commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2020-04-05 20:50:49 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new.3248 (New) Package is "tiff" Sun Apr 5 20:50:49 2020 rev:79 rq:790472 version:4.1.0 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2019-11-11 12:58:01.873540418 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new.3248/tiff.changes 2020-04-05 20:51:08.933045063 +0200 @@ -1,0 +2,10 @@ +Wed Apr 1 06:48:35 UTC 2020 - Martin Pluskal + +- Drop webp support as it would introduce build cycle + +--- +Mon Mar 30 15:25:24 UTC 2020 - Martin Pluskal + +- Enable zstd and webp support + +--- Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.W3TLR9/_old 2020-04-05 20:51:11.365047389 +0200 +++ /var/tmp/diff_new_pack.W3TLR9/_new 2020-04-05 20:51:11.365047389 +0200 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -37,6 +37,7 @@ BuildRequires: libtool BuildRequires: lzma-devel BuildRequires: pkgconfig +BuildRequires: pkgconfig(libzstd) BuildRequires: pkgconfig(zlib) %description @@ -79,7 +80,7 @@ %if %{asan_build} find -name Makefile | xargs sed -i 's/\(^CFLAGS.*\)/\1 -fsanitize=address/' %endif -make %{?_smp_mflags} LDFLAGS="-pie" +%make_build LDFLAGS="-pie" %install mkdir -p %{buildroot}/{%{_mandir}/{man1,man3},usr/{bin,lib,include}}
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2019-11-11 12:57:59 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new.2990 (New) Package is "tiff" Mon Nov 11 12:57:59 2019 rev:78 rq:745991 version:4.1.0 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2019-02-13 10:18:18.621336490 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new.2990/tiff.changes 2019-11-11 12:58:01.873540418 +0100 @@ -1,0 +2,12 @@ +Wed Nov 6 12:00:35 UTC 2019 - pgaj...@suse.com + +- version update to 4.1.0 + * fixes several CVEs mentioned below and more, +see ChangeLog +- deleted patches + - tiff-CVE-2018-12900.patch (upstreamed) + - tiff-CVE-2018-17000,19210.patch (upstreamed) + - tiff-CVE-2019-6128.patch (upstreamed) + - tiff-CVE-2019-7663.patch (upstreamed) + +--- Old: tiff-4.0.10.tar.gz tiff-CVE-2018-12900.patch tiff-CVE-2018-17000,19210.patch tiff-CVE-2019-6128.patch tiff-CVE-2019-7663.patch New: tiff-4.1.0.tar.gz Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.kzAoLF/_old 2019-11-11 12:58:02.833541434 +0100 +++ /var/tmp/diff_new_pack.kzAoLF/_new 2019-11-11 12:58:02.837541439 +0100 @@ -12,14 +12,14 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define asan_build 0 %define debug_build 0 Name: tiff -Version:4.0.10 +Version:4.1.0 Release:0 Summary:Tools for Converting from and to the Tagged Image File Format License:HPND @@ -31,17 +31,6 @@ Patch0: tiff-4.0.3-seek.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch1: tiff-4.0.3-compress-warning.patch -# http://bugzilla.maptools.org/show_bug.cgi?id=2798 -# https://gitlab.com/libtiff/libtiff/merge_requests/44 -Patch2: tiff-CVE-2018-12900.patch -Patch3: tiff-CVE-2018-17000,19210.patch -# http://bugzilla.maptools.org/show_bug.cgi?id=2836 -# https://gitlab.com/libtiff/libtiff/merge_requests/50 -Patch4: tiff-CVE-2019-6128.patch -# http://bugzilla.maptools.org/show_bug.cgi?id=2833 -# https://gitlab.com/libtiff/libtiff/merge_requests/54 -# https://gitlab.com/libtiff/libtiff/merge_requests/60 -Patch5: tiff-CVE-2019-7663.patch BuildRequires: gcc-c++ BuildRequires: libjbig-devel BuildRequires: libjpeg-devel @@ -80,10 +69,6 @@ %setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.10.tar.gz -> tiff-4.1.0.tar.gz ++ 9192 lines of diff (skipped)
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2019-02-13 10:18:13 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new.28833 (New) Package is "tiff" Wed Feb 13 10:18:13 2019 rev:77 rq:674138 version:4.0.10 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-11-26 10:13:21.990220372 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new.28833/tiff.changes 2019-02-13 10:18:18.621336490 +0100 @@ -1,0 +2,27 @@ +Tue Feb 12 15:36:02 UTC 2019 - mvet...@suse.com + +- security update + * CVE-2019-7663 [bsc#1125113] ++ tiff-CVE-2019-7663.patch + +--- +Mon Feb 4 14:04:09 UTC 2019 - mvet...@suse.com + +- security update + * CVE-2019-6128 [bsc#1121626] ++ tiff-CVE-2019-6128.patch + +--- +Wed Jan 30 12:47:58 UTC 2019 - Petr Gajdos + +- extend tiff-CVE-2018-19210.patch and rename it to + tiff-CVE-2018-17000,19210.patch [bsc#1108606c#11] + * solves CVE-2018-19210 [bsc#1115717] and CVE-2018-17000 [bsc#1108606] + +--- +Wed Jan 30 10:12:37 UTC 2019 - Petr Gajdos + +- amend tiff-CVE-2018-12900.patch: fix wrong error message + [bsc#1099257] + +--- Old: tiff-CVE-2018-19210.patch New: tiff-CVE-2018-17000,19210.patch tiff-CVE-2019-6128.patch tiff-CVE-2019-7663.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.qkwlo3/_old 2019-02-13 10:18:19.813336037 +0100 +++ /var/tmp/diff_new_pack.qkwlo3/_new 2019-02-13 10:18:19.817336035 +0100 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -34,7 +34,14 @@ # http://bugzilla.maptools.org/show_bug.cgi?id=2798 # https://gitlab.com/libtiff/libtiff/merge_requests/44 Patch2: tiff-CVE-2018-12900.patch -Patch3: tiff-CVE-2018-19210.patch +Patch3: tiff-CVE-2018-17000,19210.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2836 +# https://gitlab.com/libtiff/libtiff/merge_requests/50 +Patch4: tiff-CVE-2019-6128.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2833 +# https://gitlab.com/libtiff/libtiff/merge_requests/54 +# https://gitlab.com/libtiff/libtiff/merge_requests/60 +Patch5: tiff-CVE-2019-7663.patch BuildRequires: gcc-c++ BuildRequires: libjbig-devel BuildRequires: libjpeg-devel @@ -75,6 +82,8 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-CVE-2018-12900.patch ++ --- /var/tmp/diff_new_pack.qkwlo3/_old 2019-02-13 10:18:19.853336022 +0100 +++ /var/tmp/diff_new_pack.qkwlo3/_new 2019-02-13 10:18:19.853336022 +0100 @@ -8,7 +8,7 @@ } +if (0x / tilew < spp) +{ -+TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps); ++TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or SamplePerPixel (%u) is too large", tilew, spp); +status = 0; +goto done; +} ++ tiff-CVE-2018-17000,19210.patch ++ Index: tiff-4.0.10/libtiff/tif_dirwrite.c === --- tiff-4.0.10.orig/libtiff/tif_dirwrite.c 2018-06-24 22:26:30.335763566 +0200 +++ tiff-4.0.10/libtiff/tif_dirwrite.c 2018-11-19 14:21:42.703256410 +0100 @@ -1883,6 +1883,9 @@ TIFFWriteDirectoryTagTransferfunction(TI } m=(1tif_dir.td_samplesperpixel-tif->tif_dir.td_extrasamples; +if (tif->tif_dir.td_transferfunction[2] == NULL || +tif->tif_dir.td_transferfunction[1] == NULL) + n = 1; /* * Check if the table can be written as a single column, * or if it must be written as 3 columns. Note that we diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c index 6f0b48798bdeee91729c10e1fbcf9786234be5f3..078fbcec20677f19f7f967a4834011fe60df1df3 100644 --- a/libtiff/tif_dir.c +++
