Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-05-19 15:41:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tiff" Sat May 19 15:41:47 2018 rev:72 rq:610255 version:4.0.9 Changes: -------- --- /work/SRC/openSUSE:Factory/tiff/tiff.changes 2018-02-25 12:20:53.726736559 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-05-19 15:41:51.451963956 +0200 @@ -1,0 +2,14 @@ +Fri May 18 09:18:26 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2017-18013 [bsc#1074317] + + tiff-CVE-2017-18013.patch + +------------------------------------------------------------------- +Tue May 15 12:26:45 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2018-10963 [bsc#1092949] + + tiff-CVE-2018-10963.patch + +------------------------------------------------------------------- New: ---- tiff-CVE-2017-18013.patch tiff-CVE-2018-10963.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tiff.spec ++++++ --- /var/tmp/diff_new_pack.5OMCSN/_old 2018-05-19 15:41:52.251934688 +0200 +++ /var/tmp/diff_new_pack.5OMCSN/_new 2018-05-19 15:41:52.251934688 +0200 @@ -32,6 +32,8 @@ # Contained in upstream repo. See bsc#1046077 for commit IDs. Patch2: tiff-4.0.9-bsc1046077-CVE-2017-9935.patch Patch3: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch +Patch4: tiff-CVE-2018-10963.patch +Patch5: tiff-CVE-2017-18013.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -97,6 +99,8 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build CFLAGS="%{optflags} -fPIE" ++++++ tiff-CVE-2017-18013.patch ++++++ --- a/libtiff/tif_print.c +++ b/libtiff/tif_print.c @@ -665,13 +665,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) fprintf(fd, " %3lu: [%8I64u, %8I64u]\n", (unsigned long) s, - (unsigned __int64) td->td_stripoffset[s], - (unsigned __int64) td->td_stripbytecount[s]); + td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0, + td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0); #else fprintf(fd, " %3lu: [%8llu, %8llu]\n", (unsigned long) s, - (unsigned long long) td->td_stripoffset[s], - (unsigned long long) td->td_stripbytecount[s]); + td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0, + td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0); #endif } } ++++++ tiff-CVE-2018-10963.patch ++++++ diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c index 2430de6..c15a28d 100644 --- a/libtiff/tif_dirwrite.c +++ b/libtiff/tif_dirwrite.c @@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) } break; default: - assert(0); /* we should never get here */ - break; + TIFFErrorExt(tif->tif_clientdata,module, + "Cannot write tag %d (%s)", + TIFFFieldTag(o), + o->field_name ? o->field_name : "unknown"); + goto bad; } } }