[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: c57fa2f06ec67e7994f12a4e4c6e2e3b7ed2541b Author: Sam James gentoo org> AuthorDate: Wed Feb 22 16:22:25 2023 + Commit: Sam James gentoo org> CommitDate: Wed Feb 22 16:22:25 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c57fa2f0 Revert "media-libs/tiff: Fix several CVEs" This reverts commit 7ebadfbb4602052047e063e83e78cf398d2610c5. Reverting so I can fix the Bug tag I messed up. Signed-off-by: Sam James gentoo.org> ...CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch | 287 - ...CVE-2023-0802-CVE-2023-0803-CVE-2023-0804.patch | 131 -- media-libs/tiff/tiff-4.5.0-r2.ebuild | 92 --- 3 files changed, 510 deletions(-) diff --git a/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0795-CVE-2023-0796-CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch b/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0795-CVE-2023-0796-CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch deleted file mode 100644 index 70a9b8269ec5.. --- a/media-libs/tiff/files/tiff-4.5.0-CVE-2023-0795-CVE-2023-0796-CVE-2023-0797-CVE-2023-0798-CVE-2023-0799.patch +++ /dev/null @@ -1,287 +0,0 @@ -Index: tiff-4.5.0/tools/tiffcrop.c -=== -Upstream commits: -https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68 -https://gitlab.com/libtiff/libtiff/-/commit/9c22495e5eeeae9e00a1596720c969656bb8d678 -From 9c22495e5eeeae9e00a1596720c969656bb8d678 Mon Sep 17 00:00:00 2001 -From: Su_Laus -Date: Fri, 3 Feb 2023 15:31:31 +0100 -Subject: [PATCH] tiffcrop correctly update buffersize after rotateImage() - fix#520 rotateImage() set up a new buffer and calculates its size - individually. Therefore, seg_buffs[] size needs to be updated accordingly. - Before this fix, the seg_buffs buffer size was calculated with a different - formula than within rotateImage(). - -Closes #520. - tools/tiffcrop.c | 36 - 1 file changed, 20 insertions(+), 16 deletions(-) - -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c -index 7db69883..f8b66188 100644 a/tools/tiffcrop.c -+++ b/tools/tiffcrop.c -@@ -577,7 +577,7 @@ static int rotateContigSamples24bits(uint16_t, uint16_t, uint16_t, uint32_t, - static int rotateContigSamples32bits(uint16_t, uint16_t, uint16_t, uint32_t, - uint32_t, uint32_t, uint8_t *, uint8_t *); - static int rotateImage(uint16_t, struct image_data *, uint32_t *, uint32_t *, -- unsigned char **); -+ unsigned char **, size_t *); - static int mirrorImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, -unsigned char *); - static int invertImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t, -@@ -7243,7 +7243,7 @@ static int correct_orientation(struct image_data *image, - } - - if (rotateImage(rotation, image, &image->width, &image->length, --work_buff_ptr)) -+work_buff_ptr, NULL)) - { - TIFFError("correct_orientation", "Unable to rotate image"); - return (-1); -@@ -8563,8 +8563,12 @@ static int processCropSelections(struct image_data *image, - if (crop->crop_mode & CROP_ROTATE) /* rotate should be last as it can - reallocate the buffer */ - { -+/* rotateImage() set up a new buffer and calculates its size -+ * individually. Therefore, seg_buffs size needs to be updated -+ * accordingly. */ -+size_t rot_buf_size = 0; - if (rotateImage(crop->rotation, image, &crop->combined_width, --&crop->combined_length, &crop_buff)) -+&crop->combined_length, &crop_buff, &rot_buf_size)) - { - TIFFError("processCropSelections", - "Failed to rotate composite regions by %" PRIu32 -@@ -8573,9 +8577,7 @@ static int processCropSelections(struct image_data *image, - return (-1); - } - seg_buffs[0].buffer = crop_buff; --seg_buffs[0].size = --(((crop->combined_width * image->bps + 7) / 8) * image->spp) * --crop->combined_length; -+seg_buffs[0].size = rot_buf_size; - } - } - else /* Separated Images */ -@@ -8686,10 +8688,13 @@ static int processCropSelections(struct image_data *image, - * ->yres, what it schouldn't do here, when more than one - * section is processed. ToDo: Therefore rotateImage() and its - * usage has to be reworked (e.g. like mirrorImage()) !! -- */ --if (rotateImage(crop->rotation, image, --&crop->regionlist[i].width, --&crop->regionlist[i].leng
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/
commit: 847c95bdb5624d743c7e99bf10b1749580ace225 Author: Sam James gentoo org> AuthorDate: Tue Feb 7 04:04:56 2023 + Commit: Sam James gentoo org> CommitDate: Tue Feb 7 04:29:51 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=847c95bd media-libs/tiff: scrub patch, add upstream refs Signed-off-by: Sam James gentoo.org> media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch b/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch index 070f642da454..e38d17df9cc2 100644 --- a/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch +++ b/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch @@ -1,7 +1,7 @@ -Index: tiff-4.5.0/tools/tiffcrop.c -=== tiff-4.5.0.orig/tools/tiffcrop.c -+++ tiff-4.5.0/tools/tiffcrop.c +https://gitlab.com/libtiff/libtiff/-/issues/488 +https://bugs.gentoo.org/891839 +--- a/tools/tiffcrop.c b/tools/tiffcrop.c @@ -8591,7 +8591,7 @@ static int processCropSelections(struct cropsize + NUM_BUFF_OVERSIZE_BYTES); else
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: 7a7119ce544ba3de8179b4b9ec93c0032a069ecd Author: Michael Vetter iodoru org> AuthorDate: Sat Feb 4 18:56:16 2023 + Commit: Sam James gentoo org> CommitDate: Tue Feb 7 04:29:50 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a7119ce media-libs/tiff: Fix CVE-2022-48281 Bug: https://bugs.gentoo.org/891839 Upstream: https://gitlab.com/libtiff/libtiff/-/issues/488 Signed-off-by: Michael Vetter iodoru.org> Closes: https://github.com/gentoo/gentoo/pull/29426 Signed-off-by: Sam James gentoo.org> .../tiff/files/tiff-4.5.0-CVE-2022-48281.patch | 14 media-libs/tiff/tiff-4.5.0-r1.ebuild | 90 ++ 2 files changed, 104 insertions(+) diff --git a/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch b/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch new file mode 100644 index ..070f642da454 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.5.0-CVE-2022-48281.patch @@ -0,0 +1,14 @@ +Index: tiff-4.5.0/tools/tiffcrop.c +=== +--- tiff-4.5.0.orig/tools/tiffcrop.c tiff-4.5.0/tools/tiffcrop.c +@@ -8591,7 +8591,7 @@ static int processCropSelections(struct + cropsize + NUM_BUFF_OVERSIZE_BYTES); + else + { +-prev_cropsize = seg_buffs[0].size; ++prev_cropsize = seg_buffs[i].size; + if (prev_cropsize < cropsize) + { + next_buff = _TIFFrealloc( + diff --git a/media-libs/tiff/tiff-4.5.0-r1.ebuild b/media-libs/tiff/tiff-4.5.0-r1.ebuild new file mode 100644 index ..bbbf78771312 --- /dev/null +++ b/media-libs/tiff/tiff-4.5.0-r1.ebuild @@ -0,0 +1,90 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +QA_PKGCONFIG_VERSION="$(ver_cut 1-3)" + +# Release signer can vary per version but not clear if others will be doing +# them in future, so gone with Even Rouault for now as he does other geosci +# stuff too like PROJ, GDAL. Previous release manager of TIFF was +# GraphicsMagick maintainer Bob Friesenhahn. Please be careful when verifying +# who made releases. +VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/rouault.asc +inherit autotools multilib-minimal verify-sig flag-o-matic + +MY_P="${P/_rc/rc}" +DESCRIPTION="Tag Image File Format (TIFF) library" +HOMEPAGE="http://libtiff.maptools.org"; +SRC_URI="https://download.osgeo.org/libtiff/${MY_P}.tar.xz"; +SRC_URI+=" verify-sig? ( https://download.osgeo.org/libtiff/${MY_P}.tar.xz.sig )" +S="${WORKDIR}/${PN}-$(ver_cut 1-3)" + +LICENSE="libtiff" +SLOT="0/6" +if [[ ${PV} != *_rc* ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +fi +IUSE="+cxx jbig jpeg lzma static-libs test webp zlib zstd" +RESTRICT="!test? ( test )" + +# bug #483132 +REQUIRED_USE="test? ( jpeg )" + +RDEPEND="jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) + jpeg? ( media-libs/libjpeg-turbo:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1[${MULTILIB_USEDEP}] ) + webp? ( media-libs/libwebp:=[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) + zstd? ( >=app-arch/zstd-1.3.7-r1:=[${MULTILIB_USEDEP}] )" +DEPEND="${RDEPEND}" +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-evenrouault )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/tiffconf.h +) + +PATCHES=( + "${FILESDIR}"/${PN}-4.5.0_rc1-skip-tools-tests-multilib.patch + "${FILESDIR}"/${PN}-4.5.0-CVE-2022-48281.patch +) + +src_prepare() { + default + + # Added to fix cross-compilation + #elibtoolize + + # For skip-tools-tests-multilib.patch + eautoreconf +} + +multilib_src_configure() { + append-lfs-flags + + local myeconfargs=( + --disable-sphinx + --without-x + --with-docdir="${EPREFIX}"/usr/share/doc/${PF} + $(use_enable cxx) + $(use_enable jbig) + $(use_enable jpeg) + $(use_enable lzma) + $(use_enable static-libs static) + $(use_enable test tests) + $(use_enable webp) + $(use_enable zlib) + $(use_enable zstd) + + $(multilib_native_enable docs) + $(multilib_native_enable contrib) + $(multilib_native_enable tools) + ) + + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" +} + +multilib_src_install_all() { + find "${ED}" -type f -name '*.la' -delete || die + rm "${ED}"/usr/share/doc/${PF}/{README*,RELEASE-DATE,TODO,VERSION} || die +}
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: 70d25ca63199f98c7f5bfb6d9f54023eec9048d1 Author: Andreas Sturmlechner gentoo org> AuthorDate: Tue Jan 24 14:12:10 2023 + Commit: Andreas Sturmlechner gentoo org> CommitDate: Tue Jan 24 16:11:33 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70d25ca6 media-libs/tiff: drop 4.4.0-r1, 4.4.0-r2 Bug: https://bugs.gentoo.org/856478 Signed-off-by: Andreas Sturmlechner gentoo.org> media-libs/tiff/Manifest | 2 - .../files/tiff-4.4.0-hylafaxplus-regression.patch | 34 --- .../files/tiff-4.4.0_rc1-skip-thumbnail-test.patch | 32 --- media-libs/tiff/tiff-4.4.0-r1.ebuild | 97 media-libs/tiff/tiff-4.4.0-r2.ebuild | 102 - 5 files changed, 267 deletions(-) diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest index 1d32e5a570fc..1d5a4c20c28c 100644 --- a/media-libs/tiff/Manifest +++ b/media-libs/tiff/Manifest @@ -1,4 +1,2 @@ -DIST tiff-4.4.0.tar.xz 1929292 BLAKE2B d05a2fb293557d1e7cdec116c65c8338d7714af7b6abd8dd3bb2b476d62e044adc7d6c298843649d63c6bc09f6ce4660ee23638f9beb716937ccf236c2829dcf SHA512 c9611faadc9b1199f3aba9a43bfa160c77c11558d1fa358b42115ed78db73c8387531c0668cc9021842c58f1c02f8d84264d3600e1039dfe6f866822ad91cff9 -DIST tiff-4.4.0.tar.xz.sig 310 BLAKE2B 00dc8ff9c232ec4cca8b294659e6379b9bb512b58cd3d2f9231e7c10111510ac56aff3c6fc133a47f9fafc27595e099297c25940414495d8ea7f5a75aa43e9d2 SHA512 4ffdcbf5a8ce4a3be543d0ad43101ddcdb6ef22c3da5768c86660a40cc0cab48032a65c5e7bb0667f43d55dad5aa09dc0df302e2f9dbc9f24b8ccac643a0408c DIST tiff-4.5.0.tar.xz 2320900 BLAKE2B c69801ba9d55b1ed27a92d31d8cd16937fe69299fbf5450efb4a6caa60245b72ddade110daae78f2198613640383623f76ec2265ba785375d0a85c7909b73fe9 SHA512 c6c866064c2dd5d1711c6ece7bafe5f011f5ce26c0aeaecbff79c05b5671f44150324bea95a0665cc43331883114de855ee1cd87ed733bff0f4d0814515b9f10 DIST tiff-4.5.0.tar.xz.sig 310 BLAKE2B bbe7f9600061416227276424eb220714a1375d3e295cb0c5b7f76074324c1a2698a5029dde3e734331e9caf02d8a086273ded2ab09285857dbbfe3ad83506912 SHA512 8cef09755f4efe68db69591967e495852cf63c2d8113a877a2254f536d38c60b6dc864c07089249cd8109a8408672a297ae9e59d8233687bc2796dc158ccfb32 diff --git a/media-libs/tiff/files/tiff-4.4.0-hylafaxplus-regression.patch b/media-libs/tiff/files/tiff-4.4.0-hylafaxplus-regression.patch deleted file mode 100644 index c640f6e1b1a7.. --- a/media-libs/tiff/files/tiff-4.4.0-hylafaxplus-regression.patch +++ /dev/null @@ -1,34 +0,0 @@ -https://bugs.gentoo.org/883641 -https://gitlab.com/libtiff/libtiff/-/issues/489 -https://gitlab.com/libtiff/libtiff/-/commit/72de8fd00be8a583a6b16cc0b700105020d249ba - -From 72de8fd00be8a583a6b16cc0b700105020d249ba Mon Sep 17 00:00:00 2001 -From: Even Rouault -Date: Tue, 29 Nov 2022 14:57:27 +0100 -Subject: [PATCH] TIFFWriteRawStrip(): restore capabilities to append data in - the current strip (fixes #489) - -This fixes a regression of libtiff 4.4.0 a/libtiff/tif_write.c -+++ b/libtiff/tif_write.c -@@ -341,10 +341,13 @@ TIFFWriteRawStrip(TIFF* tif, uint32_t strip, void* data, tmsize_t cc) - return ((tmsize_t) -1); - } - -- tif->tif_curstrip = strip; -+if (tif->tif_curstrip != strip) -+{ -+tif->tif_curstrip = strip; - -- /* this informs TIFFAppendToStrip() we have changed or reset strip */ -- tif->tif_curoff = 0; -+/* this informs TIFFAppendToStrip() we have changed or reset strip */ -+tif->tif_curoff = 0; -+} - - if (td->td_stripsperimage == 0) { - TIFFErrorExtR(tif, module,"Zero strips per image"); --- -GitLab - - diff --git a/media-libs/tiff/files/tiff-4.4.0_rc1-skip-thumbnail-test.patch b/media-libs/tiff/files/tiff-4.4.0_rc1-skip-thumbnail-test.patch deleted file mode 100644 index 574a02dd3487.. --- a/media-libs/tiff/files/tiff-4.4.0_rc1-skip-thumbnail-test.patch +++ /dev/null @@ -1,32 +0,0 @@ -https://gitlab.com/libtiff/libtiff/-/merge_requests/334 - -From 62a49eeb3f0c986c5fcbfc53cd3d7ef2a3fab9b3 Mon Sep 17 00:00:00 2001 -From: Sam James -Date: Sat, 21 May 2022 01:01:35 +0100 -Subject: [PATCH] test/tiffcp-thumbnail.sh: skip test if tools aren't built - -In Gentoo, we avoid building the tools for multilib (32-bit, x86) builds on -amd64/x86_64 because we only need the library to keep binary applications working. - -This causes a test failure in just tiffcp-thumbnail.sh as the 'thumbnail' -binary isn't built. Skip it if unavailable as it's only a single test. - -Fixes: https://gitlab.com/libtiff/libtiff/-/issues/421 a/test/tiffcp-thumbnail.sh -+++ b/test/tiffcp-thumbnail.sh -@@ -4,7 +4,12 @@ - # - . ${srcdir:-.}/common.sh - -+if [ ! -x "${TIFFCP}" ] || [ ! -x "${THUMBNAIL}" ] ; then -+ # https://gitlab.com/libtiff/libtiff/-/issues/421 -+ exit 77 -+fi -+ - outfile1=o-tiffcp-thumbnail-in.tif - outfile2=o-tiffcp-thumbnail-out.tif - f_test_convert "${TIFFCP} -c g3:1d" "${IMG_MIN
