.0-r2.ebuild new file mode 100644 index 000000000000..ddb1a04fda89 --- /dev/null +++ b/media-libs/tiff/tiff-4.5.0-r2.ebuild @@ -0,0 +1,92 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +QA_PKGCONFIG_VERSION="$(ver_cut 1-3)" + +# Release signer can vary per version but not clear if others will be doing +# them in future, so gone with Even Rouault for now as he does other geosci +# stuff too like PROJ, GDAL. Previous release manager of TIFF was +# GraphicsMagick maintainer Bob Friesenhahn. Please be careful when verifying +# who made releases. +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/rouault.asc +inherit autotools multilib-minimal verify-sig flag-o-matic + +MY_P="${P/_rc/rc}" +DESCRIPTION="Tag Image File Format (TIFF) library" +HOMEPAGE="http://libtiff.maptools.org"; +SRC_URI="https://download.osgeo.org/libtiff/${MY_P}.tar.xz"; +SRC_URI+=" verify-sig? ( https://download.osgeo.org/libtiff/${MY_P}.tar.xz.sig )" +S="${WORKDIR}/${PN}-$(ver_cut 1-3)" + +LICENSE="libtiff" +SLOT="0/6" +if [[ ${PV} != *_rc* ]] ; then + KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi +IUSE="+cxx jbig jpeg lzma static-libs test webp zlib zstd" +RESTRICT="!test? ( test )" + +# bug #483132 +REQUIRED_USE="test? ( jpeg )" + +RDEPEND="jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) + jpeg? ( media-libs/libjpeg-turbo:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1[${MULTILIB_USEDEP}] ) + webp? ( media-libs/libwebp:=[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) + zstd? ( >=app-arch/zstd-1.3.7-r1:=[${MULTILIB_USEDEP}] )" +DEPEND="${RDEPEND}" +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-evenrouault )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/tiffconf.h +) + +PATCHES=( + "${FILESDIR}"/${PN}-4.5.0_rc1-skip-tools-tests-multilib.patch + "${FILESDIR}"/${PN}-4.5.0-CVE-2022-48281.patch + "${FILESDIR}"/${PN}-4.5.0-CVE-2023-0795-CVE-2023-0796-CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch + "${FILESDIR}"/${PN}-4.5.0-CVE-2023-0800-CVE-2023-0801-CVE-2023-0802-CVE-2023-0803-CVE-2023-0804.patch +) + +src_prepare() { + default + + # Added to fix cross-compilation + #elibtoolize + + # For skip-tools-tests-multilib.patch + eautoreconf +} + +multilib_src_configure() { + append-lfs-flags + + local myeconfargs=( + --disable-sphinx + --without-x + --with-docdir="${EPREFIX}"/usr/share/doc/${PF} + $(use_enable cxx) + $(use_enable jbig) + $(use_enable jpeg) + $(use_enable lzma) + $(use_enable static-libs static) + $(use_enable test tests) + $(use_enable webp) + $(use_enable zlib) + $(use_enable zstd) + + $(multilib_native_enable docs) + $(multilib_native_enable contrib) + $(multilib_native_enable tools) + ) + + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" +} + +multilib_src_install_all() { + find "${ED}" -type f -name '*.la' -delete || die + rm "${ED}"/usr/share/doc/${PF}/{README*,RELEASE-DATE,TODO,VERSION} || die +} diff --git a/media-libs/tiff/tiff-4.5.1.ebuild b/media-libs/tiff/tiff-4.5.1.ebuild new file mode 100644 index 000000000000..49afb1e4568f --- /dev/null +++ b/media-libs/tiff/tiff-4.5.1.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +QA_PKGCONFIG_VERSION="$(ver_cut 1-3)" + +# Release signer can vary per version but not clear if others will be doing +# them in future, so gone with Even Rouault for now as he does other geosci +# stuff too like PROJ, GDAL. Previous release manager of TIFF was +# GraphicsMagick maintainer Bob Friesenhahn. Please be careful when verifying +# who made releases. +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/rouault.asc +inherit libtool multilib-minimal verify-sig flag-o-matic + +MY_P="${P/_rc/rc}" +DESCRIPTION="Tag Image File Format (TIFF) library" +HOMEPAGE="http://libtiff.maptools.org"; +SRC_URI="https://download.osgeo.org/libtiff/${MY_P}.tar.xz"; +SRC_URI+=" verify-sig? ( https://download.osgeo.org/libtiff/${MY_P}.tar.xz.sig )" +S="${WORKDIR}/${PN}-$(ver_cut 1-3)" + +LICENSE="libtiff" +SLOT="0/6" +if [[ ${PV} != *_rc* ]] ; then + KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi +IUSE="+cxx jbig jpeg lzma static-libs test webp zlib zstd" +RESTRICT="!test? ( test )" + +# bug #483132 +REQUIRED_USE="test? ( jpeg )" + +RDEPEND=" + jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) + jpeg? ( media-libs/libjpeg-turbo:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1[${MULTILIB_USEDEP}] ) + webp? ( media-libs/libwebp:=[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) + zstd? ( >=app-arch/zstd-1.3.7-r1:=[${MULTILIB_USEDEP}] ) +" +DEPEND="${RDEPEND}" +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-evenrouault )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/tiffconf.h +) + +src_prepare() { + default + + # Added to fix cross-compilation + elibtoolize +} + +multilib_src_configure() { + append-lfs-flags + + local myeconfargs=( + --disable-sphinx + --without-x + --with-docdir="${EPREFIX}"/usr/share/doc/${PF} + $(use_enable cxx) + $(use_enable jbig) + $(use_enable jpeg) + $(use_enable lzma) + $(use_enable static-libs static) + $(use_enable test tests) + $(use_enable webp) + $(use_enable zlib) + $(use_enable zstd) + + $(multilib_native_enable docs) + $(multilib_native_enable contrib) + $(multilib_native_enable tools) + ) + + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" +} + +multilib_src_install_all() { + find "${ED}" -type f -name '*.la' -delete || die + rm "${ED}"/usr/share/doc/${PF}/{README*,RELEASE-DATE,TODO,VERSION} || die +}