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-11-26 10:13:11 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new.19453 (New) Package is "tiff" Mon Nov 26 10:13:11 2018 rev:76 rq:650209 version:4.0.10 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-10-23 20:35:59.720859357 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new.19453/tiff.changes 2018-11-26 10:13:21.990220372 +0100 @@ -1,0 +2,37 @@ +Mon Nov 19 13:56:48 UTC 2018 - Petr Gajdos + +- security update + * CVE-2018-19210 [bsc#1115717] ++ tiff-CVE-2018-19210.patch + +--- +Tue Nov 13 10:20:45 UTC 2018 - Tomáš Chvátal + +- Support only SLE12+ and remove the no longer needed conditions + +--- +Tue Nov 13 08:18:54 UTC 2018 - Petr Gajdos + +- security update + * CVE-2018-12900 [bsc#1099257] ++ tiff-CVE-2018-12900.patch + +--- +Mon Nov 12 11:37:11 UTC 2018 - Petr Gajdos + +- upddated to 4.0.10: + * fixes several CVEs mentioned below plus CVE-2018-18557 and +CVE-2018-18661 and more +- removed patches + * tiff-CVE-2017-11613,CVE-2018-16335,15209.patch + * tiff-CVE-2017-18013.patch + * tiff-CVE-2017-9935,CVE-2018-17795.patch + * tiff-CVE-2018-10779.patch + * tiff-CVE-2018-10963.patch + * tiff-CVE-2018-17100.patch + * tiff-CVE-2018-17101.patch + * tiff-CVE-2018-7456.patch + * tiff-CVE-2018-8905.patch + * tiff-4.0.9-bsc1081690-CVE-2018-5784.patch + +--- Old: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch tiff-4.0.9.tar.gz tiff-CVE-2017-11613,CVE-2018-16335,15209.patch tiff-CVE-2017-18013.patch tiff-CVE-2017-9935,CVE-2018-17795.patch tiff-CVE-2018-10779.patch tiff-CVE-2018-10963.patch tiff-CVE-2018-17100.patch tiff-CVE-2018-17101.patch tiff-CVE-2018-7456.patch tiff-CVE-2018-8905.patch New: tiff-4.0.10.tar.gz tiff-CVE-2018-12900.patch tiff-CVE-2018-19210.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.wD4jLJ/_old 2018-11-26 10:13:23.162218997 +0100 +++ /var/tmp/diff_new_pack.wD4jLJ/_new 2018-11-26 10:13:23.166218993 +0100 @@ -17,53 +17,31 @@ %define asan_build 0 - +%define debug_build 0 Name: tiff -Version:4.0.9 +Version:4.0.10 Release:0 Summary:Tools for Converting from and to the Tagged Image File Format License:HPND Group: Productivity/Graphics/Convertors -Url:http://www.simplesystems.org/libtiff/ +URL:http://www.simplesystems.org/libtiff/ Source: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz Source2:README.SUSE Source3:baselibs.conf Patch0: tiff-4.0.3-seek.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch1: tiff-4.0.3-compress-warning.patch -# Contained in upstream repo. See bsc#1046077 for commit IDs. -Patch2: tiff-CVE-2017-9935,CVE-2018-17795.patch -Patch3: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch -Patch4: tiff-CVE-2018-10963.patch -Patch5: tiff-CVE-2017-18013.patch -Patch6: tiff-CVE-2018-7456.patch -Patch7: tiff-CVE-2017-11613,CVE-2018-16335,15209.patch -Patch8: tiff-CVE-2018-8905.patch -Patch9: tiff-CVE-2018-10779.patch -Patch10:tiff-CVE-2018-17100.patch -Patch11:tiff-CVE-2018-17101.patch - +# http://bugzilla.maptools.org/show_bug.cgi?id=2798 +# https://gitlab.com/libtiff/libtiff/merge_requests/44 +Patch2: tiff-CVE-2018-12900.patch +Patch3: tiff-CVE-2018-19210.patch BuildRequires: gcc-c++ +BuildRequires: libjbig-devel BuildRequires: libjpeg-devel BuildRequires: libtool -BuildRequires: zlib-devel -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%if 0%{?suse_version} > 1030 BuildRequires: lzma-devel -%endif -%if 0%{?suse_version} <= 1000 BuildRequires: pkgconfig -%endif -%if 0%{?suse_version} > 1000 -BuildRequires: pkg-config -%endif -# bug437293 -%ifarch ppc64 -Obsoletes: tiff-64bit -%endif -%if 0%{?suse_version} > 1210 -BuildRequires: libjbig-devel -%endif +BuildRequires: pkgconfig(zlib) %description This package contains the library and support programs for the TIFF @@ -73,11 +51,6 @@ Summary:The Tiff Library (with JPEG and compression support) Group: System/Libraries Provides: libtiff = %{version} -# bug437293 -%ifarch ppc64 -Obsoletes: libtiff-64bit -%endif -# %description -n libtiff5 This package includes the
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-10-23 20:35:56 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Tue Oct 23 20:35:56 2018 rev:75 rq:643138 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-09-11 17:10:52.348005826 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-10-23 20:35:59.720859357 +0200 @@ -1,0 +2,21 @@ +Fri Oct 19 07:02:18 UTC 2018 - Petr Gajdos + +- security update + * CVE-2018-17795 [bsc#1110358] +% tiff-4.0.9-bsc1046077-CVE-2017-9935.patch renamed to + tiff-CVE-2017-9935,CVE-2018-17795.patch + * CVE-2018-16335 [bsc#1106853] +% tiff-CVE-2017-11613.patch renamed to + tiff-CVE-2017-11613,CVE-2018-16335,15209.patch +- add a possibility to build with ASAN + +--- +Wed Oct 17 11:29:07 UTC 2018 - Petr Gajdos + +- security update + * CVE-2018-17100 [bsc#1108637] ++ tiff-CVE-2018-17100.patch + * CVE-2018-17101 [bsc#1108627] ++ tiff-CVE-2018-17101.patch + +--- Old: tiff-4.0.9-bsc1046077-CVE-2017-9935.patch tiff-CVE-2017-11613.patch New: tiff-CVE-2017-11613,CVE-2018-16335,15209.patch tiff-CVE-2017-9935,CVE-2018-17795.patch tiff-CVE-2018-17100.patch tiff-CVE-2018-17101.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.MjCrrw/_old 2018-10-23 20:36:00.908857937 +0200 +++ /var/tmp/diff_new_pack.MjCrrw/_new 2018-10-23 20:36:00.912857932 +0200 @@ -12,10 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # +%define asan_build 0 + Name: tiff Version:4.0.9 Release:0 @@ -30,14 +32,16 @@ # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch1: tiff-4.0.3-compress-warning.patch # Contained in upstream repo. See bsc#1046077 for commit IDs. -Patch2: tiff-4.0.9-bsc1046077-CVE-2017-9935.patch +Patch2: tiff-CVE-2017-9935,CVE-2018-17795.patch Patch3: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch Patch4: tiff-CVE-2018-10963.patch Patch5: tiff-CVE-2017-18013.patch Patch6: tiff-CVE-2018-7456.patch -Patch7: tiff-CVE-2017-11613.patch +Patch7: tiff-CVE-2017-11613,CVE-2018-16335,15209.patch Patch8: tiff-CVE-2018-8905.patch Patch9: tiff-CVE-2018-10779.patch +Patch10:tiff-CVE-2018-17100.patch +Patch11:tiff-CVE-2018-17101.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -109,10 +113,15 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 +%patch11 -p1 %build CFLAGS="%{optflags} -fPIE" %configure --disable-static +%if %{asan_build} +find -name Makefile | xargs sed -i 's/\(^CFLAGS.*\)/\1 -fsanitize=address/' +%endif make %{?_smp_mflags} LDFLAGS="-pie" %install @@ -137,6 +146,10 @@ done %check +%if %{asan_build} +# ASAN needs /proc to be mounted +exit 0 +%endif for i in tools test; do (cd $i && make %{?_smp_mflags} check) done ++ tiff-CVE-2017-11613,CVE-2018-16335,15209.patch ++ Index: tiff-4.0.9/libtiff/tif_dirread.c === --- tiff-4.0.9.orig/libtiff/tif_dirread.c 2018-06-04 16:49:48.940452546 +0200 +++ tiff-4.0.9/libtiff/tif_dirread.c2018-06-04 16:50:18.572859131 +0200 @@ -5760,6 +5760,16 @@ ChopUpSingleUncompressedStrip(TIFF* tif) if( nstrips == 0 ) return; +/* If we are going to allocate a lot of memory, make sure that the */ +/* file is as big as needed */ +if( tif->tif_mode == O_RDONLY && +nstrips > 100 && +(offset >= TIFFGetFileSize(tif) || + stripbytes > (TIFFGetFileSize(tif) - offset) / (nstrips - 1)) ) +{ +return; +} + newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), "for chopped \"StripByteCounts\" array"); newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), ++ tiff-CVE-2017-9935,CVE-2018-17795.patch ++ >From 3dd8f6a357981a4090f126ab9025056c938b6940 Mon Sep 17 00:00:00 2001 From: Brian May Date: Thu, 7 Dec 2017 07:46:47 +1100 Subject: [PATCH] tiff2pdf: Fix CVE-2017-9935 Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704 This vulnerability - at least for the supplied test case -