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: bcf80a84c69f026b3e7df8bec1b0732c2dc7b658 Author: Sam James gentoo org> AuthorDate: Sat May 21 00:07:26 2022 + Commit: Sam James gentoo org> CommitDate: Sat May 21 00:09:23 2022 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bcf80a84 media-libs/tiff: add 4.4.0_rc1 (unkeyworded) Bug: https://bugs.gentoo.org/821925 Bug: https://bugs.gentoo.org/830981 Bug: https://bugs.gentoo.org/837560 Signed-off-by: Sam James gentoo.org> media-libs/tiff/Manifest | 2 + .../files/tiff-4.4.0_rc1-skip-thumbnail-test.patch | 32 media-libs/tiff/tiff-4.4.0_rc1.ebuild | 91 ++ 3 files changed, 125 insertions(+) diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest index 45849b27483d..a5238360727a 100644 --- a/media-libs/tiff/Manifest +++ b/media-libs/tiff/Manifest @@ -1 +1,3 @@ DIST tiff-4.3.0.tar.gz 2808254 BLAKE2B 433a087249541f6142dd25b6dc807018639908175b0d73b4af3aa301af2dee3d76184e4689e7b2f1f9b73567ac78d50456ee94fffe00bad6da05375cf2d94d92 SHA512 e04a4a6c542e58a174c1e9516af3908acf1d3d3e1096648c5514f4963f73e7af27387a76b0fbabe43cf867a18874088f963796a7cd6e45deb998692e3e235493 +DIST tiff-4.4.0rc1.tar.xz 1929292 BLAKE2B d05a2fb293557d1e7cdec116c65c8338d7714af7b6abd8dd3bb2b476d62e044adc7d6c298843649d63c6bc09f6ce4660ee23638f9beb716937ccf236c2829dcf SHA512 c9611faadc9b1199f3aba9a43bfa160c77c11558d1fa358b42115ed78db73c8387531c0668cc9021842c58f1c02f8d84264d3600e1039dfe6f866822ad91cff9 +DIST tiff-4.4.0rc1.tar.xz.sig 310 BLAKE2B 00dc8ff9c232ec4cca8b294659e6379b9bb512b58cd3d2f9231e7c10111510ac56aff3c6fc133a47f9fafc27595e099297c25940414495d8ea7f5a75aa43e9d2 SHA512 4ffdcbf5a8ce4a3be543d0ad43101ddcdb6ef22c3da5768c86660a40cc0cab48032a65c5e7bb0667f43d55dad5aa09dc0df302e2f9dbc9f24b8ccac643a0408c diff --git a/media-libs/tiff/files/tiff-4.4.0_rc1-skip-thumbnail-test.patch b/media-libs/tiff/files/tiff-4.4.0_rc1-skip-thumbnail-test.patch new file mode 100644 index ..574a02dd3487 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.4.0_rc1-skip-thumbnail-test.patch @@ -0,0 +1,32 @@ +https://gitlab.com/libtiff/libtiff/-/merge_requests/334 + +From 62a49eeb3f0c986c5fcbfc53cd3d7ef2a3fab9b3 Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Sat, 21 May 2022 01:01:35 +0100 +Subject: [PATCH] test/tiffcp-thumbnail.sh: skip test if tools aren't built + +In Gentoo, we avoid building the tools for multilib (32-bit, x86) builds on +amd64/x86_64 because we only need the library to keep binary applications working. + +This causes a test failure in just tiffcp-thumbnail.sh as the 'thumbnail' +binary isn't built. Skip it if unavailable as it's only a single test. + +Fixes: https://gitlab.com/libtiff/libtiff/-/issues/421 +--- a/test/tiffcp-thumbnail.sh b/test/tiffcp-thumbnail.sh +@@ -4,7 +4,12 @@ + # + . ${srcdir:-.}/common.sh + ++if [ ! -x "${TIFFCP}" ] || [ ! -x "${THUMBNAIL}" ] ; then ++ # https://gitlab.com/libtiff/libtiff/-/issues/421 ++ exit 77 ++fi ++ + outfile1=o-tiffcp-thumbnail-in.tif + outfile2=o-tiffcp-thumbnail-out.tif + f_test_convert "${TIFFCP} -c g3:1d" "${IMG_MINISWHITE_1C_1B}" "${outfile1}" +-f_test_convert "${THUMBNAIL}" "${outfile1}" "${outfile2}" +\ No newline at end of file ++f_test_convert "${THUMBNAIL}" "${outfile1}" "${outfile2}" +GitLab diff --git a/media-libs/tiff/tiff-4.4.0_rc1.ebuild b/media-libs/tiff/tiff-4.4.0_rc1.ebuild new file mode 100644 index ..c0f7bb48982e --- /dev/null +++ b/media-libs/tiff/tiff-4.4.0_rc1.ebuild @@ -0,0 +1,91 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +QA_PKGCONFIG_VERSION="$(ver_cut 1-3)" + +# Release signer can vary per version but not clear if others will be doing +# them in future, so gone with Even Rouault for now as he does other geosci +# stuff too like PROJ, GDAL. Previous release manager of TIFF was +# GraphicsMagick maintainer Bob Friesenhahn. Please be careful when verifying +# who made releases. +VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/rouault.asc +inherit multilib-minimal verify-sig + +MY_P="${P/_rc/rc}" +DESCRIPTION="Tag Image File Format (TIFF) library" +HOMEPAGE="http://libtiff.maptools.org"; +SRC_URI="https://download.osgeo.org/libtiff/${MY_P}.tar.xz"; +SRC_URI+=" verify-sig? ( https://download.osgeo.org/libtiff/${MY_P}.tar.xz.sig )" +S="${WORKDIR}/${PN}-$(ver_cut 1-3)" + +LICENSE="libtiff" +SLOT="0" +if [[ ${PV} != *_rc* ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +fi +IUSE="+cxx jbig jpeg lzma static-libs test webp zlib zstd" +RESTRICT="!test? ( test )" + +# bug #483132 +REQUIRED_USE="test? ( jpeg )" + +RDEPEND="jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) + jpeg? ( media-libs/libjpeg-turbo:=[${MULTILIB_USEDEP}]
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: 2b07bec238b4b2e98288cf4880faad4b504366ee Author: Andreas Sturmlechner gentoo org> AuthorDate: Wed Jan 29 21:43:33 2020 + Commit: Andreas Sturmlechner gentoo org> CommitDate: Wed Jan 29 21:44:32 2020 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2b07bec2 media-libs/tiff: 4.0.10-r2 security cleanup If no one else will do it... Bug: https://bugs.gentoo.org/699868 Package-Manager: Portage-2.3.86, Repoman-2.3.20 Signed-off-by: Andreas Sturmlechner gentoo.org> media-libs/tiff/Manifest | 1 - ...-2018-17000-tif_dirwrite-null-dereference.patch | 33 -- 0.10-CVE-2019-14973-fix-integer-overflow.patch | 395 - .../tiff-4.0.10-CVE-2019-6128-pal2rgb-leak.patch | 48 --- 0.10-CVE-2019-7663-tiffcpIntegerOverflow.patch | 73 media-libs/tiff/tiff-4.0.10-r2.ebuild | 86 - 6 files changed, 636 deletions(-) diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest index 189741c8a7c..facf160fb14 100644 --- a/media-libs/tiff/Manifest +++ b/media-libs/tiff/Manifest @@ -1,2 +1 @@ -DIST tiff-4.0.10.tar.gz 2402867 BLAKE2B 0305453f22150c31d00d2de756736f58c49a288e19b2a66bdd01319ce4688742f6eab4009eaf1817125d41f53a23de17eb6265a3ebae458ec24f5dbb3d49764e SHA512 d213e5db09fd56b8977b187c5a756f60d6e3e998be172550c2892dbdb4b2a8e8c750202bc863fe27d0d1c577ab9de1710d15e9f6ed665aadbfd857525a81eea8 DIST tiff-4.1.0.tar.gz 2421581 BLAKE2B 1f9b92d08dc95633bb005a635bbcecd8fa5e4f30c14f059b42aafbb4a52b4fb1b84b1e97cea33f3102f5808cb28f93bc8fcbae2b041c6227c97f90b4f9b8e631 SHA512 fd541dcb11e3d5afaa1ec2f073c9497099727a52f626b338ef87dc93ca2e23ca5f47634015a4beac616d4e8f05acf7b7cd5797fb218758cc2ad31b390491c5a6 diff --git a/media-libs/tiff/files/tiff-4.0.10-CVE-2018-17000-tif_dirwrite-null-dereference.patch b/media-libs/tiff/files/tiff-4.0.10-CVE-2018-17000-tif_dirwrite-null-dereference.patch deleted file mode 100644 index 321c6a428af..000 --- a/media-libs/tiff/files/tiff-4.0.10-CVE-2018-17000-tif_dirwrite-null-dereference.patch +++ /dev/null @@ -1,33 +0,0 @@ -https://crbug.com/901306 - -commit 802d3cbf3043be5dce5317e140ccb1c17a6a2d39 -Author: Thomas Bernard -Date: Tue Jan 29 11:21:47 2019 +0100 - -TIFFWriteDirectoryTagTransferfunction() : fix NULL dereferencing - -http://bugzilla.maptools.org/show_bug.cgi?id=2833 - -we must check the pointer is not NULL before memcmp() the memory - -diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c -index c15a28dbd8fcb99b81fa5a1d44fcbcda881f42a7..ef30c869d30e210d90be16ce91f44087925fbad3 100644 a/libtiff/tif_dirwrite.c -+++ b/libtiff/tif_dirwrite.c -@@ -1893,12 +1893,14 @@ TIFFWriteDirectoryTagTransferfunction(TIFF* tif, uint32* ndir, TIFFDirEntry* dir - n=3; - if (n==3) - { -- if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16))) -+ if (tif->tif_dir.td_transferfunction[2] == NULL || -+ !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16))) - n=2; - } - if (n==2) - { -- if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16))) -+ if (tif->tif_dir.td_transferfunction[1] == NULL || -+ !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16))) - n=1; - } - if (n==0) diff --git a/media-libs/tiff/files/tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch b/media-libs/tiff/files/tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch deleted file mode 100644 index cbcbfd9d7f0..000 --- a/media-libs/tiff/files/tiff-4.0.10-CVE-2019-14973-fix-integer-overflow.patch +++ /dev/null @@ -1,395 +0,0 @@ -From 6ebfcac47224d3b8661c501967d495135449883e Mon Sep 17 00:00:00 2001 -From: Even Rouault -Date: Sat, 10 Aug 2019 18:25:03 +0200 -Subject: [PATCH] Fix integer overflow in _TIFFCheckMalloc() and other - implementation-defined behaviour (CVE-2019-14973) - -_TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow -in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus -signed), which was especially easily triggered on 32-bit builds (with recent -enough compilers that assume that signed multiplication cannot overflow, since -this is undefined behaviour by the C standard). The original issue which lead to -this fix was trigged from tif_fax3.c - -There were also unsafe (implementation defied), and broken in practice on 64bit -builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing -(uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known -at that time exploits, but are better to fix in a more bullet-proof way. -Or similarly use of (int64)uint64_var <= 0. - a/libtiff/tif_a
