Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-11-26 10:13:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new.19453 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tiff" Mon Nov 26 10:13:11 2018 rev:76 rq:650209 version:4.0.10 Changes: -------- --- /work/SRC/openSUSE:Factory/tiff/tiff.changes 2018-10-23 20:35:59.720859357 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new.19453/tiff.changes 2018-11-26 10:13:21.990220372 +0100 @@ -1,0 +2,37 @@ +Mon Nov 19 13:56:48 UTC 2018 - Petr Gajdos <[email protected]> + +- security update + * CVE-2018-19210 [bsc#1115717] + + tiff-CVE-2018-19210.patch + +------------------------------------------------------------------- +Tue Nov 13 10:20:45 UTC 2018 - Tomáš Chvátal <[email protected]> + +- Support only SLE12+ and remove the no longer needed conditions + +------------------------------------------------------------------- +Tue Nov 13 08:18:54 UTC 2018 - Petr Gajdos <[email protected]> + +- security update + * CVE-2018-12900 [bsc#1099257] + + tiff-CVE-2018-12900.patch + +------------------------------------------------------------------- +Mon Nov 12 11:37:11 UTC 2018 - Petr Gajdos <[email protected]> + +- upddated to 4.0.10: + * fixes several CVEs mentioned below plus CVE-2018-18557 and + CVE-2018-18661 and more +- removed patches + * tiff-CVE-2017-11613,CVE-2018-16335,15209.patch + * tiff-CVE-2017-18013.patch + * tiff-CVE-2017-9935,CVE-2018-17795.patch + * tiff-CVE-2018-10779.patch + * tiff-CVE-2018-10963.patch + * tiff-CVE-2018-17100.patch + * tiff-CVE-2018-17101.patch + * tiff-CVE-2018-7456.patch + * tiff-CVE-2018-8905.patch + * tiff-4.0.9-bsc1081690-CVE-2018-5784.patch + +------------------------------------------------------------------- Old: ---- tiff-4.0.9-bsc1081690-CVE-2018-5784.patch tiff-4.0.9.tar.gz tiff-CVE-2017-11613,CVE-2018-16335,15209.patch tiff-CVE-2017-18013.patch tiff-CVE-2017-9935,CVE-2018-17795.patch tiff-CVE-2018-10779.patch tiff-CVE-2018-10963.patch tiff-CVE-2018-17100.patch tiff-CVE-2018-17101.patch tiff-CVE-2018-7456.patch tiff-CVE-2018-8905.patch New: ---- tiff-4.0.10.tar.gz tiff-CVE-2018-12900.patch tiff-CVE-2018-19210.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tiff.spec ++++++ --- /var/tmp/diff_new_pack.wD4jLJ/_old 2018-11-26 10:13:23.162218997 +0100 +++ /var/tmp/diff_new_pack.wD4jLJ/_new 2018-11-26 10:13:23.166218993 +0100 @@ -17,53 +17,31 @@ %define asan_build 0 - +%define debug_build 0 Name: tiff -Version: 4.0.9 +Version: 4.0.10 Release: 0 Summary: Tools for Converting from and to the Tagged Image File Format License: HPND Group: Productivity/Graphics/Convertors -Url: http://www.simplesystems.org/libtiff/ +URL: http://www.simplesystems.org/libtiff/ Source: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz Source2: README.SUSE Source3: baselibs.conf Patch0: tiff-4.0.3-seek.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch1: tiff-4.0.3-compress-warning.patch -# Contained in upstream repo. See bsc#1046077 for commit IDs. -Patch2: tiff-CVE-2017-9935,CVE-2018-17795.patch -Patch3: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch -Patch4: tiff-CVE-2018-10963.patch -Patch5: tiff-CVE-2017-18013.patch -Patch6: tiff-CVE-2018-7456.patch -Patch7: tiff-CVE-2017-11613,CVE-2018-16335,15209.patch -Patch8: tiff-CVE-2018-8905.patch -Patch9: tiff-CVE-2018-10779.patch -Patch10: tiff-CVE-2018-17100.patch -Patch11: tiff-CVE-2018-17101.patch - +# http://bugzilla.maptools.org/show_bug.cgi?id=2798 +# https://gitlab.com/libtiff/libtiff/merge_requests/44 +Patch2: tiff-CVE-2018-12900.patch +Patch3: tiff-CVE-2018-19210.patch BuildRequires: gcc-c++ +BuildRequires: libjbig-devel BuildRequires: libjpeg-devel BuildRequires: libtool -BuildRequires: zlib-devel -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%if 0%{?suse_version} > 1030 BuildRequires: lzma-devel -%endif -%if 0%{?suse_version} <= 1000 BuildRequires: pkgconfig -%endif -%if 0%{?suse_version} > 1000 -BuildRequires: pkg-config -%endif -# bug437293 -%ifarch ppc64 -Obsoletes: tiff-64bit -%endif -%if 0%{?suse_version} > 1210 -BuildRequires: libjbig-devel -%endif +BuildRequires: pkgconfig(zlib) %description This package contains the library and support programs for the TIFF @@ -73,11 +51,6 @@ Summary: The Tiff Library (with JPEG and compression support) Group: System/Libraries Provides: libtiff = %{version} -# bug437293 -%ifarch ppc64 -Obsoletes: libtiff-64bit -%endif -# %description -n libtiff5 This package includes the tiff libraries. To link a program with @@ -90,11 +63,6 @@ Requires: glibc-devel Requires: libstdc++-devel Requires: libtiff5 = %{version} -# bug437293 -%ifarch ppc64 -Obsoletes: tiff-devel-64bit -%endif -# %description -n libtiff-devel This package contains the header files and static libraries for @@ -107,17 +75,12 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 %build CFLAGS="%{optflags} -fPIE" +%if %{debug_build} +CFLAGS="$CFLAGS -O0" +%endif %configure --disable-static %if %{asan_build} find -name Makefile | xargs sed -i 's/\(^CFLAGS.