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-09-11 17:10:49 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Tue Sep 11 17:10:49 2018 rev:74 rq:631401 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-06-08 23:20:01.558180325 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-09-11 17:10:52.348005826 +0200 @@ -1,0 +2,12 @@ +Fri Aug 24 11:43:53 UTC 2018 - pgaj...@suse.com + +- remove pal2rgb tool [bsc#1071031] + +--- +Wed Aug 15 15:10:32 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2018-10779 [bsc#1092480] ++ tiff-CVE-2018-10779.patch + +--- New: tiff-CVE-2018-10779.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.v3hOIn/_old 2018-09-11 17:10:53.156004570 +0200 +++ /var/tmp/diff_new_pack.v3hOIn/_new 2018-09-11 17:10:53.160004564 +0200 @@ -37,6 +37,7 @@ Patch6: tiff-CVE-2018-7456.patch Patch7: tiff-CVE-2017-11613.patch Patch8: tiff-CVE-2018-8905.patch +Patch9: tiff-CVE-2018-10779.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -107,6 +108,7 @@ %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build CFLAGS="%{optflags} -fPIE" @@ -127,6 +129,12 @@ rm -rf %{buildroot}%{_datadir}/doc/tiff* find %{buildroot} -type f -name "*.la" -delete -print find html -name "Makefile*" | xargs rm +# remove pal2rgb, bsc#1071031 +for tool in pal2rgb; do + rm %{buildroot}%{_bindir}/$tool + rm %{buildroot}%{_mandir}/man1/$tool.1 + rm html/man/$tool.1.html +done %check for i in tools test; do ++ tiff-CVE-2018-10779.patch ++ diff --git a/libtiff/tif_write.c b/libtiff/tif_write.c index 586f6fdff66a7a0c1864dbe1e2c5831602b055ce..a31ecd12c133ac18bed6bfbc97fcbad5e19a3257 100644 --- a/libtiff/tif_write.c +++ b/libtiff/tif_write.c @@ -538,9 +538,11 @@ TIFFSetupStrips(TIFF* tif) if (td->td_planarconfig == PLANARCONFIG_SEPARATE) td->td_stripsperimage /= td->td_samplesperpixel; td->td_stripoffset = (uint64 *) - _TIFFmalloc(td->td_nstrips * sizeof (uint64)); +_TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64), + "for \"StripOffsets\" array"); td->td_stripbytecount = (uint64 *) - _TIFFmalloc(td->td_nstrips * sizeof (uint64)); +_TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64), + "for \"StripByteCounts\" array"); if (td->td_stripoffset == NULL || td->td_stripbytecount == NULL) return (0); /*
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-06-08 23:19:57 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Fri Jun 8 23:19:57 2018 rev:73 rq:614266 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-05-19 15:41:51.451963956 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-06-08 23:20:01.558180325 +0200 @@ -1,0 +2,21 @@ +Tue Jun 5 12:21:02 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2018-8905 [bsc#1086408] ++ tiff-CVE-2018-8905.patch + +--- +Mon Jun 4 15:12:15 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2017-11613 [bsc#1082332] ++ tiff-CVE-2017-11613.patch + +--- +Mon Jun 4 12:55:54 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2018-7456 [bsc#1082825] ++ tiff-CVE-2018-7456.patch + +--- New: tiff-CVE-2017-11613.patch tiff-CVE-2018-7456.patch tiff-CVE-2018-8905.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.wIZ8C9/_old 2018-06-08 23:20:02.802135387 +0200 +++ /var/tmp/diff_new_pack.wIZ8C9/_new 2018-06-08 23:20:02.806135242 +0200 @@ -34,6 +34,9 @@ Patch3: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch Patch4: tiff-CVE-2018-10963.patch Patch5: tiff-CVE-2017-18013.patch +Patch6: tiff-CVE-2018-7456.patch +Patch7: tiff-CVE-2017-11613.patch +Patch8: tiff-CVE-2018-8905.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -101,6 +104,9 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-CVE-2017-11613.patch ++ Index: tiff-4.0.9/libtiff/tif_dirread.c === --- tiff-4.0.9.orig/libtiff/tif_dirread.c 2018-06-04 16:49:48.940452546 +0200 +++ tiff-4.0.9/libtiff/tif_dirread.c2018-06-04 16:50:18.572859131 +0200 @@ -5760,6 +5760,16 @@ ChopUpSingleUncompressedStrip(TIFF* tif) if( nstrips == 0 ) return; +/* If we are going to allocate a lot of memory, make sure that the */ +/* file is as big as needed */ +if( tif->tif_mode == O_RDONLY && +nstrips > 100 && +(offset >= TIFFGetFileSize(tif) || + stripbytes > (TIFFGetFileSize(tif) - offset) / (nstrips - 1)) ) +{ +return; +} + newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), "for chopped \"StripByteCounts\" array"); newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), ++ tiff-CVE-2018-7456.patch ++ diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c index 6baa7b3..af5b84a 100644 --- a/libtiff/tif_dirread.c +++ b/libtiff/tif_dirread.c @@ -165,6 +165,7 @@ static int TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uin static int TIFFFetchSubjectDistance(TIFF*, TIFFDirEntry*); static void ChopUpSingleUncompressedStrip(TIFF*); static uint64 TIFFReadUInt64(const uint8 *value); +static int _TIFFGetMaxColorChannels(uint16 photometric); static int _TIFFFillStrilesInternal( TIFF *tif, int loadStripByteCount ); @@ -3505,6 +3506,35 @@ static void TIFFReadDirEntryOutputErr(TIFF* tif, enum TIFFReadDirEntryErr err, c } /* + * Return the maximum number of color channels specified for a given photometric + * type. 0 is returned if photometric type isn't supported or no default value + * is defined by the specification. + */ +static int _TIFFGetMaxColorChannels( uint16 photometric ) +{ +switch (photometric) { + case PHOTOMETRIC_PALETTE: + case PHOTOMETRIC_MINISWHITE: + case PHOTOMETRIC_MINISBLACK: +return 1; + case PHOTOMETRIC_YCBCR: + case PHOTOMETRIC_RGB: + case PHOTOMETRIC_CIELAB: +return 3; + case PHOTOMETRIC_SEPARATED: + case PHOTOMETRIC_MASK: +return 4; + case PHOTOMETRIC_LOGL: + case PHOTOMETRIC_LOGLUV: + case PHOTOMETRIC_CFA: + case PHOTOMETRIC_ITULAB: + case PHOTOMETRIC_ICCLAB: + default: +return 0; +} +} + +/* * Read the next TIFF directory from a file and convert it to the internal * format. We read directories sequentially. */ @@ -3520,6 +3550,7 @@ TIFFReadDirectory(TIFF* tif) uint32 fii=FAILED_FII; toff_t nextdiroff; int bitspersample_read = FALSE;
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-05-19 15:41:47 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Sat May 19 15:41:47 2018 rev:72 rq:610255 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-02-25 12:20:53.726736559 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-05-19 15:41:51.451963956 +0200 @@ -1,0 +2,14 @@ +Fri May 18 09:18:26 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2017-18013 [bsc#1074317] ++ tiff-CVE-2017-18013.patch + +--- +Tue May 15 12:26:45 UTC 2018 - pgaj...@suse.com + +- security update + * CVE-2018-10963 [bsc#1092949] ++ tiff-CVE-2018-10963.patch + +--- New: tiff-CVE-2017-18013.patch tiff-CVE-2018-10963.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.5OMCSN/_old 2018-05-19 15:41:52.251934688 +0200 +++ /var/tmp/diff_new_pack.5OMCSN/_new 2018-05-19 15:41:52.251934688 +0200 @@ -32,6 +32,8 @@ # Contained in upstream repo. See bsc#1046077 for commit IDs. Patch2: tiff-4.0.9-bsc1046077-CVE-2017-9935.patch Patch3: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch +Patch4: tiff-CVE-2018-10963.patch +Patch5: tiff-CVE-2017-18013.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -97,6 +99,8 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-CVE-2017-18013.patch ++ --- a/libtiff/tif_print.c +++ b/libtiff/tif_print.c @@ -665,13 +665,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) fprintf(fd, "%3lu: [%8I64u, %8I64u]\n", (unsigned long) s, - (unsigned __int64) td->td_stripoffset[s], - (unsigned __int64) td->td_stripbytecount[s]); + td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0, + td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0); #else fprintf(fd, "%3lu: [%8llu, %8llu]\n", (unsigned long) s, - (unsigned long long) td->td_stripoffset[s], - (unsigned long long) td->td_stripbytecount[s]); + td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0, + td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0); #endif } } ++ tiff-CVE-2018-10963.patch ++ diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c index 2430de6..c15a28d 100644 --- a/libtiff/tif_dirwrite.c +++ b/libtiff/tif_dirwrite.c @@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) } break; default: - assert(0); /* we should never get here */ - break; + TIFFErrorExt(tif->tif_clientdata,module, + "Cannot write tag %d (%s)", + TIFFFieldTag(o), + o->field_name ? o->field_name : "unknown"); + goto bad; } } }