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/
commit: 6d9c2b4589629519d5d6e01349ed4770356dfa4c Author: Michael Mair-Keimberger gmail com> AuthorDate: Fri Apr 19 18:03:11 2019 + Commit: Aaron Bauman gentoo org> CommitDate: Sat Apr 20 01:27:13 2019 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d9c2b45 media-libs/tiff: remove unused patches Signed-off-by: Michael Mair-Keimberger gmail.com> Closes: https://github.com/gentoo/gentoo/pull/11744 Signed-off-by: Aaron Bauman gentoo.org> .../tiff/files/tiff-4.0.9-CVE-2017-18013.patch | 39 -- ...ff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch | 58 .../tiff/files/tiff-4.0.9-CVE-2017-9935.patch | 153 - .../tiff/files/tiff-4.0.9-CVE-2018-5784.patch | 128 - 4 files changed, 378 deletions(-) diff --git a/media-libs/tiff/files/tiff-4.0.9-CVE-2017-18013.patch b/media-libs/tiff/files/tiff-4.0.9-CVE-2017-18013.patch deleted file mode 100644 index 2db890aef90..000 --- a/media-libs/tiff/files/tiff-4.0.9-CVE-2017-18013.patch +++ /dev/null @@ -1,39 +0,0 @@ -https://bugs.gentoo.org/645982 -https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01 - -From c6f41df7b581402dfba3c19a1e3df4454c551a01 Mon Sep 17 00:00:00 2001 -From: Even Rouault -Date: Sun, 31 Dec 2017 15:09:41 +0100 -Subject: [PATCH] libtiff/tif_print.c: TIFFPrintDirectory(): fix null pointer - dereference on corrupted file. Fixes - http://bugzilla.maptools.org/show_bug.cgi?id=2770 - - libtiff/tif_print.c | 8 - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c -index 9959d353b1f9..8deceb2b054d 100644 a/libtiff/tif_print.c -+++ b/libtiff/tif_print.c -@@ -665,13 +665,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - fprintf(fd, "%3lu: [%8I64u, %8I64u]\n", - (unsigned long) s, -- (unsigned __int64) td->td_stripoffset[s], -- (unsigned __int64) td->td_stripbytecount[s]); -+ td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0, -+ td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0); - #else - fprintf(fd, "%3lu: [%8llu, %8llu]\n", - (unsigned long) s, -- (unsigned long long) td->td_stripoffset[s], -- (unsigned long long) td->td_stripbytecount[s]); -+ td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0, -+ td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0); - #endif - } - } --- -2.16.1 - diff --git a/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch b/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch deleted file mode 100644 index 101618ee7d5..000 --- a/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch +++ /dev/null @@ -1,58 +0,0 @@ -From d4f213636b6f950498a1386083199bd7f65676b9 Mon Sep 17 00:00:00 2001 -From: Brian May -Date: Thu, 7 Dec 2017 07:49:20 +1100 -Subject: [PATCH] tiff2pdf: Fix apparent incorrect type for transfer table - -The standard says the transfer table contains unsigned 16 bit values, -I have no idea why we refer to them as floats. - tools/tiff2pdf.c | 12 ++-- - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c -index c3ec074..484776c 100644 a/tools/tiff2pdf.c -+++ b/tools/tiff2pdf.c -@@ -237,7 +237,7 @@ typedef struct { - float tiff_whitechromaticities[2]; - float tiff_primarychromaticities[6]; - float tiff_referenceblackwhite[2]; -- float* tiff_transferfunction[3]; -+ uint16* tiff_transferfunction[3]; - int pdf_image_interpolate; /* 0 (default) : do not interpolate, - 1 : interpolate */ - uint16 tiff_transferfunctioncount; -@@ -1048,7 +1048,7 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ - uint16 paged=0; - uint16 xuint16=0; - uint16 tiff_transferfunctioncount=0; -- float* tiff_transferfunction[3]; -+ uint16* tiff_transferfunction[3]; - - directorycount=TIFFNumberOfDirectories(input); - t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE))); -@@ -1153,8 +1153,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ - &(tiff_transferfunction[1]), - &(tiff_transferfunction[2]))) { - --if((tiff_transferfunction[1] != (float*) NULL) && -- (tiff_transferfunction[2] != (float*) NULL) -+if((tiff_transferfunction[1] !=
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/
commit: 4e4c0bfa02e7fbf53df4c328d1b4af80ed974f5e Author: Michael Mair-Keimberger gmail com> AuthorDate: Wed Mar 27 06:03:39 2019 + Commit: Patrice Clement gentoo org> CommitDate: Wed Mar 27 23:56:01 2019 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e4c0bfa media-libs/tiff: remove unused patches. Signed-off-by: Michael Mair-Keimberger gmail.com> Closes: https://github.com/gentoo/gentoo/pull/11513 Signed-off-by: Patrice Clement gentoo.org> .../tiff/files/tiff-3.9.7-CVE-2012-4447.patch | 191 .../tiff/files/tiff-3.9.7-CVE-2012-4564.patch | 77 --- .../tiff/files/tiff-3.9.7-CVE-2012-5581.patch | 245 - .../tiff/files/tiff-3.9.7-printdir-width.patch | 36 --- .../tiff/files/tiff-3.9.7-tiffinfo-exif.patch | 59 - 5 files changed, 608 deletions(-) diff --git a/media-libs/tiff/files/tiff-3.9.7-CVE-2012-4447.patch b/media-libs/tiff/files/tiff-3.9.7-CVE-2012-4447.patch deleted file mode 100644 index 6c28dc6ec9a..000 --- a/media-libs/tiff/files/tiff-3.9.7-CVE-2012-4447.patch +++ /dev/null @@ -1,191 +0,0 @@ -Upstream patch for CVE-2012-4447. This also covers an out-of-bounds-read -possibility in the same file, which wasn't given a separate CVE. - - -diff -Naur tiff-3.9.4.orig/libtiff/tif_pixarlog.c tiff-3.9.4/libtiff/tif_pixarlog.c tiff-3.9.4.orig/libtiff/tif_pixarlog.c 2010-06-08 14:50:42.0 -0400 -+++ tiff-3.9.4/libtiff/tif_pixarlog.c 2012-12-10 15:50:14.421538317 -0500 -@@ -117,9 +117,9 @@ - if (n >= stride) { - mask = CODE_MASK; - if (stride == 3) { -- t0 = ToLinearF[cr = wp[0]]; -- t1 = ToLinearF[cg = wp[1]]; -- t2 = ToLinearF[cb = wp[2]]; -+ t0 = ToLinearF[cr = (wp[0] & mask)]; -+ t1 = ToLinearF[cg = (wp[1] & mask)]; -+ t2 = ToLinearF[cb = (wp[2] & mask)]; - op[0] = t0; - op[1] = t1; - op[2] = t2; -@@ -136,10 +136,10 @@ - op[2] = t2; - } - } else if (stride == 4) { -- t0 = ToLinearF[cr = wp[0]]; -- t1 = ToLinearF[cg = wp[1]]; -- t2 = ToLinearF[cb = wp[2]]; -- t3 = ToLinearF[ca = wp[3]]; -+ t0 = ToLinearF[cr = (wp[0] & mask)]; -+ t1 = ToLinearF[cg = (wp[1] & mask)]; -+ t2 = ToLinearF[cb = (wp[2] & mask)]; -+ t3 = ToLinearF[ca = (wp[3] & mask)]; - op[0] = t0; - op[1] = t1; - op[2] = t2; -@@ -183,9 +183,9 @@ - if (n >= stride) { - mask = CODE_MASK; - if (stride == 3) { -- t0 = ToLinearF[cr = wp[0]] * SCALE12; -- t1 = ToLinearF[cg = wp[1]] * SCALE12; -- t2 = ToLinearF[cb = wp[2]] * SCALE12; -+ t0 = ToLinearF[cr = (wp[0] & mask)] * SCALE12; -+ t1 = ToLinearF[cg = (wp[1] & mask)] * SCALE12; -+ t2 = ToLinearF[cb = (wp[2] & mask)] * SCALE12; - op[0] = CLAMP12(t0); - op[1] = CLAMP12(t1); - op[2] = CLAMP12(t2); -@@ -202,10 +202,10 @@ - op[2] = CLAMP12(t2); - } - } else if (stride == 4) { -- t0 = ToLinearF[cr = wp[0]] * SCALE12; -- t1 = ToLinearF[cg = wp[1]] * SCALE12; -- t2 = ToLinearF[cb = wp[2]] * SCALE12; -- t3 = ToLinearF[ca = wp[3]] * SCALE12; -+ t0 = ToLinearF[cr = (wp[0] & mask)] * SCALE12; -+ t1 = ToLinearF[cg = (wp[1] & mask)] * SCALE12; -+ t2 = ToLinearF[cb = (wp[2] & mask)] * SCALE12; -+ t3 = ToLinearF[ca = (wp[3] & mask)] * SCALE12; - op[0] = CLAMP12(t0); - op[1] = CLAMP12(t1); - op[2] = CLAMP12(t2); -@@ -247,9 +247,9 @@ - if (n >= stride) { - mask = CODE_MASK; - if (stride == 3) { -- op[0] = ToLinear16[cr = wp[0]]; -- op[1] = ToLinear16[cg = wp[1]]; -- op[2] = ToLinear16[cb = wp[2]]; -+ op[0] = ToLinear16[cr = (wp[0] & mask)]; -+ op[1] = ToLinear16[cg = (wp[1] & mask)]; -+ op[2] = ToLinear16[cb = (wp[2] & mask)]; - n -= 3; - while (n > 0) { - wp += 3; -@@ -260,10 +260,10 @@ - op[2] = ToLinear16[(cb += wp[2]) & mask]; - } - } else if (stride == 4) { -- op[0] = ToLinear16[cr = wp[0]]; -- op[1] = ToLinear16[cg = wp[1]]; -- op[2] = ToLinear16[cb = wp[2]]; -- op[3] = ToLinear16[ca = wp[3]]; -+ op[0] = ToLinear16[cr = (wp[0] & mask)]; -+ op[1] = ToLinear16[cg = (wp[1] & mask)]; -+ op[2] = ToLinear16[cb = (wp[2] & mask)]; -+ op[3] = ToLinear16[ca = (wp[3] & mask)]; - n -= 4; - while (n > 0) { - wp += 4; -@@ -342,9 +342,9 @@ - if (n >= stride) { - mask = CODE_MASK; - if (stride == 3) { -- op[0] = ToLinear8[cr = wp[0]]; -- op[1] = ToLinear8[cg = wp[1]]; -- op[2] = ToLinear8[cb = wp[2]]; -+ op[0] = ToLinear8[cr = (wp[0] & mas
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/
commit: 175a59fe9690b508515215aecb652e9e9f53729e Author: Michael Mair-Keimberger gmail com> AuthorDate: Wed Jun 13 18:01:33 2018 + Commit: Aaron Bauman gentoo org> CommitDate: Wed Jun 13 21:15:30 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=175a59fe media-libs/tiff: remove unused patches 0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch | 20 - ...iff-4.0.7-pdfium-0007-uninitialized-value.patch | 26 -- ...-4.0.7-pdfium-0013-validate-refblackwhite.patch | 42 -- 7-pdfium-0017-safe_skews_in_gtTileContig.patch | 97 -- ...ium-0018-fix-leak-in-PredictorSetupDecode.patch | 27 -- .../tiff-4.0.7-pdfium-0021-oom-TIFFFillStrip.patch | 29 --- 6 files changed, 241 deletions(-) diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch deleted file mode 100644 index afb0151f963..000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0005-Leak-TIFFFetchStripThing.patch +++ /dev/null @@ -1,20 +0,0 @@ -https://codereview.chromium.org/2204793002 -https://crbug.com/633387 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: thestig -Date: Mon Aug 1 19:36:27 2016 -0700 - -Fix a memory leak in libtiff. - a/libtiff/tif_dirread.c -+++ b/libtiff/tif_dirread.c -@@ -5372,6 +5372,8 @@ TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uint64** lpp) - static const char module[] = "TIFFFetchStripThing"; - enum TIFFReadDirEntryErr err; - uint64* data; -+ _TIFFfree(*lpp); -+ *lpp = 0; - err=TIFFReadDirEntryLong8Array(tif,dir,&data); - if (err!=TIFFReadDirEntryErrOk) - { diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0007-uninitialized-value.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0007-uninitialized-value.patch deleted file mode 100644 index ab5627f5c16..000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0007-uninitialized-value.patch +++ /dev/null @@ -1,26 +0,0 @@ -https://codereview.chromium.org/2389993002 -https://crbug.com/651632 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: dsinclair -Date: Mon Oct 3 13:59:57 2016 -0700 - -Fix potentially uninitialized value. - -Depending on what ReadOK does it's possible for |dircount16| to be used without -being initialized. The read code calls back into PDFium specific code which then -calls into the stream reading code. - -Initialize the value to be sure it is set. - a/libtiff/tif_dirread.c -+++ b/libtiff/tif_dirread.c -@@ -4443,7 +4443,7 @@ TIFFFetchDirectory(TIFF* tif, uint64 diroff, TIFFDirEntry** pdir, - static const char module[] = "TIFFFetchDirectory"; - - void* origdir; -- uint16 dircount16; -+ uint16 dircount16 = 0; - uint32 dirsize; - TIFFDirEntry* dir; - uint8* ma; diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch deleted file mode 100644 index d98ff9d0f25..000 --- a/media-libs/tiff/files/tiff-4.0.7-pdfium-0013-validate-refblackwhite.patch +++ /dev/null @@ -1,42 +0,0 @@ -https://pdfium-review.googlesource.com/2151 -https://crbug.com/632883 -https://pdfium.googlesource.com/pdfium/+/master/libtiff/ - -Author: Dan Sinclair -Date: Mon Jan 9 09:50:50 2017 -0500 - -[libtiff] Validate refblackwhite values - -The td_refblackwhite value is currently assigned without validation. This -may pose an issue as the image can specify the value as nan. This will cause -problems later when we use the nan in calcluations. - -This CL validates each of the float values are not nan and if they are sets -them to the default provided by the TIFF spec v6. - a/libtiff/tif_dir.c -+++ b/libtiff/tif_dir.c -@@ -31,6 +31,7 @@ - * (and also some miscellaneous stuff) - */ - #include "tiffiop.h" -+#include - #include - - /* -@@ -426,6 +426,15 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap) - case TIFFTAG_REFERENCEBLACKWHITE: - /* XXX should check for null range */ - _TIFFsetFloatArray(&td->td_refblackwhite, va_arg(ap, float*), 6); -+ int i; -+ for (i = 0; i < 6; i++) { -+ if (isnan(td->td_refblackwhite[i])) { -+ if (i % 2 == 0) -+ td->td_refblackwhite[i] = 0; -+ else -+ td->td_refblackwhite[i] = pow(2, td->td_bitspersample) - 1; -+ } -+ } - break; - case TIFFTAG_INKNAMES: - v = (uint16) va_arg(ap, uint16_vap); diff --git a/media-libs/tiff/files/tiff-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch b/media-libs/tiff/files/tiff-4.0.7-pdfium-0017-safe_skews_in_gtTileContig.patch deleted file mode 10064
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: 88961c859ba1efbe6e3555246444dc0456bddcb8 Author: Michael Vetter iodoru org> AuthorDate: Fri Feb 16 15:04:47 2018 + Commit: Lars Wendler gentoo org> CommitDate: Fri Feb 16 15:21:33 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88961c85 media-libs/tiff: Patch to fix type (CVE-2017-9935) CVE-2017-9935 has a second commit with ID d4f213636b6f950498a1386083199bd7f65676b9 to fix the type of the table. Bug: https://bugs.gentoo.org/624696 Package-Manager: Portage-2.3.19, Repoman-2.3.6 Closes: https://github.com/gentoo/gentoo/pull/7204 ...ff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch | 58 media-libs/tiff/tiff-4.0.9-r2.ebuild | 80 ++ 2 files changed, 138 insertions(+) diff --git a/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch b/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch new file mode 100644 index 000..101618ee7d5 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch @@ -0,0 +1,58 @@ +From d4f213636b6f950498a1386083199bd7f65676b9 Mon Sep 17 00:00:00 2001 +From: Brian May +Date: Thu, 7 Dec 2017 07:49:20 +1100 +Subject: [PATCH] tiff2pdf: Fix apparent incorrect type for transfer table + +The standard says the transfer table contains unsigned 16 bit values, +I have no idea why we refer to them as floats. +--- + tools/tiff2pdf.c | 12 ++-- + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c +index c3ec074..484776c 100644 +--- a/tools/tiff2pdf.c b/tools/tiff2pdf.c +@@ -237,7 +237,7 @@ typedef struct { + float tiff_whitechromaticities[2]; + float tiff_primarychromaticities[6]; + float tiff_referenceblackwhite[2]; +- float* tiff_transferfunction[3]; ++ uint16* tiff_transferfunction[3]; + int pdf_image_interpolate; /* 0 (default) : do not interpolate, + 1 : interpolate */ + uint16 tiff_transferfunctioncount; +@@ -1048,7 +1048,7 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ + uint16 paged=0; + uint16 xuint16=0; + uint16 tiff_transferfunctioncount=0; +- float* tiff_transferfunction[3]; ++ uint16* tiff_transferfunction[3]; + + directorycount=TIFFNumberOfDirectories(input); + t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE))); +@@ -1153,8 +1153,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ + &(tiff_transferfunction[1]), + &(tiff_transferfunction[2]))) { + +-if((tiff_transferfunction[1] != (float*) NULL) && +- (tiff_transferfunction[2] != (float*) NULL) ++if((tiff_transferfunction[1] != (uint16*) NULL) && ++ (tiff_transferfunction[2] != (uint16*) NULL) + ) { + tiff_transferfunctioncount=3; + } else { +@@ -1851,8 +1851,8 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){ +&(t2p->tiff_transferfunction[0]), +&(t2p->tiff_transferfunction[1]), +&(t2p->tiff_transferfunction[2]))) { +- if((t2p->tiff_transferfunction[1] != (float*) NULL) && +- (t2p->tiff_transferfunction[2] != (float*) NULL) ++ if((t2p->tiff_transferfunction[1] != (uint16*) NULL) && ++ (t2p->tiff_transferfunction[2] != (uint16*) NULL) + ) { + t2p->tiff_transferfunctioncount=3; + } else { +-- +libgit2 0.26.0 + diff --git a/media-libs/tiff/tiff-4.0.9-r2.ebuild b/media-libs/tiff/tiff-4.0.9-r2.ebuild new file mode 100644 index 000..aafbb887102 --- /dev/null +++ b/media-libs/tiff/tiff-4.0.9-r2.ebuild @@ -0,0 +1,80 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" +inherit autotools eutils libtool multilib-minimal + +DESCRIPTION="Tag Image File Format (TIFF) library" +HOMEPAGE="http://libtiff.maptools.org"; +SRC_URI="http://download.osgeo.org/libtiff/${P}.tar.gz + ftp://ftp.remotesensing.org/pub/libtiff/${P}.tar.gz"; + +LICENSE="libtiff" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" +IUSE="+cxx jbig jpeg lzma static-libs test zlib" + +RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] ) + jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USED
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: eb1365ccd7332af4595538bc6b2244058db7b79b Author: Mike Frysinger gentoo org> AuthorDate: Fri Jan 26 03:54:26 2018 + Commit: Mike Frysinger gentoo org> CommitDate: Fri Jan 26 22:25:18 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb1365cc media-libs/tiff: add upstream fix for CVE-2017-9935 #624696 Also drop some pdfium patches that they dropped when moving to 4.0.8. Bug: https://bugs.gentoo.org/624696 .../tiff/files/tiff-4.0.9-CVE-2017-9935.patch | 153 + media-libs/tiff/tiff-4.0.9-r1.ebuild | 79 +++ 2 files changed, 232 insertions(+) diff --git a/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935.patch b/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935.patch new file mode 100644 index 000..96a10aa9b37 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.0.9-CVE-2017-9935.patch @@ -0,0 +1,153 @@ +From 3dd8f6a357981a4090f126ab9025056c938b6940 Mon Sep 17 00:00:00 2001 +From: Brian May +Date: Thu, 7 Dec 2017 07:46:47 +1100 +Subject: [PATCH] tiff2pdf: Fix CVE-2017-9935 + +Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704 + +This vulnerability - at least for the supplied test case - is because we +assume that a tiff will only have one transfer function that is the same +for all pages. This is not required by the TIFF standards. + +We than read the transfer function for every page. Depending on the +transfer function, we allocate either 2 or 4 bytes to the XREF buffer. +We allocate this memory after we read in the transfer function for the +page. + +For the first exploit - POC1, this file has 3 pages. For the first page +we allocate 2 extra extra XREF entries. Then for the next page 2 more +entries. Then for the last page the transfer function changes and we +allocate 4 more entries. + +When we read the file into memory, we assume we have 4 bytes extra for +each and every page (as per the last transfer function we read). Which +is not correct, we only have 2 bytes extra for the first 2 pages. As a +result, we end up writing past the end of the buffer. + +There are also some related issues that this also fixes. For example, +TIFFGetField can return uninitalized pointer values, and the logic to +detect a N=3 vs N=1 transfer function seemed rather strange. + +It is also strange that we declare the transfer functions to be of type +float, when the standard says they are unsigned 16 bit values. This is +fixed in another patch. + +This patch will check to ensure that the N value for every transfer +function is the same for every page. If this changes, we abort with an +error. In theory, we should perhaps check that the transfer function +itself is identical for every page, however we don't do that due to the +confusion of the type of the data in the transfer function. +--- + libtiff/tif_dir.c | 3 +++ + tools/tiff2pdf.c | 65 +-- + 2 files changed, 47 insertions(+), 21 deletions(-) + +diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c +index 2ccaf448fc40..cbf2b6933a40 100644 +--- a/libtiff/tif_dir.c b/libtiff/tif_dir.c +@@ -1065,6 +1065,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) + if (td->td_samplesperpixel - td->td_extrasamples > 1) { + *va_arg(ap, uint16**) = td->td_transferfunction[1]; + *va_arg(ap, uint16**) = td->td_transferfunction[2]; ++ } else { ++ *va_arg(ap, uint16**) = NULL; ++ *va_arg(ap, uint16**) = NULL; + } + break; + case TIFFTAG_REFERENCEBLACKWHITE: +diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c +index d1a9b0959f84..c3ec07465e5a 100644 +--- a/tools/tiff2pdf.c b/tools/tiff2pdf.c +@@ -1047,6 +1047,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ + uint16 pagen=0; + uint16 paged=0; + uint16 xuint16=0; ++ uint16 tiff_transferfunctioncount=0; ++ float* tiff_transferfunction[3]; + + directorycount=TIFFNumberOfDirectories(input); + t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE))); +@@ -1147,26 +1149,48 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ + } + #endif + if (TIFFGetField(input, TIFFTAG_TRANSFERFUNCTION, +- &(t2p->tiff_transferfunction[0]), +- &(t2p->tiff_transferfunction[1]), +- &(t2p->tiff_transferfunction[2]))) { +- if((t2p->tiff_transferfunction[1] != (float*) NULL) && +- (t2p->tiff_transferfunction[2] != (float*) NULL) && +- (t2p->tiff_transferfunction[1] != +-t2p->tiff_transferfunction[0])) { +- t2p->tiff_transferfunctioncount = 3;
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: 7ec3d94b9cb12fb65a0274021d154b9b0d7977c8 Author: Mike Frysinger gentoo org> AuthorDate: Fri Mar 31 03:43:18 2017 + Commit: Mike Frysinger gentoo org> CommitDate: Fri Mar 31 03:43:18 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ec3d94b media-libs/tiff: pull in upstream fix for fax2tiff #598938 media-libs/tiff/files/tiff-4.0.7-fax2tiff.patch | 39 + media-libs/tiff/tiff-4.0.7-r1.ebuild| 1 + 2 files changed, 40 insertions(+) diff --git a/media-libs/tiff/files/tiff-4.0.7-fax2tiff.patch b/media-libs/tiff/files/tiff-4.0.7-fax2tiff.patch new file mode 100644 index 000..f3476e98d6f --- /dev/null +++ b/media-libs/tiff/files/tiff-4.0.7-fax2tiff.patch @@ -0,0 +1,39 @@ +https://bugs.gentoo.org/598938 + +From 82c53c6f19d8d7854b9b88aa16802f31b1cc258c Mon Sep 17 00:00:00 2001 +From: Bob Friesenhahn +Date: Sun, 20 Nov 2016 18:04:52 + +Subject: [PATCH] =?UTF-8?q?*=20tools/fax2tiff.c=20(main):=20Applied=20patc?= + =?UTF-8?q?h=20by=20J=C3=B6rg=20Ahrens=20to=20fix=20passing=20client=20dat?= + =?UTF-8?q?a=20for=20Win32=20builds=20using=20tif=5Fwin32.c=20(USE=5FWIN32?