T.J. Townsend pushed to branch main at Arch Linux / Packaging / Packages / libtiff
Commits: b6f49188 by T.J. Townsend at 2024-05-06T18:15:24-04:00 upgpkg: 4.6.0-5: backport fix for CVE-2023-52356 - - - - - 2 changed files: - .SRCINFO - PKGBUILD Changes: ===================================== .SRCINFO ===================================== @@ -1,7 +1,7 @@ pkgbase = libtiff pkgdesc = Library for manipulation of TIFF images pkgver = 4.6.0 - pkgrel = 4 + pkgrel = 5 url = http://www.simplesystems.org/libtiff/ arch = x86_64 license = custom ===================================== PKGBUILD ===================================== @@ -3,7 +3,7 @@ pkgname=libtiff pkgver=4.6.0 -pkgrel=4 +pkgrel=5 pkgdesc='Library for manipulation of TIFF images' url='http://www.simplesystems.org/libtiff/' arch=('x86_64') @@ -12,7 +12,6 @@ depends=('gcc-libs' 'glibc' 'jbigkit' 'libjpeg-turbo' 'libjpeg.so' 'zlib' 'xz' ' makedepends=('freeglut' 'git' 'glu' 'mesa') optdepends=('freeglut: for using tiffgt') provides=('libtiff.so' 'libtiffxx.so') -#source=("https://download.osgeo.org/libtiff/tiff-${pkgver}.tar.gz"{,.sig} source=("git+https://gitlab.com/libtiff/libtiff.git?signed#tag=v${pkgver}") sha256sums=('039e243f1f37459833b9c3475e62d245f9593e61e8f4be5843f2d7af711c45f9') b2sums=('e3c31b9afefecdcafb52d174840c2eee8cb4dd43ff1a81eef52a09e0753cfb247775baa7a42b865e518f2cdaa04828e4acbb43a0ead373b1251b2d0c03f8d0a6') @@ -25,6 +24,8 @@ prepare() { cd libtiff # CVE-2023-6277 git cherry-pick -n 5320c9d89c054fa805d037d84c57da874470b01a + # CVE-2023-52356 + git cherry-pick -n 51558511bdbbcffdce534db21dbaf5d54b31638a autoreconf -fiv } View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/libtiff/-/commit/b6f49188cba6524e15faf7f76e492bc4336d60d0 -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/libtiff/-/commit/b6f49188cba6524e15faf7f76e492bc4336d60d0 You're receiving this email because of your account on gitlab.archlinux.org.