*\)/\1 -fsanitize=address/' @@ -126,7 +89,7 @@ %install mkdir -p %{buildroot}/{%{_mandir}/{man1,man3},usr/{bin,lib,include}} -make DESTDIR=%{buildroot} install %{?_smp_mflags} +%make_install for f in `find %{buildroot}/%{_mandir} -type f -print ` ; do if [ `wc -l <$f` -eq 1 ] && grep -q "^\.so " $f ; then linkto=`sed -e "s|^\.so ||" $f` @@ -155,23 +118,20 @@ done %post -n libtiff5 -p /sbin/ldconfig - %postun -n libtiff5 -p /sbin/ldconfig %files -%defattr(-,root,root) %{_bindir}/* %doc html -%doc README COPYRIGHT VERSION ChangeLog TODO RELEASE-DATE +%doc README.md VERSION ChangeLog TODO RELEASE-DATE %{_mandir}/man1/* %files -n libtiff5 -%defattr(-,root,root) -%doc README COPYRIGHT README.SUSE +%license COPYRIGHT +%doc README.md README.SUSE %{_libdir}/*.so.* %files -n libtiff-devel -%defattr(-,root,root) %{_includedir}/* %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc ++++++ tiff-4.0.9.tar.gz -> tiff-4.0.10.tar.gz ++++++ ++++ 14400 lines of diff (skipped) ++++++ tiff-CVE-2017-11613,CVE-2018-16335,15209.patch -> tiff-CVE-2018-12900.patch ++++++ --- /work/SRC/openSUSE:Factory/tiff/tiff-CVE-2017-11613,CVE-2018-16335,15209.patch 2018-10-23 20:35:57.216862348 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new.19453/tiff-CVE-2018-12900.patch 2018-11-26 10:13:21.714220695 +0100 @@ -1,21 +1,17 @@ -Index: tiff-4.0.9/libtiff/tif_dirread.c +Index: tiff-4.0.10/tools/tiffcp.c =================================================================== ---- tiff-4.0.9.orig/libtiff/tif_dirread.c 2018-06-04 16:49:48.940452546 +0200 -+++ tiff-4.0.9/libtiff/tif_dirread.c 2018-06-04 16:50:18.572859131 +0200 -@@ -5760,6 +5760,16 @@ ChopUpSingleUncompressedStrip(TIFF* tif) - if( nstrips == 0 ) - return; - -+ /* If we are going to allocate a lot of memory, make sure that the */ -+ /* file is as big as needed */ -+ if( tif->tif_mode == O_RDONLY && -+ nstrips > 1000000 && -+ (offset >= TIFFGetFileSize(tif) || -+ stripbytes > (TIFFGetFileSize(tif) - offset) / (nstrips - 1)) ) +--- tiff-4.0.10.orig/tools/tiffcp.c 2018-10-13 15:58:55.180101778 +0200 ++++ tiff-4.0.10/tools/tiffcp.c 2018-11-12 17:00:52.706128841 +0100 +@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuf + status = 0; + goto done; + } ++ if (0xFFFFFFFF / tilew < spp) + { -+ return; ++ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps); ++ status = 0; ++ goto done; + } -+ - newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripByteCounts\" array"); - newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), + bytes_per_sample = bps/8; + + for (row = 0; row < imagelength; row += tl) { ++++++ tiff-CVE-2017-11613,CVE-2018-16335,15209.patch -> tiff-CVE-2018-19210.patch ++++++ --- /work/SRC/openSUSE:Factory/tiff/tiff-CVE-2017-11613,CVE-2018-16335,15209.patch 2018-10-23 20:35:57.216862348 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new.19453/tiff-CVE-2018-19210.patch 2018-11-26 10:13:21.782220616 +0100 @@ -1,21 +1,14 @@ -Index: tiff-4.0.9/libtiff/tif_dirread.c +Index: tiff-4.0.10/libtiff/tif_dirwrite.c =================================================================== ---- tiff-4.0.9.orig/libtiff/tif_dirread.c 2018-06-04 16:49:48.940452546 +0200 -+++ tiff-4.0.9/libtiff/tif_dirread.c 2018-06-04 16:50:18.572859131 +0200 -@@ -5760,6 +5760,16 @@ ChopUpSingleUncompressedStrip(TIFF* tif) - if( nstrips == 0 ) - return; - -+ /* If we are going to allocate a lot of memory, make sure that the */ -+ /* file is as big as needed */ -+ if( tif->tif_mode == O_RDONLY && -+ nstrips > 1000000 && -+ (offset >= TIFFGetFileSize(tif) || -+ stripbytes > (TIFFGetFileSize(tif) - offset) / (nstrips - 1)) ) -+ { -+ return; -+ } -+ - newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripByteCounts\" array"); - newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), +--- tiff-4.0.10.orig/libtiff/tif_dirwrite.c 2018-06-24 22:26:30.335763566 +0200 ++++ tiff-4.0.10/libtiff/tif_dirwrite.c 2018-11-19 14:21:42.703256410 +0100 +@@ -1883,6 +1883,9 @@ TIFFWriteDirectoryTagTransferfunction(TI + } + m=(1<<tif->tif_dir.td_bitspersample); + n=tif->tif_dir.td_samplesperpixel-tif->tif_dir.td_extrasamples; ++ if (tif->tif_dir.td_transferfunction[2] == NULL || ++ tif->tif_dir.td_transferfunction[1] == NULL) ++ n = 1; + /* + * Check if the table can be written as a single column, + * or if it must be written as 3 columns. Note that we