= + =?UTF-8?q?=5FFILEIO=20defined)=20for=20file=20I/O.=20=20Patch=20was=20pro?= + =?UTF-8?q?vided=20via=20email=20on=20November=2020,=202016.?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + ChangeLog| 7 +++ + tools/fax2tiff.c | 5 +++-- + 2 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/tools/fax2tiff.c b/tools/fax2tiff.c +index e00de5277bc2..01f85540ac9c 100644 +--- a/tools/fax2tiff.c b/tools/fax2tiff.c +@@ -283,10 +283,11 @@ main(int argc, char* argv[]) + } + #if defined(_WIN32) && defined(USE_WIN32_FILEIO) + client_data.fh = _get_osfhandle(fileno(in)); ++TIFFSetClientdata(faxTIFF, (thandle_t) client_data.fh); + #else + client_data.fd = fileno(in); ++TIFFSetClientdata(faxTIFF, (thandle_t) client_data.fd); + #endif +-TIFFSetClientdata(faxTIFF, (thandle_t) &client_data); + TIFFSetFileName(faxTIFF, (const char*)argv[optind]); + TIFFSetField(out, TIFFTAG_IMAGEWIDTH, xsize); + TIFFSetField(out, TIFFTAG_BITSPERSAMPLE, 1); +-- +2.12.0 + diff --git a/media-libs/tiff/tiff-4.0.7-r1.ebuild b/media-libs/tiff/tiff-4.0.7-r1.ebuild index ca37cb0af05..dbf9257f2cc 100644 --- a/media-libs/tiff/tiff-4.0.7-r1.ebuild +++ b/media-libs/tiff/tiff-4.0.7-r1.ebuild @@ -27,6 +27,7 @@ DEPEND="${RDEPEND}" REQUIRED_USE="test? ( jpeg )" #483132 PATCHES=( + "${FILESDIR}"/${P}-fax2tiff.patch #598938 "${FILESDIR}"/${P}-CVE-2016-10266.patch "${FILESDIR}"/${P}-bug2598.patch "${FILESDIR}"/${P}-bug2604.patch
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: f61e94523aef88e99d1140307b83bd518a450a14 Author: Mike Frysinger gentoo org> AuthorDate: Fri Mar 31 03:27:50 2017 + Commit: Mike Frysinger gentoo org> CommitDate: Fri Mar 31 03:29:47 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f61e9452 media-libs/tiff: pull in various upstream fixes #610330 #614020 #614022 #614024 #612172 .../tiff/files/tiff-4.0.7-CVE-2016-10266.patch | 46 .../tiff/files/tiff-4.0.7-CVE-2016-10267.patch | 53 .../tiff/files/tiff-4.0.7-CVE-2017-5225.patch | 74 ++ media-libs/tiff/files/tiff-4.0.7-bug2130.patch | 112 + media-libs/tiff/files/tiff-4.0.7-bug2535.patch | 54 media-libs/tiff/files/tiff-4.0.7-bug2594.patch | 28 +++ media-libs/tiff/files/tiff-4.0.7-bug2597.patch | 41 +++ media-libs/tiff/files/tiff-4.0.7-bug2598.patch | 31 +++ media-libs/tiff/files/tiff-4.0.7-bug2599.patch | 54 media-libs/tiff/files/tiff-4.0.7-bug2604.patch | 108 media-libs/tiff/files/tiff-4.0.7-bug2605.patch | 55 media-libs/tiff/files/tiff-4.0.7-bug2607.patch | 41 +++ media-libs/tiff/files/tiff-4.0.7-bug2608.patch | 104 media-libs/tiff/files/tiff-4.0.7-bug2610.patch | 46 media-libs/tiff/files/tiff-4.0.7-bug2619.patch | 46 media-libs/tiff/files/tiff-4.0.7-bug2620.patch | 29 +++ media-libs/tiff/files/tiff-4.0.7-bug2621.patch | 49 media-libs/tiff/files/tiff-4.0.7-bug2627.patch | 59 + media-libs/tiff/files/tiff-4.0.7-bug2631.patch | 34 +++ .../tiff/files/tiff-4.0.7-bug2633-bug2634.patch| 41 +++ media-libs/tiff/files/tiff-4.0.7-bug2635.patch | 33 +++ media-libs/tiff/files/tiff-4.0.7-bug2638.patch | 29 +++ media-libs/tiff/files/tiff-4.0.7-bug2639.patch | 58 + media-libs/tiff/files/tiff-4.0.7-bug2640.patch | 28 +++ ...iff-4.0.7-bug2642-bug2643-bug2646-bug2647.patch | 278 + media-libs/tiff/files/tiff-4.0.7-bug2644.patch | 45 media-libs/tiff/files/tiff-4.0.7-bug2648.patch | 33 +++ media-libs/tiff/files/tiff-4.0.7-bug2650-2.patch | 26 ++ media-libs/tiff/files/tiff-4.0.7-bug2650.patch | 54 media-libs/tiff/files/tiff-4.0.7-bug2651.patch | 86 +++ media-libs/tiff/files/tiff-4.0.7-bug2653.patch | 33 +++ media-libs/tiff/files/tiff-4.0.7-bug2658.patch | 33 +++ media-libs/tiff/files/tiff-4.0.7-bug2659-2.patch | 41 +++ media-libs/tiff/files/tiff-4.0.7-bug2659.patch | 34 +++ media-libs/tiff/files/tiff-4.0.7-bug2665.patch | 43 .../tiff/files/tiff-4.0.7-hylafax-hack.patch | 38 +++ media-libs/tiff/tiff-4.0.7-r1.ebuild | 112 + 37 files changed, 2109 insertions(+) diff --git a/media-libs/tiff/files/tiff-4.0.7-CVE-2016-10266.patch b/media-libs/tiff/files/tiff-4.0.7-CVE-2016-10266.patch new file mode 100644 index 000..67e0ca41c99 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.0.7-CVE-2016-10266.patch @@ -0,0 +1,46 @@ +http://bugzilla.maptools.org/show_bug.cgi?id=2596 + +From d7520d28685b96a28421ef01fb66cea8d1a96dfc Mon Sep 17 00:00:00 2001 +From: Even Rouault +Date: Fri, 2 Dec 2016 21:56:56 + +Subject: [PATCH] * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow + in TIFFReadEncodedStrip() that caused an integer division by zero. Reported + by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596 + +--- + ChangeLog | 7 +++ + libtiff/tif_read.c | 4 ++-- + libtiff/tiffiop.h | 6 +- + 3 files changed, 14 insertions(+), 3 deletions(-) + +diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c +index 80035929f033..29a311db0cb7 100644 +--- a/libtiff/tif_read.c b/libtiff/tif_read.c +@@ -346,7 +346,7 @@ TIFFReadEncodedStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size) + rowsperstrip=td->td_rowsperstrip; + if (rowsperstrip>td->td_imagelength) + rowsperstrip=td->td_imagelength; +- stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip); ++ stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip); + stripinplane=(strip%stripsperplane); + plane=(uint16)(strip/stripsperplane); + rows=td->td_imagelength-stripinplane*rowsperstrip; +diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h +index 8bcd0c172c08..5294ee78ffaf 100644 +--- a/libtiff/tiffiop.h b/libtiff/tiffiop.h +@@ -250,6 +250,10 @@ struct tiff { + #define TIFFhowmany_32(x, y) (((uint32)x < (0x - (uint32)(y-1))) ? \ + uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \ + 0U) ++/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */ ++/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */ ++#define TIFFhowmany_32_maxuint_compat(x, y) \ ++ (((uint32)(x) / (uint32)(y)) + uint32)(x) % (uint32)(y)) != 0) ? 1 : 0)) + #define T
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/
commit: 6e971341437f10cadb7e1103f65fcb85f965c268 Author: Michael Mair-Keimberger (asterix) gmail com> AuthorDate: Fri Dec 23 16:12:51 2016 + Commit: David Seifert gentoo org> CommitDate: Thu Dec 29 13:11:48 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6e971341 media-libs/tiff: remove unused patches Closes: https://github.com/gentoo/gentoo/pull/3224 .../tiff/files/tiff-4.0.3-CVE-2012-4447.patch | 40 -- .../tiff/files/tiff-4.0.3-CVE-2012-4564.patch | 86 --- .../tiff/files/tiff-4.0.3-CVE-2013-1960.patch | 145 .../tiff/files/tiff-4.0.3-CVE-2013-1961.patch | 759 - .../tiff/files/tiff-4.0.3-CVE-2013-4231.patch | 16 - .../tiff/files/tiff-4.0.3-CVE-2013-4232.patch | 13 - .../tiff/files/tiff-4.0.3-CVE-2013-4244.patch | 15 - .../tiff/files/tiff-4.0.3-libjpeg-turbo.patch | 122 .../tiff/files/tiff-4.0.3-tiff2pdf-colors.patch| 15 - 9 files changed, 1211 deletions(-) diff --git a/media-libs/tiff/files/tiff-4.0.3-CVE-2012-4447.patch b/media-libs/tiff/files/tiff-4.0.3-CVE-2012-4447.patch deleted file mode 100644 index ebf9a00.. --- a/media-libs/tiff/files/tiff-4.0.3-CVE-2012-4447.patch +++ /dev/null @@ -1,40 +0,0 @@ -Upstream patch for CVE-2012-4447. - - -diff -Naur tiff-4.0.3.orig/libtiff/tif_pixarlog.c tiff-4.0.3/libtiff/tif_pixarlog.c tiff-4.0.3.orig/libtiff/tif_pixarlog.c 2012-07-04 15:26:31.0 -0400 -+++ tiff-4.0.3/libtiff/tif_pixarlog.c 2012-12-12 16:43:18.931315699 -0500 -@@ -644,6 +644,20 @@ - return bytes; - } - -+static tmsize_t -+add_ms(tmsize_t m1, tmsize_t m2) -+{ -+ tmsize_t bytes = m1 + m2; -+ -+ /* if either input is zero, assume overflow