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-02-25 12:20:50 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Sun Feb 25 12:20:50 2018 rev:71 rq:578431 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-02-18 11:39:33.127657834 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-02-25 12:20:53.726736559 +0100 @@ -1,0 +2,6 @@ +Tue Feb 20 16:18:33 UTC 2018 - mvet...@suse.com + +- bsc#1081690: Add tiff-4.0.9-bsc1081690-CVE-2018-5784.patch + Fix uncontrolled resource consumption in TIFFSetDirectory + +--- New: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.3W6Utp/_old 2018-02-25 12:20:55.166684406 +0100 +++ /var/tmp/diff_new_pack.3W6Utp/_new 2018-02-25 12:20:55.170684261 +0100 @@ -31,6 +31,7 @@ Patch1: tiff-4.0.3-compress-warning.patch # Contained in upstream repo. See bsc#1046077 for commit IDs. Patch2: tiff-4.0.9-bsc1046077-CVE-2017-9935.patch +Patch3: tiff-4.0.9-bsc1081690-CVE-2018-5784.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -95,6 +96,7 @@ %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.9-bsc1081690-CVE-2018-5784.patch ++ >From 473851d211cf8805a161820337ca74cc9615d6ef Mon Sep 17 00:00:00 2001 From: Nathan BakerDate: Tue, 6 Feb 2018 10:13:57 -0500 Subject: [PATCH] Fix for bug 2772 It is possible to craft a TIFF document where the IFD list is circular, leading to an infinite loop while traversing the chain. The libtiff directory reader has a failsafe that will break out of this loop after reading 65535 directory entries, but it will continue processing, consuming time and resources to process what is essentially a bogus TIFF document. This change fixes the above behavior by breaking out of processing when a TIFF document has >= 65535 directories and terminating with an error. --- contrib/addtiffo/tif_overview.c | 14 +- tools/tiff2pdf.c| 10 ++ tools/tiffcrop.c| 13 +++-- 3 files changed, 34 insertions(+), 3 deletions(-) diff --git a/contrib/addtiffo/tif_overview.c b/contrib/addtiffo/tif_overview.c index c61ffbb..03b3573 100644 --- a/contrib/addtiffo/tif_overview.c +++ b/contrib/addtiffo/tif_overview.c @@ -65,6 +65,8 @@ # define MAX(a,b) ((a>b) ? a : b) #endif +#define TIFF_DIR_MAX 65534 + void TIFFBuildOverviews( TIFF *, int, int *, int, const char *, int (*)(double,void*), void * ); @@ -91,6 +93,7 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize, { toff_t nBaseDirOffset; toff_t nOffset; +tdir_t iNumDir; (void) bUseSubIFDs; @@ -147,7 +150,16 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize, return 0; TIFFWriteDirectory( hTIFF ); -TIFFSetDirectory( hTIFF, (tdir_t) (TIFFNumberOfDirectories(hTIFF)-1) ); +iNumDir = TIFFNumberOfDirectories(hTIFF); +if( iNumDir > TIFF_DIR_MAX ) +{ +TIFFErrorExt( TIFFClientdata(hTIFF), + "TIFF_WriteOverview", + "File `%s' has too many directories.\n", + TIFFFileName(hTIFF) ); +exit(-1); +} +TIFFSetDirectory( hTIFF, (tdir_t) (iNumDir - 1) ); nOffset = TIFFCurrentDirOffset( hTIFF ); diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c index 984ef65..832a247 100644 --- a/tools/tiff2pdf.c +++ b/tools/tiff2pdf.c @@ -68,6 +68,8 @@ extern int getopt(int, char**, char*); #define PS_UNIT_SIZE 72.0F +#define TIFF_DIR_MAX65534 + /* This type is of PDF color spaces. */ typedef enum { T2P_CS_BILEVEL = 0x01, /* Bilevel, black and white */ @@ -1051,6 +1053,14 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){ uint16* tiff_transferfunction[3]; directorycount=TIFFNumberOfDirectories(input); + if(directorycount > TIFF_DIR_MAX) { + TIFFError( + TIFF2PDF_MODULE, + "TIFF contains too many directories, %s", + TIFFFileName(input)); + t2p->t2p_error = T2P_ERR_ERROR; + return; + } t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE))); if(t2p->tiff_pages==NULL){ TIFFError( diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c index 91a38f6..e466dae 100644 ---
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-02-18 11:39:30 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Sun Feb 18 11:39:30 2018 rev:70 rq:577270 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2018-01-02 16:31:49.579728714 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-02-18 11:39:33.127657834 +0100 @@ -1,0 +2,6 @@ +Fri Feb 16 14:05:39 UTC 2018 - mvet...@suse.com + +- bsc#1046077: Add tiff-4.0.9-bsc1046077-CVE-2017-9935.patch + Fix Heap-based buffer overflow in t2p_write_pdf + +--- New: tiff-4.0.9-bsc1046077-CVE-2017-9935.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.1NNRun/_old 2018-02-18 11:39:35.127586043 +0100 +++ /var/tmp/diff_new_pack.1NNRun/_new 2018-02-18 11:39:35.131585900 +0100 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,6 +29,8 @@ Patch0: tiff-4.0.3-seek.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch1: tiff-4.0.3-compress-warning.patch +# Contained in upstream repo. See bsc#1046077 for commit IDs. +Patch2: tiff-4.0.9-bsc1046077-CVE-2017-9935.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -92,6 +94,7 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.9-bsc1046077-CVE-2017-9935.patch ++ >From 3dd8f6a357981a4090f126ab9025056c938b6940 Mon Sep 17 00:00:00 2001 From: Brian MayDate: Thu, 7 Dec 2017 07:46:47 +1100 Subject: [PATCH] tiff2pdf: Fix CVE-2017-9935 Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704 This vulnerability - at least for the supplied test case - is because we assume that a tiff will only have one transfer function that is the same for all pages. This is not required by the TIFF standards. We than read the transfer function for every page. Depending on the transfer function, we allocate either 2 or 4 bytes to the XREF buffer. We allocate this memory after we read in the transfer function for the page. For the first exploit - POC1, this file has 3 pages. For the first page we allocate 2 extra extra XREF entries. Then for the next page 2 more entries. Then for the last page the transfer function changes and we allocate 4 more entries. When we read the file into memory, we assume we have 4 bytes extra for each and every page (as per the last transfer function we read). Which is not correct, we only have 2 bytes extra for the first 2 pages. As a result, we end up writing past the end of the buffer. There are also some related issues that this also fixes. For example, TIFFGetField can return uninitalized pointer values, and the logic to detect a N=3 vs N=1 transfer function seemed rather strange. It is also strange that we declare the transfer functions to be of type float, when the standard says they are unsigned 16 bit values. This is fixed in another patch. This patch will check to ensure that the N value for every transfer function is the same for every page. If this changes, we abort with an error. In theory, we should perhaps check that the transfer function itself is identical for every page, however we don't do that due to the confusion of the type of the data in the transfer function. --- libtiff/tif_dir.c | 3 +++ tools/tiff2pdf.c | 65 - 2 files changed, 47 insertions(+), 21 deletions(-) >From d4f213636b6f950498a1386083199bd7f65676b9 Mon Sep 17 00:00:00 2001 From: Brian May Date: Thu, 7 Dec 2017 07:49:20 +1100 Subject: [PATCH] tiff2pdf: Fix apparent incorrect type for transfer table The standard says the transfer table contains unsigned 16 bit values, I have no idea why we refer to them as floats. --- tools/tiff2pdf.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c index 2ccaf44..cbf2b69 100644 --- a/libtiff/tif_dir.c +++ b/libtiff/tif_dir.c @@ -1065,6 +1065,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap) if (td->td_samplesperpixel - td->td_extrasamples > 1) { *va_arg(ap, uint16**) = td->td_transferfunction[1]; *va_arg(ap, uint16**) =
