[ptxdist] [PATCH] libtiff: version bump 4.3.0 -> 4.7.0

Roman Schnider via ptxdist Tue, 18 Mar 2025 01:53:48 -0700

--- Begin Message ---

Bugfix releases addressing multiple CVEs:
https://libtiff.gitlab.io/libtiff/releases/v4.4.0.html
https://libtiff.gitlab.io/libtiff/releases/v4.5.0.html
https://libtiff.gitlab.io/libtiff/releases/v4.6.0.html
https://libtiff.gitlab.io/libtiff/releases/v4.7.0.html


Adapted configure options to new version

License file:
Was renamed from COPYRIGHT to LICENSE.md and changed copyright annotation

Plugs CVEs:
CVE-2022-3599, CVE-2022-34526, CVE-2022-3570, CVE-2022-3598,
CVE-2022-3627, CVE-2022-3597, CVE-2022-3626, CVE-2022-2056,
CVE-2022-2057, CVE-2022-2058, CVE-2023-52356, CVE-2024-7006

Signed-off-by: Roman Schnider <[email protected]>
---
 rules/libtiff.make | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/rules/libtiff.make b/rules/libtiff.make
index 1f515e040..14be848b8 100644
--- a/rules/libtiff.make
+++ b/rules/libtiff.make
@@ -14,15 +14,15 @@ PACKAGES-$(PTXCONF_LIBTIFF) += libtiff
 #
 # Paths and names
 #
-LIBTIFF_VERSION                := 4.3.0
-LIBTIFF_MD5            := 0a2e4744d1426a8fc8211c0cdbc3a1b3
+LIBTIFF_VERSION                := 4.7.0
+LIBTIFF_MD5            := 3a0fa4a270a4a192b08913f88d0cfbdd
 LIBTIFF                        := tiff-$(LIBTIFF_VERSION)
 LIBTIFF_SUFFIX         := tar.gz
 LIBTIFF_URL            := 
http://download.osgeo.org/libtiff/$(LIBTIFF).$(LIBTIFF_SUFFIX)
 LIBTIFF_SOURCE         := $(SRCDIR)/$(LIBTIFF).$(LIBTIFF_SUFFIX)
 LIBTIFF_DIR            := $(BUILDDIR)/$(LIBTIFF)
 LIBTIFF_LICENSE                := libtiff
-LIBTIFF_LICENSE_FILES  := file://COPYRIGHT;md5=34da3db46fab7501992f9615d7e158cf
+LIBTIFF_LICENSE_FILES  := 
file://LICENSE.md;md5=a3e32d664d6db1386b4689c8121531c3
 
 # ----------------------------------------------------------------------------
 # Prepare
@@ -41,8 +41,13 @@ LIBTIFF_CONF_OPT     := \
        --enable-dependency-tracking \
        --disable-ld-version-script \
        --enable-libtool-lock \
+       --enable-deprecated \
        --disable-rpath \
        $(GLOBAL_LARGE_FILE_OPTION) \
+       --$(call ptx/endis, PTXCONF_LIBTIFF_TOOLS)-tools \
+       --disable-tests \
+       --disable-contrib \
+       --disable-docs \
        --enable-ccitt \
        --enable-packbits \
        --enable-lzw \
@@ -62,12 +67,14 @@ LIBTIFF_CONF_OPT    := \
        --$(call ptx/endis, PTXCONF_LIBTIFF_WEBP)-webp \
        --disable-jpeg12 \
        --disable-cxx \
+       --disable-opengl \
        --disable-win32-io \
        --enable-strip-chopping \
        --disable-defer-strile-load \
        --disable-chunky-strip-read \
        --enable-extrasample-as-alpha \
-       --enable-check-ycbcr-subsampling
+       --enable-check-ycbcr-subsampling \
+       --disable-sphinx
 
 # ----------------------------------------------------------------------------
 # Target-Install
-- 
2.43.0

--- End Message ---

[ptxdist] [PATCH] libtiff: version bump 4.3.0 -> 4.7.0

Reply via email to