commit tiff for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package tiff for openSUSE:Factory checked in 
at 2018-09-11 17:10:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tiff (Old)
 and      /work/SRC/openSUSE:Factory/.tiff.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "tiff"

Tue Sep 11 17:10:49 2018 rev:74 rq:631401 version:4.0.9

Changes:
--------
--- /work/SRC/openSUSE:Factory/tiff/tiff.changes        2018-06-08 
23:20:01.558180325 +0200
+++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes   2018-09-11 
17:10:52.348005826 +0200
@@ -1,0 +2,12 @@
+Fri Aug 24 11:43:53 UTC 2018 - pgaj...@suse.com
+
+- remove pal2rgb tool [bsc#1071031]
+
+-------------------------------------------------------------------
+Wed Aug 15 15:10:32 UTC 2018 - pgaj...@suse.com
+
+- security update
+  * CVE-2018-10779 [bsc#1092480]
+    + tiff-CVE-2018-10779.patch
+
+-------------------------------------------------------------------

New:
----
  tiff-CVE-2018-10779.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tiff.spec ++++++
--- /var/tmp/diff_new_pack.v3hOIn/_old  2018-09-11 17:10:53.156004570 +0200
+++ /var/tmp/diff_new_pack.v3hOIn/_new  2018-09-11 17:10:53.160004564 +0200
@@ -37,6 +37,7 @@
 Patch6:         tiff-CVE-2018-7456.patch
 Patch7:         tiff-CVE-2017-11613.patch
 Patch8:         tiff-CVE-2018-8905.patch
+Patch9:         tiff-CVE-2018-10779.patch
 
 BuildRequires:  gcc-c++
 BuildRequires:  libjpeg-devel
@@ -107,6 +108,7 @@
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
 
 %build
 CFLAGS="%{optflags} -fPIE"
@@ -127,6 +129,12 @@
 rm -rf %{buildroot}%{_datadir}/doc/tiff*
 find %{buildroot} -type f -name "*.la" -delete -print
 find html -name "Makefile*" | xargs rm
+# remove pal2rgb, bsc#1071031
+for tool in pal2rgb; do
+  rm %{buildroot}%{_bindir}/$tool
+  rm %{buildroot}%{_mandir}/man1/$tool.1
+  rm html/man/$tool.1.html
+done
 
 %check
 for i in tools test; do

++++++ tiff-CVE-2018-10779.patch ++++++
diff --git a/libtiff/tif_write.c b/libtiff/tif_write.c
index 
586f6fdff66a7a0c1864dbe1e2c5831602b055ce..a31ecd12c133ac18bed6bfbc97fcbad5e19a3257
 100644
--- a/libtiff/tif_write.c
+++ b/libtiff/tif_write.c
@@ -538,9 +538,11 @@ TIFFSetupStrips(TIFF* tif)
        if (td->td_planarconfig == PLANARCONFIG_SEPARATE)
                td->td_stripsperimage /= td->td_samplesperpixel;
        td->td_stripoffset = (uint64 *)
-           _TIFFmalloc(td->td_nstrips * sizeof (uint64));
+            _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64),
+                             "for \"StripOffsets\" array");
        td->td_stripbytecount = (uint64 *)
-           _TIFFmalloc(td->td_nstrips * sizeof (uint64));
+            _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64),
+                             "for \"StripByteCounts\" array");
        if (td->td_stripoffset == NULL || td->td_stripbytecount == NULL)
                return (0);
        /*