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2018-01-02 16:31:45 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Tue Jan 2 16:31:45 2018 rev:69 rq:559098 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2017-12-15 13:59:24.573925116 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2018-01-02 16:31:49.579728714 +0100 @@ -1,0 +2,9 @@ +Thu Dec 21 13:03:18 UTC 2017 - dims...@opensuse.org + +- Fix check section: + + Make sure to get back to the right directory after chdir to +'tools', or we can't run the 2nd test suite. + + Fix typo: the tests are located in a directory called 'test', +not 'tests'. + +--- Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.emAjeE/_old 2018-01-02 16:31:51.343140676 +0100 +++ /var/tmp/diff_new_pack.emAjeE/_new 2018-01-02 16:31:51.343140676 +0100 @@ -114,8 +114,8 @@ find html -name "Makefile*" | xargs rm %check -for i in tools tests; do - cd $i && make %{?_smp_mflags} check +for i in tools test; do + (cd $i && make %{?_smp_mflags} check) done %post -n libtiff5 -p /sbin/ldconfig
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2017-12-15 13:59:20 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Fri Dec 15 13:59:20 2017 rev:68 rq:556376 version:4.0.9 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2017-06-28 10:34:12.601002336 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2017-12-15 13:59:24.573925116 +0100 @@ -1,0 +2,267 @@ +Wed Nov 29 09:08:42 UTC 2017 - fst...@suse.com + +- Upgrade to upstream release 4.0.9 + * Changes in the software configuration: ++ test/Makefile.am: Add some tests for tiff2bw. ++ .appveyor.yml, .travis.yml, build/travis-ci: apply patches + 0001-ci-Travis-script-improvements.patch and + 0002-ci-Invoke-helper-script-via-shell.patch by Roger Leigh ++ .travis.yml, build/travis-ci: new files from + 0001-ci-Add-Travis-support-for-Linux-builds-with-Autoconf.patch + by Roger Leigh. This patch adds support for the Travis-CI + service. ++ .appveyor.yml: new file from + 0002-ci-Add-AppVeyor-support.patch by Roger Leigh (sent to + mailing list on 2017-06-08) This patch adds a .appveyor.yml + file to the top-level. This allows one to opt in to having a + branch built on Windows with Cygwin, MinGW and MSVC + automatically when a branch is pushed to GitHub, GitLab, + BitBucket or any other supported git hosting service. ++ CMakeLists.txt, test/CMakeLists.txt, + test/TiffTestCommon.cmake: apply patch + 0001-cmake-Improve-Cygwin-and-MingGW-test-support.patch from + Roger Leigh. This patch makes the CMake build system support + running the tests with MinGW or Cygwin. ++ test/tiffcp-lzw-compat.sh, test/images/quad-lzw-compat.tiff: + new files to test old-style LZW decompression ++ test/common.sh, Makefile.am, CMakeList.txt: updated with above ++ test/Makefile.am: add missing reference to + images/quad-lzw-compat.tiff to fix "make distcheck". Patch by + Roger Leigh ++ nmake.opt: support a DEBUG=1 option, so as to adjust OPTFLAGS + and use /MDd runtime in debug mode. + * Changes in libtiff: ++ libtiff/tif_color.c: TIFFYCbCrToRGBInit(): stricter clamping + to avoid int32 overflow in TIFFYCbCrtoRGB(). Fixes + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1844 ++ libtiff/tif_getimage.c: initYCbCrConversion(): stricter + validation for refBlackWhite coefficients values. To avoid + invalid float->int32 conversion (when refBlackWhite[0] == + 2147483648.f) Fixes + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1907 ++ libtiff/tif_dirinfo.c, tif_dirread.c: add + _TIFFCheckFieldIsValidForCodec(), and use it in + TIFFReadDirectory() so as to ignore fields whose tag is a + codec-specified tag but this codec is not enabled. This avoids + TIFFGetField() to behave differently depending on whether the + codec is enabled or not, and thus can avoid stack based buffer + overflows in a number of TIFF utilities such as tiffsplit, + tiffcmp, thumbnail, etc. Patch derived from + 0063-Handle-properly-CODEC-specific-tags.patch + (http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël + Hertzog. + Fixes: http://bugzilla.maptools.org/show_bug.cgi?id=2580 + http://bugzilla.maptools.org/show_bug.cgi?id=2693 + http://bugzilla.maptools.org/show_bug.cgi?id=2625 + (CVE-2016-10095, bsc#1017690) + http://bugzilla.maptools.org/show_bug.cgi?id=2564 + (CVE-2015-7554, bsc#960341) + http://bugzilla.maptools.org/show_bug.cgi?id=2561 + (CVE-2016-5318, bsc#983436) + http://bugzilla.maptools.org/show_bug.cgi?id=2499 + (CVE-2014-8128, bsc#969783) + http://bugzilla.maptools.org/show_bug.cgi?id=2441 + http://bugzilla.maptools.org/show_bug.cgi?id=2433 ++ libtiff/tif_swab.c: if DISABLE_CHECK_TIFFSWABMACROS is + defined, do not do the #ifdef TIFFSwabXXX checks. Make it + easier for GDAL to rename the symbols of its internal libtiff + copy. ++ libtiff/tif_dirread.c: fix regression of libtiff 4.0.8 in + ChopUpSingleUncompressedStrip() regarding update of newly + single-strip uncompressed files whose bytecount is 0. Before + the change of 2016-12-03, the condition bytecount==0 used to + trigger an early exit/disabling of strip chop. Re-introduce + that in update mode. Otherwise this cause later incorrect + setting for the value of StripByCounts/StripOffsets. + (https://trac.osgeo.org/gdal/ticket/6924) ++ libtiff/tif_dirread.c: TIFFFetchStripThing(): limit the + number of items read in StripOffsets/StripByteCounts tags to + the number of strips to
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2017-06-28 10:34:10 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Wed Jun 28 10:34:10 2017 rev:67 rq:505624 version:4.0.8 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2017-04-06 10:59:48.771404523 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2017-06-28 10:34:12.601002336 +0200 @@ -1,0 +2,344 @@ +Tue Jun 20 08:15:57 UTC 2017 - fst...@suse.com + +- Upgrade to upstream relaase 4.0.8 + * libtiff/tif_getimage.c, libtiff/tif_open.c ++ add parenthesis to fix cppcheck clarifyCalculation warnings + * libtiff/tif_predict.c, libtiff/tif_print.c ++ fix printf unsigned vs signed formatting (cppcheck + invalidPrintfArgType_uint warnings) + * libtiff/tif_read.c, libtiff/tiffiop.h ++ fix uint32 overflow in TIFFReadEncodedStrip() that caused an + integer division by zero. Reported by Agostino Sarubbo. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596 + * libtiff/tif_pixarlog.c, libtiff/tif_luv.c ++ fix heap-based buffer overflow on generation of PixarLog / LUV + compressed files, with ColorMap, TransferFunction attached and + nasty plays with bitspersample. The fix for LUV has not been + tested, but suffers from the same kind of issue of PixarLog. + Reported by Agostino Sarubbo. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604 + * libtiff/tif_strip.c ++ revert the change in TIFFNumberOfStrips() done for + http://bugzilla.maptools.org/show_bug.cgi?id=2587 / + CVE-2016-9273 since the above change is a better fix that + makes it unnecessary. + * libtiff/tif_dirread.c ++ modify ChopUpSingleUncompressedStrip() to instanciate compute + ntrips as TIFFhowmany_32(td->td_imagelength, rowsperstrip), + instead of a logic based on the total size of data. Which is + faulty is the total size of data is not sufficient to fill the + whole image, and thus results in reading outside of the + StripByCounts/StripOffsets arrays when using + TIFFReadScanline(). Reported by Agostino Sarubbo. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608. + * libtiff/tif_ojpeg.c ++ make OJPEGDecode() early exit in case of failure in + OJPEGPreDecode(). This will avoid a divide by zero, and + potential other issues. Reported by Agostino Sarubbo. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611 + * libtiff/tif_write.c ++ fix misleading indentation as warned by GCC. + * libtiff/tif_fax3.h ++ revert change done on 2016-01-09 that made Param member of + TIFFFaxTabEnt structure a uint16 to reduce size of the + binary. It happens that the Hylafax software uses the tables + that follow this typedef (TIFFFaxMainTable, TIFFFaxWhiteTable, + TIFFFaxBlackTable), although they are not in a public libtiff + header. Raised by Lee Howard. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2636 + * libtiff/tiffio.h, libtiff/tif_getimage.c ++ add TIFFReadRGBAStripExt() and TIFFReadRGBATileExt() variants + of the functions without ext, with an extra argument to control + the stop_on_error behaviour. + * libtiff/tif_getimage.c ++ fix potential memory leaks in error code path of + TIFFRGBAImageBegin(). + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2627 + * libtiff/tif_jpeg.c ++ increase libjpeg max memory usable to 10 MB instead of libjpeg + 1MB default. This helps when creating files with "big" tile, + without using libjpeg temporary files. + Related to https://trac.osgeo.org/gdal/ticket/6757 + * libtiff/tif_jpeg.c ++ avoid integer division by zero in JPEGSetupEncode() when + horizontal or vertical sampling is set to 0. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2653, + bsc#1033127, CVE-2017-7595 + * libtiff/tif_dirwrite.c ++ in TIFFWriteDirectoryTagCheckedRational, replace assertion by + runtime check to error out if passed value is strictly + negative. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2535, + bsc#1038438, CVE-2016-10371 + * libtiff/tif_dirread.c ++ avoid division by floating point 0 in + TIFFReadDirEntryCheckedRational() and + TIFFReadDirEntryCheckedSrational(), and return 0 in that case + (instead of infinity as before presumably) Apparently some + sanitizers do not like those divisions by zero. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2644, + bsc#1033118, CVE-2017-7598 + * libtiff/tif_dir.c, tif_dirread.c, tif_dirwrite.c ++ implement various clampings of double to other data types to + avoid undefined behaviour if
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2017-04-06 10:59:47 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Thu Apr 6 10:59:47 2017 rev:66 rq:483282 version:4.0.7 Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2017-02-08 10:44:45.411249240 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2017-04-06 10:59:48.771404523 +0200 @@ -1,0 +2,37 @@ +Wed Mar 29 07:55:02 UTC 2017 - fst...@suse.com + +- Added patches: + * tiff-CVE-2016-10266.patch ++ Upstream fix for CVE-2016-10266, LibTIFF 4.0.7 allows remote + attackers to cause a denial of service (divide-by-zero error + and application crash) via a crafted TIFF image (bsc#1031263) + * tiff-CVE-2016-10267.patch ++ Upstream fix for CVE-2016-10267, LibTIFF 4.0.7 allows remote + attackers to cause a denial of service (divide-by-zero error + and application crash) via a crafted TIFF image (bsc#1031262) + * tiff-CVE-2016-10268.patch ++ Upstream fix for CVE-2016-10268, LibTIFF 4.0.7 allows remote + attackers to cause a denial of service (divide-by-zero error + and application crash) via a crafted TIFF image (bsc#1031255) + * tiff-CVE-2016-10269.patch ++ Upstream fix for CVE-2016-10269, LibTIFF 4.0.7 allows remote + attackers to cause a denial of service (heap-based buffer + over-read) or possibly have unspecified other impact via a + crafted TIFF image (bsc#1031254) + * tiff-CVE-2016-10270.patch ++ Upstream fix for CVE-2016-10270, LibTIFF 4.0.7 allows remote + attackers to cause a denial of service (heap-based buffer + over-read) or possibly have unspecified other impact via a + crafted TIFF image (bsc#1031250) + * tiff-CVE-2016-10271.patch ++ Upstream fix for CVE-2016-10271, LibTIFF 4.0.7 allows remote + attackers to cause a denial of service (heap-based buffer + over-read and buffer overflow) or possibly have unspecified + other impact via a crafted TIFF image (bsc#1031249) + * tiff-CVE-2016-10272.patch ++ Upstream fix for CVE-2016-10272, LibTIFF 4.0.7 allows remote + attackers to cause a denial of service (heap-based buffer + overflow) or possibly have unspecified other impact via a + crafted TIFF image (bsc#1031247) + +--- New: tiff-CVE-2016-10266.patch tiff-CVE-2016-10267.patch tiff-CVE-2016-10268.patch tiff-CVE-2016-10269.patch tiff-CVE-2016-10270.patch tiff-CVE-2016-10271.patch tiff-CVE-2016-10272.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.Y0JsFC/_old 2017-04-06 10:59:49.627283558 +0200 +++ /var/tmp/diff_new_pack.Y0JsFC/_new 2017-04-06 10:59:49.627283558 +0200 @@ -38,6 +38,14 @@ # bsc#1022103 Patch5: tiff-4.0.7-TIFFTAG_FAXRECVPARAMS.patch +Patch6: tiff-CVE-2016-10266.patch +Patch7: tiff-CVE-2016-10267.patch +Patch8: tiff-CVE-2016-10268.patch +Patch9: tiff-CVE-2016-10269.patch +Patch10:tiff-CVE-2016-10270.patch +Patch11:tiff-CVE-2016-10271.patch +Patch12:tiff-CVE-2016-10272.patch + BuildRequires: gcc-c++ BuildRequires: libjpeg-devel BuildRequires: libtool @@ -103,6 +111,13 @@ %patch3 %patch4 -p1 %patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-CVE-2016-10266.patch ++ --- a/libtiff/tif_read.c +++ b/libtiff/tif_read.c @@ -346,7 +346,7 @@ TIFFReadEncodedStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size) rowsperstrip=td->td_rowsperstrip; if (rowsperstrip>td->td_imagelength) rowsperstrip=td->td_imagelength; - stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip); + stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip); stripinplane=(strip%stripsperplane); plane=(uint16)(strip/stripsperplane); rows=td->td_imagelength-stripinplane*rowsperstrip; --- a/libtiff/tiffiop.h +++ b/libtiff/tiffiop.h @@ -250,6 +250,10 @@ struct tiff { #define TIFFhowmany_32(x, y) (((uint32)x < (0x - (uint32)(y-1))) ? \ uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \ 0U) +/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */ +/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */ +#define TIFFhowmany_32_maxuint_compat(x, y) \ + (((uint32)(x) / (uint32)(y)) + uint32)(x) % (uint32)(y)) != 0) ? 1 : 0))
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2017-02-08 10:44:44 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2017-01-18 21:29:07.168245821 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2017-02-08 10:44:45.411249240 +0100 @@ -1,0 +2,8 @@ +Thu Feb 2 13:40:16 UTC 2017 - fst...@suse.com + +- Added patch: + * tiff-4.0.7-TIFFTAG_FAXRECVPARAMS.patch +- Fix a regression introduced in 4.0.7 (bsc#1022103) +- http://bugzilla.maptools.org/show_bug.cgi?id=2636 + +--- New: tiff-4.0.7-TIFFTAG_FAXRECVPARAMS.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.7uQpme/_old 2017-02-08 10:44:46.007166205 +0100 +++ /var/tmp/diff_new_pack.7uQpme/_new 2017-02-08 10:44:46.011165648 +0100 @@ -34,6 +34,9 @@ # http://bugzilla.maptools.org/show_bug.cgi?id=2656 and # http://bugzilla.maptools.org/show_bug.cgi?id=2657 Patch4: tiff-4.0.7-CVE-2017-5225.patch +# http://http://bugzilla.maptools.org/show_bug.cgi?id=2636 +# bsc#1022103 +Patch5: tiff-4.0.7-TIFFTAG_FAXRECVPARAMS.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -99,6 +102,7 @@ %patch1 -p1 %patch3 %patch4 -p1 +%patch5 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.7-TIFFTAG_FAXRECVPARAMS.patch ++ --- a/libtiff/tif_fax3.h +++ b/libtiff/tif_fax3.h @@ -81,10 +81,12 @@ extern void _TIFFFax3fillruns(unsigned char*, uint32*, uint32*, uint32); #define S_MakeUp 11 #define S_EOL 12 +/* WARNING: do not change the layout of this structure as the Halyfax software */ +/* really depends on it. See http://bugzilla.maptools.org/show_bug.cgi?id=2636 */ typedef struct {/* state table entry */ unsigned char State;/* see above */ unsigned char Width;/* width of code in bits */ - uint16 Param; /* unsigned 16-bit run length in bits */ + uint32 Param; /* unsigned 32-bit run length in bits (holds on 16 bit actually, but cannot be changed. See above warning) */ } TIFFFaxTabEnt; extern const TIFFFaxTabEnt TIFFFaxMainTable[];