already occurred */ -+ if (m1 == 0 || m2 == 0) -+ bytes = 0; -+ else if (bytes <= m1 || bytes <= m2) -+ bytes = 0; -+ -+ return bytes; -+} -+ - static int - PixarLogFixupTags(TIFF* tif) - { -@@ -671,9 +685,11 @@ - td->td_samplesperpixel : 1); - tbuf_size = multiply_ms(multiply_ms(multiply_ms(sp->stride, td->td_imagewidth), - td->td_rowsperstrip), sizeof(uint16)); -+ /* add one more stride in case input ends mid-stride */ -+ tbuf_size = add_ms(tbuf_size, sizeof(uint16) * sp->stride); - if (tbuf_size == 0) - return (0); /* TODO: this is an error return without error report through TIFFErrorExt */ -- sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size+sizeof(uint16)*sp->stride); -+ sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size); - if (sp->tbuf == NULL) - return (0); - if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) diff --git a/media-libs/tiff/files/tiff-4.0.3-CVE-2012-4564.patch b/media-libs/tiff/files/tiff-4.0.3-CVE-2012-4564.patch deleted file mode 100644 index 3d7946c.. --- a/media-libs/tiff/files/tiff-4.0.3-CVE-2012-4564.patch +++ /dev/null @@ -1,86 +0,0 @@ -Upstream patch for CVE-2012-4564. - - -diff -Naur tiff-4.0.3.orig/tools/ppm2tiff.c tiff-4.0.3/tools/ppm2tiff.c tiff-4.0.3.orig/tools/ppm2tiff.c 2010-04-10 15:22:34.0 -0400 -+++ tiff-4.0.3/tools/ppm2tiff.c2012-12-12 16:43:18.932315708 -0500 -@@ -72,6 +72,17 @@ - exit(-2); - } - -+static tmsize_t -+multiply_ms(tmsize_t m1, tmsize_t m2) -+{ -+ tmsize_t bytes = m1 * m2; -+ -+ if (m1 && bytes / m1 != m2) -+ bytes = 0; -+ -+ return bytes; -+} -+ - int - main(int argc, char* argv[]) - { -@@ -79,7 +90,7 @@ - uint32 rowsperstrip = (uint32) -1; - double resolution = -1; - unsigned char *buf = NULL; -- tsize_t linebytes = 0; -+ tmsize_t linebytes = 0; - uint16 spp = 1; - uint16 bpp = 8; - TIFF *out; -@@ -89,6 +100,7 @@ - int c; - extern int optind; - extern char* optarg; -+ tmsize_t scanline_size; - - if (argc < 2) { - fprintf(stderr, "%s: Too few arguments\n", argv[0]); -@@ -221,7 +233,8 @@ - } - switch (bpp) { - case 1: -- linebytes = (spp * w + (8 - 1)) / 8; -+ /* if round-up overflows, result will be zero, OK */ -+ linebytes = (multiply_ms(spp, w) + (8 - 1)) / 8; - if (rowsperstrip == (uint32) -1) { - TIFFSetField(out, TIFFTAG_ROWSPERSTRIP, h); - } else { -@@ -230,15 +243,31 @@ - } - break; - case 8: -- linebytes = spp * w; -+ linebytes = multiply_ms(spp, w); - TIFFSetField(out, TIFFTAG_ROWSPERSTRIP, - TIFFDefaultStripSize(out, rowsperstrip)); - break; - } -- if (TIFFScanlineSize(out) > linebytes) -+ if (linebytes == 0) { -+ fprintf(stderr, "%s: scanline size overflow\n", infile
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/
commit: 04540112d67f5e0a9d0dd41bc1990c15d01140a1 Author: Lars Wendler gentoo org> AuthorDate: Sun Aug 7 21:53:57 2016 + Commit: Lars Wendler gentoo org> CommitDate: Sun Aug 7 21:54:13 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=04540112 media-libs/tiff: Also remove gif2tiff test (bug #590708). Package-Manager: portage-2.3.0 Signed-off-by: Lars Wendler gentoo.org> media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch | 10 ++ 1 file changed, 10 insertions(+) diff --git a/media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch b/media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch index 9cf4ec5..ea5c2c3 100644 --- a/media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch +++ b/media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch @@ -15,6 +15,16 @@ https://bugs.gentoo.org/585274 pal2rgb.1 \ ppm2tiff.1 \ ras2tiff.1 \ +--- tiff-4.0.6/test/Makefile.am tiff-4.0.6/test/Makefile.am +@@ -68,7 +68,6 @@ + TESTSCRIPTS = \ + bmp2tiff_palette.sh \ + bmp2tiff_rgb.sh \ +- gif2tiff.sh \ + ppm2tiff_pbm.sh \ + ppm2tiff_pgm.sh \ + ppm2tiff_ppm.sh \ --- tiff-4.0.6/tools/Makefile.am +++ tiff-4.0.6/tools/Makefile.am @@ -34,7 +34,6 @@
[gentoo-commits] repo/gentoo:master commit in: media-libs/tiff/files/, media-libs/tiff/
commit: c833e82151f379f180b50c7dff58b8f989a9c1a9 Author: Lars Wendler gentoo org> AuthorDate: Wed Aug 3 13:37:49 2016 + Commit: Lars Wendler gentoo org> CommitDate: Wed Aug 3 13:38:12 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c833e821 media-libs/tiff: Revbump for security bug #585274 Removing vulnerable gif2tiff (CVE-2016-5102) Upstream seems to no longer ship this tool with >=tiff-4.0.7 versions. Package-Manager: portage-2.3.0 Signed-off-by: Lars Wendler gentoo.org> .../tiff/files/tiff-4.0.6-gif2tiff_removal.patch | 37 +++ media-libs/tiff/tiff-4.0.6-r1.ebuild | 74 ++ 2 files changed, 111 insertions(+) diff --git a/media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch b/media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch new file mode 100644 index 000..9cf4ec5 --- /dev/null +++ b/media-libs/tiff/files/tiff-4.0.6-gif2tiff_removal.patch @@ -0,0 +1,37 @@ +# Removing vulnerable gif2tiff (CVE-2016-5102) +# Upstream seems to no longer ship this tool with >=tiff-4.0.7 versions. + +http://bugzilla.maptools.org/show_bug.cgi?id=2552 +https://bugzilla.redhat.com/show_bug.cgi?id=1343407 +https://bugs.gentoo.org/585274 + +--- tiff-4.0.6/man/Makefile.am tiff-4.0.6/man/Makefile.am +@@ -27,7 +27,6 @@ + bmp2tiff.1 \ + fax2ps.1 \ + fax2tiff.1 \ +- gif2tiff.1 \ + pal2rgb.1 \ + ppm2tiff.1 \ + ras2tiff.1 \ +--- tiff-4.0.6/tools/Makefile.am tiff-4.0.6/tools/Makefile.am +@@ -34,7 +34,6 @@ + bmp2tiff \ + fax2ps \ + fax2tiff \ +- gif2tiff \ + pal2rgb \ + ppm2tiff \ + ras2tiff \ +@@ -73,9 +72,6 @@ + fax2tiff_SOURCES = fax2tiff.c + fax2tiff_LDADD = $(LIBTIFF) $(LIBPORT) + +-gif2tiff_SOURCES = gif2tiff.c +-gif2tiff_LDADD = $(LIBTIFF) $(LIBPORT) +- + pal2rgb_SOURCES = pal2rgb.c + pal2rgb_LDADD = $(LIBTIFF) $(LIBPORT) + diff --git a/media-libs/tiff/tiff-4.0.6-r1.ebuild b/media-libs/tiff/tiff-4.0.6-r1.ebuild new file mode 100644 index 000..b652b05 --- /dev/null +++ b/media-libs/tiff/tiff-4.0.6-r1.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 +inherit autotools eutils libtool multilib-minimal + +DESCRIPTION="Tag Image File Format (TIFF) library" +HOMEPAGE="http://www.remotesensing.org/libtiff/"; +SRC_URI="http://download.osgeo.org/libtiff/${P}.tar.gz + ftp://ftp.remotesensing.org/pub/libtiff/${P}.tar.gz"; + +LICENSE="libtiff" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" +IUSE="+cxx jbig jpeg lzma static-libs test zlib" + +RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] ) + jbig? ( >=media-libs/jbigkit-2.1:=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:=[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20130224-r9 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + )" +DEPEND="${RDEPEND}" + +REQUIRED_USE="test? ( jpeg )" #483132 + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/tiffconf.h +) + +PATCHES=( + "${FILESDIR}/${P}-gif2tiff_removal.patch" # 585274 +) + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + ECONF_SOURCE="${S}" econf \ + $(use_enable static-libs static) \ + $(use_enable zlib) \ + $(use_enable jpeg) \ + $(use_enable jbig) \ + $(use_enable lzma) \ + $(use_enable cxx) \ + --without-x + + # remove useless subdirs + if ! multilib_is_native_abi ; then + sed -i \ + -e 's/ tools//' \ + -e 's/ contrib//' \ + -e 's/ man//' \ + -e 's/ html//' \ + Makefile || die + fi +} + +multilib_src_test() { + if ! multilib_is_native_abi ; then + emake -C tools + fi + emake check +} + +multilib_src_install_all() { + prune_libtool_files --all + rm -f "${ED}"/usr/share/doc/${PF}/{COPYRIGHT,README*,RELEASE-DATE,TODO,VERSION} +}