Thanks, applied as 6b2f537fd77d57e21a5a4266322ac273473f16d1.

Michael

[sent from post-receive hook]

On Mon, 24 Mar 2025 08:45:57 +0100, Roman Schnider <[email protected]> wrote:
> Bugfix releases addressing multiple CVEs:
> https://libtiff.gitlab.io/libtiff/releases/v4.4.0.html
> https://libtiff.gitlab.io/libtiff/releases/v4.5.0.html
> https://libtiff.gitlab.io/libtiff/releases/v4.6.0.html
> https://libtiff.gitlab.io/libtiff/releases/v4.7.0.html
> 
> Adapted configure options to new version
> 
> License file:
> Was renamed from COPYRIGHT to LICENSE.md and changed copyright annotation
> 
> Plugs CVEs:
> CVE-2022-3599, CVE-2022-34526, CVE-2022-3570, CVE-2022-3598,
> CVE-2022-3627, CVE-2022-3597, CVE-2022-3626, CVE-2022-2056,
> CVE-2022-2057, CVE-2022-2058, CVE-2023-52356, CVE-2024-7006
> 
> Signed-off-by: Roman Schnider <[email protected]>
> Message-Id: <[email protected]>
> Signed-off-by: Michael Olbrich <[email protected]>
> 
> diff --git a/rules/libtiff.make b/rules/libtiff.make
> index 1f515e040fc7..14be848b82e8 100644
> --- a/rules/libtiff.make
> +++ b/rules/libtiff.make
> @@ -14,15 +14,15 @@ PACKAGES-$(PTXCONF_LIBTIFF) += libtiff
>  #
>  # Paths and names
>  #
> -LIBTIFF_VERSION              := 4.3.0
> -LIBTIFF_MD5          := 0a2e4744d1426a8fc8211c0cdbc3a1b3
> +LIBTIFF_VERSION              := 4.7.0
> +LIBTIFF_MD5          := 3a0fa4a270a4a192b08913f88d0cfbdd
>  LIBTIFF                      := tiff-$(LIBTIFF_VERSION)
>  LIBTIFF_SUFFIX               := tar.gz
>  LIBTIFF_URL          := 
> http://download.osgeo.org/libtiff/$(LIBTIFF).$(LIBTIFF_SUFFIX)
>  LIBTIFF_SOURCE               := $(SRCDIR)/$(LIBTIFF).$(LIBTIFF_SUFFIX)
>  LIBTIFF_DIR          := $(BUILDDIR)/$(LIBTIFF)
>  LIBTIFF_LICENSE              := libtiff
> -LIBTIFF_LICENSE_FILES        := 
> file://COPYRIGHT;md5=34da3db46fab7501992f9615d7e158cf
> +LIBTIFF_LICENSE_FILES        := 
> file://LICENSE.md;md5=a3e32d664d6db1386b4689c8121531c3
>  
>  # 
> ----------------------------------------------------------------------------
>  # Prepare
> @@ -41,8 +41,13 @@ LIBTIFF_CONF_OPT   := \
>       --enable-dependency-tracking \
>       --disable-ld-version-script \
>       --enable-libtool-lock \
> +     --enable-deprecated \
>       --disable-rpath \
>       $(GLOBAL_LARGE_FILE_OPTION) \
> +     --$(call ptx/endis, PTXCONF_LIBTIFF_TOOLS)-tools \
> +     --disable-tests \
> +     --disable-contrib \
> +     --disable-docs \
>       --enable-ccitt \
>       --enable-packbits \
>       --enable-lzw \
> @@ -62,12 +67,14 @@ LIBTIFF_CONF_OPT  := \
>       --$(call ptx/endis, PTXCONF_LIBTIFF_WEBP)-webp \
>       --disable-jpeg12 \
>       --disable-cxx \
> +     --disable-opengl \
>       --disable-win32-io \
>       --enable-strip-chopping \
>       --disable-defer-strile-load \
>       --disable-chunky-strip-read \
>       --enable-extrasample-as-alpha \
> -     --enable-check-ycbcr-subsampling
> +     --enable-check-ycbcr-subsampling \
> +     --disable-sphinx
>  
>  # 
> ----------------------------------------------------------------------------
>  # Target-Install

Reply via email to