T.J. Townsend pushed to branch main at Arch Linux / Packaging / Packages /
libtiff
Commits:
b6f49188 by T.J. Townsend at 2024-05-06T18:15:24-04:00
upgpkg: 4.6.0-5: backport fix for CVE-2023-52356
- - - - -
2 changed files:
- .SRCINFO
- PKGBUILD
Changes:
=====================================
.SRCINFO
=====================================
@@ -1,7 +1,7 @@
pkgbase = libtiff
pkgdesc = Library for manipulation of TIFF images
pkgver = 4.6.0
- pkgrel = 4
+ pkgrel = 5
url = http://www.simplesystems.org/libtiff/
arch = x86_64
license = custom
=====================================
PKGBUILD
=====================================
@@ -3,7 +3,7 @@
pkgname=libtiff
pkgver=4.6.0
-pkgrel=4
+pkgrel=5
pkgdesc='Library for manipulation of TIFF images'
url='http://www.simplesystems.org/libtiff/'
arch=('x86_64')
@@ -12,7 +12,6 @@ depends=('gcc-libs' 'glibc' 'jbigkit' 'libjpeg-turbo'
'libjpeg.so' 'zlib' 'xz' '
makedepends=('freeglut' 'git' 'glu' 'mesa')
optdepends=('freeglut: for using tiffgt')
provides=('libtiff.so' 'libtiffxx.so')
-#source=("https://download.osgeo.org/libtiff/tiff-${pkgver}.tar.gz"{,.sig}
source=("git+https://gitlab.com/libtiff/libtiff.git?signed#tag=v${pkgver}";)
sha256sums=('039e243f1f37459833b9c3475e62d245f9593e61e8f4be5843f2d7af711c45f9')
b2sums=('e3c31b9afefecdcafb52d174840c2eee8cb4dd43ff1a81eef52a09e0753cfb247775baa7a42b865e518f2cdaa04828e4acbb43a0ead373b1251b2d0c03f8d0a6')
@@ -25,6 +24,8 @@ prepare() {
cd libtiff
# CVE-2023-6277
git cherry-pick -n 5320c9d89c054fa805d037d84c57da874470b01a
+ # CVE-2023-52356
+ git cherry-pick -n 51558511bdbbcffdce534db21dbaf5d54b31638a
autoreconf -fiv
}
View it on GitLab:
https://gitlab.archlinux.org/archlinux/packaging/packages/libtiff/-/commit/b6f49188cba6524e15faf7f76e492bc4336d60d0
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://gitlab.archlinux.org/archlinux/packaging/packages/libtiff/-/commit/b6f49188cba6524e15faf7f76e492bc4336d60d0
You're receiving this email because of your account on gitlab.archlinux.org.