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2017-01-18 21:29:04 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2016-12-26 21:42:06.751542974 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2017-01-18 21:29:07.168245821 +0100 @@ -1,0 +2,8 @@ +Fri Jan 13 10:03:25 UTC 2017 - fst...@suse.com + +- Added patch: + * tiff-4.0.7-CVE-2017-5225.patch +- Upstream fix for CVE-2017-5225, bsc#1019611: heap buffer + overflow in tools/tiffcp via a crafted BitsPerSample value + +--- New: tiff-4.0.7-CVE-2017-5225.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.OOm5Or/_old 2017-01-18 21:29:07.836151364 +0100 +++ /var/tmp/diff_new_pack.OOm5Or/_new 2017-01-18 21:29:07.836151364 +0100 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,6 +31,9 @@ Patch1: tiff-4.0.3-compress-warning.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2508 Patch3: tiff-4.0.7-CVE-2015-7554.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2656 and +# http://bugzilla.maptools.org/show_bug.cgi?id=2657 +Patch4: tiff-4.0.7-CVE-2017-5225.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -95,6 +98,7 @@ %patch0 -p1 %patch1 -p1 %patch3 +%patch4 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.7-CVE-2017-5225.patch ++ --- tiff-4.0.7/tools/tiffcp.c 2016-10-12 03:45:17.405273596 +0200 +++ tiff-4.0.7/tools/tiffcp.c 2017-01-13 10:56:23.389485957 +0100 @@ -592,7 +592,7 @@ static int tiffcp(TIFF* in, TIFF* out) { - uint16 bitspersample, samplesperpixel = 1; + uint16 bitspersample = 1, samplesperpixel = 1; uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK; copyFunc cf; uint32 width, length; @@ -1068,6 +1068,16 @@ register uint32 n; uint32 row; tsample_t s; + uint16 bps = 0; + + (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, ); + if( bps != 8 ) + { + TIFFError(TIFFFileName(in), + "Error, can only handle BitsPerSample=8 in %s", + "cpContig2SeparateByRow"); + return 0; + } inbuf = _TIFFmalloc(scanlinesizein); outbuf = _TIFFmalloc(scanlinesizeout); @@ -1121,6 +1131,16 @@ register uint32 n; uint32 row; tsample_t s; + uint16 bps = 0; + + (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, ); + if( bps != 8 ) + { + TIFFError(TIFFFileName(in), + "Error, can only handle BitsPerSample=8 in %s", + "cpSeparate2ContigByRow"); + return 0; + } inbuf = _TIFFmalloc(scanlinesizein); outbuf = _TIFFmalloc(scanlinesizeout); @@ -1763,7 +1783,7 @@ uint32 w, l, tw, tl; int bychunk; - (void) TIFFGetField(in, TIFFTAG_PLANARCONFIG, ); + (void) TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, ); if (shortv != config && bitspersample != 8 && samplesperpixel > 1) { fprintf(stderr, "%s: Cannot handle different planar configuration w/ bits/sample != 8\n",
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2016-12-02 16:37:11 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2016-10-14 03:37:23.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2016-12-02 16:37:12.0 +0100 @@ -1,0 +2,245 @@ +Tue Nov 29 08:45:11 UTC 2016 - fst...@suse.com + +- Upgrade to upstream release 4.0.7 + * libtiff/tif_aux.c ++ Fix crash in TIFFVGetFieldDefaulted() when requesting + Predictor tag and that the zip/lzw codec is not configured. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2591 + * libtiff/tif_compress.c ++ Make TIFFNoDecode() return 0 to indicate an error and make + upper level read routines treat it accordingly. (linked to the + test case of http://bugzilla.maptools.org/show_bug.cgi?id=2517) + * libtiff/tif_dir.c ++ Discard values of SMinSampleValue and SMaxSampleValue when + they have been read and the value of SamplesPerPixel is + changed afterwards (like when reading a OJPEG compressed image + with a missing SamplesPerPixel tag, and whose photometric is + RGB or YCbCr, forcing SamplesPerPixel being 3). Otherwise when + rewriting the directory (for example with tiffset, we will + expect 3 values whereas the array had been allocated with just + one), thus causing a out of bound read access. Fixes + http://bugzilla.maptools.org/show_bug.cgi?id=2500 + (CVE-2014-8127, bsc#914890, duplicate: CVE-2016-3658, bsc#974840) + * libtiff/tif_dirread.c ++ In TIFFFetchNormalTag(), do not dereference NULL pointer when + values of tags with TIFF_SETGET_C16_ASCII/TIFF_SETGET_C32_ASCII + access are 0-byte arrays. Fixes + http://bugzilla.maptools.org/show_bug.cgi?id=2593 (regression + introduced by previous fix done on 2016-11-11 for + CVE-2016-9297, bsc#1010161). Assigned as CVE-2016-9448, + bsc#1011103 ++ In TIFFFetchNormalTag(), make sure that values of tags with + TIFF_SETGET_C16_ASCII/TIFF_SETGET_C32_ASCII access are null + terminated, to avoid potential read outside buffer in + _TIFFPrintField(). Fixes + http://bugzilla.maptools.org/show_bug.cgi?id=2590 + (CVE-2016-9297, bsc#1010161) ++ Initialize doubledata at line 3693 to NULL to please MSVC 2013 ++ Prevent reading ColorMap or TransferFunction if + BitsPerPixel > 24, so as to avoid huge memory allocation and + file read attempts ++ Reject images with OJPEG compression that have no + TileOffsets/StripOffsets tag, when OJPEG compression is + disabled. Prevent null pointer dereference in + TIFFReadRawStrip1() and other functions that expect + td_stripbytecount to be non NULL. Fixes + http://bugzilla.maptools.org/show_bug.cgi?id=2585 ++ When compiled with DEFER_STRILE_LOAD, fix regression, when + reading a one-strip file without a StripByteCounts tag. ++ Workaround false positive warning of Clang Static Analyzer + about null pointer dereference in TIFFCheckDirOffset(). + * libtiff/tif_dirwrite.c ++ Avoid null pointer dereference on td_stripoffset when writing + directory, if FIELD_STRIPOFFSETS was artificially set for a + hack case in OJPEG case. Fixes + http://bugzilla.maptools.org/show_bug.cgi?id=2500 + (CVE-2014-8127, bsc#914890, duplicate: CVE-2016-3658, + bsc#974840) ++ Fix truncation to 32 bit of file offsets in TIFFLinkDirectory() + and TIFFWriteDirectorySec() when aligning directory offsets on + an even offset (affects BigTIFF). + * libtiff/tif_dumpmode.c ++ DumpModeEncode() should return 0 in case of failure so that + the above mentionned functions detect the error. + * libtiff/tif_fax3.c ++ remove dead assignment in Fax3PutEOLgdal(). + * libtiff/tif_fax3.h ++ make Param member of TIFFFaxTabEnt structure a uint16 to + reduce size of the binary. + * libtiff/tif_getimage.c ++ Fix out-of-bound reads in TIFFRGBAImage interface in case of + unsupported values of SamplesPerPixel/ExtraSamples for + LogLUV/CIELab. Add explicit call to TIFFRGBAImageOK() in + TIFFRGBAImageBegin(). Fix CVE-2015-8665 and CVE-2015-8683. ++ Fix some benign warnings which appear in 64-bit compilation + under Microsoft Visual Studio of the form "Arithmetic + overflow: 32-bit value is shifted, then cast to 64-bit value. + Results might not be an expected value." ++ TIFFRGBAImageOK: Reject attempts to read floating point images. + * libtiff/tif_luv.c ++ Fix potential out-of-bound writes in decode functions in non + debug builds by replacing assert()s by regular
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2016-10-14 03:37:22 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2016-09-05 21:17:03.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2016-10-14 03:37:23.0 +0200 @@ -1,0 +2,11 @@ +Thu Oct 6 07:47:19 UTC 2016 - fst...@suse.com + +- Added patches: + * tiff-4.0.6-tools-tiffcrop.c-fix-various-out-of-bounds-write-vul.patch +- Upstream fixes for MSVR 35093, MSVR 35094, MSVR 35095, + MSVR 35096, MSVR 35097, MSVR 35098. + * tiff-4.0.6-libtiff-tif_getimage.c-TIFFRGBAImageOK-Reject-attemp.patch +- Enforce bits-per-sample requirements of floating point + predictor. Fixes CVE-2016-3622 [bsc#974449] + +--- New: tiff-4.0.6-libtiff-tif_getimage.c-TIFFRGBAImageOK-Reject-attemp.patch tiff-4.0.6-tools-tiffcrop.c-fix-various-out-of-bounds-write-vul.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.rKSpxg/_old 2016-10-14 03:37:26.0 +0200 +++ /var/tmp/diff_new_pack.rKSpxg/_new 2016-10-14 03:37:26.0 +0200 @@ -46,6 +46,9 @@ Patch10:tiff-4.0.6-CVE-2016-3945.patch Patch11:tiff-4.0.6-CVE-2016-3990.patch Patch12:tiff-4.0.6-CVE-2016-3991.patch +# +Patch13: tiff-4.0.6-tools-tiffcrop.c-fix-various-out-of-bounds-write-vul.patch +Patch14: tiff-4.0.6-libtiff-tif_getimage.c-TIFFRGBAImageOK-Reject-attemp.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -120,6 +123,8 @@ %patch10 -p1 %patch11 -p1 %patch12 -p1 +%patch13 -p1 +%patch14 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.6-libtiff-tif_getimage.c-TIFFRGBAImageOK-Reject-attemp.patch ++ --- tiff-4.0.6/libtiff/tif_getimage.c 2015-08-29 00:16:22.517401728 +0200 +++ tiff-4.0.6/libtiff/tif_getimage.c 2016-10-06 09:42:41.204607032 +0200 @@ -95,6 +95,10 @@ td->td_bitspersample); return (0); } +if (td->td_sampleformat == SAMPLEFORMAT_IEEEFP) { +sprintf(emsg, "Sorry, can not handle images with IEEE floating-point samples"); +return (0); +} colorchannels = td->td_samplesperpixel - td->td_extrasamples; if (!TIFFGetField(tif, TIFFTAG_PHOTOMETRIC, )) { switch (colorchannels) { --- tiff-4.0.6/libtiff/tif_predict.c2015-09-01 04:39:39.547152871 +0200 +++ tiff-4.0.6/libtiff/tif_predict.c2016-10-06 09:42:41.204607032 +0200 @@ -80,6 +80,15 @@ td->td_sampleformat); return 0; } +if (td->td_bitspersample != 16 +&& td->td_bitspersample != 24 +&& td->td_bitspersample != 32 +&& td->td_bitspersample != 64) { /* Should 64 be allowed? */ +TIFFErrorExt(tif->tif_clientdata, module, + "Floating point \"Predictor\" not supported with %d-bit samples", + td->td_bitspersample); + return 0; +} break; default: TIFFErrorExt(tif->tif_clientdata, module, ++ tiff-4.0.6-tools-tiffcrop.c-fix-various-out-of-bounds-write-vul.patch ++ --- tiff-4.0.6/libtiff/tif_pixarlog.c 2015-08-29 00:16:22.630733284 +0200 +++ tiff-4.0.6/libtiff/tif_pixarlog.c 2016-10-06 09:33:52.616248149 +0200 @@ -973,17 +973,14 @@ a1 = (int32) CLAMP(ip[3]); wp[3] = (a1-a2) & mask; a2 = a1; } } else { - ip += n - 1;/* point to last one */ - wp += n - 1;/* point to last one */ +REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]); wp++; ip++) n -= stride; while (n > 0) { - REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]); - wp[stride] -= wp[0]; - wp[stride] &= mask; - wp--; ip--) +REPEAT(stride, +wp[0] = (uint16)(((int32)CLAMP(ip[0])-(int32)CLAMP(ip[-stride])) & mask); +wp++; ip++) n -= stride; } - REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]); wp--; ip--) } } } @@ -1026,17 +1023,14 @@ a1 = CLAMP(ip[3]); wp[3] = (a1-a2) & mask; a2
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2016-09-05 21:16:55 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2016-07-18 21:23:00.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2016-09-05 21:17:03.0 +0200 @@ -1,0 +2,12 @@ +Thu Sep 1 14:35:57 UTC 2016 - fst...@suse.com + +- Added patches: + * tiff-4.0.6-CVE-2016-3623.patch + * tiff-4.0.6-CVE-2016-3945.patch + * tiff-4.0.6-CVE-2016-3990.patch + * tiff-4.0.6-CVE-2016-3991.patch +- Upstream commits to fix CVE-2016-3623 [bsc#974618], + CVE-2016-3945 [bsc#974614], CVE-2016-3990 [bsc#975069], + CVE-2016-3991 [bsc#975070] + +--- New: tiff-4.0.6-CVE-2016-3623.patch tiff-4.0.6-CVE-2016-3945.patch tiff-4.0.6-CVE-2016-3990.patch tiff-4.0.6-CVE-2016-3991.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.Wjy1cP/_old 2016-09-05 21:17:05.0 +0200 +++ /var/tmp/diff_new_pack.Wjy1cP/_new 2016-09-05 21:17:05.0 +0200 @@ -41,6 +41,11 @@ Patch6: tiff-4.0.6-libtiff-tif_luv.c-validate-that-for-COMPRESSION_SGIL.patch Patch7: tiff-4.0.6-libtiff-tif_pixarlog.c-fix-potential-buffer-write-ov.patch Patch8: tiff-4.0.6-libtiff-tif_read.c-make-TIFFReadEncodedStrip-and.patch +# +Patch9: tiff-4.0.6-CVE-2016-3623.patch +Patch10:tiff-4.0.6-CVE-2016-3945.patch +Patch11:tiff-4.0.6-CVE-2016-3990.patch +Patch12:tiff-4.0.6-CVE-2016-3991.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -111,6 +116,10 @@ %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.6-CVE-2016-3623.patch ++ --- tiff-4.0.6/tools/rgb2ycbcr.c2015-08-29 00:17:08.195093258 +0200 +++ tiff-4.0.6/tools/rgb2ycbcr.c2016-09-01 16:23:31.472089246 +0200 @@ -95,9 +95,13 @@ break; case 'h': horizSubSampling = atoi(optarg); +if( horizSubSampling != 1 && horizSubSampling != 2 && horizSubSampling != 4 ) +usage(-1); break; case 'v': vertSubSampling = atoi(optarg); +if( vertSubSampling != 1 && vertSubSampling != 2 && vertSubSampling != 4 ) +usage(-1); break; case 'r': rowsperstrip = atoi(optarg); ++ tiff-4.0.6-CVE-2016-3945.patch ++ --- tiff-4.0.6/tools/tiff2rgba.c2015-08-29 00:17:08.259977702 +0200 +++ tiff-4.0.6/tools/tiff2rgba.c2016-09-01 16:05:40.451318911 +0200 @@ -147,6 +147,7 @@ uint32 row, col; uint32 *wrk_line; intok = 1; +uint32 rastersize, wrk_linesize; TIFFGetField(in, TIFFTAG_IMAGEWIDTH, ); TIFFGetField(in, TIFFTAG_IMAGELENGTH, ); @@ -163,7 +164,13 @@ /* * Allocate tile buffer */ -raster = (uint32*)_TIFFmalloc(tile_width * tile_height * sizeof (uint32)); +rastersize = tile_width * tile_height * sizeof (uint32); +if (tile_width != (rastersize / tile_height) / sizeof( uint32)) +{ + TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer"); + exit(-1); +} +raster = (uint32*)_TIFFmalloc(rastersize); if (raster == 0) { TIFFError(TIFFFileName(in), "No space for raster buffer"); return (0); @@ -173,7 +180,13 @@ * Allocate a scanline buffer for swapping during the vertical * mirroring pass. */ -wrk_line = (uint32*)_TIFFmalloc(tile_width * sizeof (uint32)); +wrk_linesize = tile_width * sizeof (uint32); +if (tile_width != wrk_linesize / sizeof (uint32)) +{ +TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer"); + exit(-1); +} +wrk_line = (uint32*)_TIFFmalloc(wrk_linesize); if (!wrk_line) { TIFFError(TIFFFileName(in), "No space for raster scanline buffer"); ok = 0; @@ -249,6 +262,7 @@ uint32 row; uint32 *wrk_line; intok = 1; +uint32 rastersize, wrk_linesize; TIFFGetField(in, TIFFTAG_IMAGEWIDTH, ); TIFFGetField(in, TIFFTAG_IMAGELENGTH, ); @@ -263,7 +277,13 @@ /* * Allocate strip buffer */ -raster = (uint32*)_TIFFmalloc(width * rowsperstrip * sizeof (uint32)); +rastersize = width * rowsperstrip * sizeof (uint32); +if (width != (rastersize /
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2016-07-18 21:22:59 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2016-04-12 18:57:30.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2016-07-18 21:23:00.0 +0200 @@ -1,0 +2,11 @@ +Tue Jul 12 09:20:56 UTC 2016 - fst...@suse.com + +- Added patches: + * tiff-4.0.6-libtiff-tif_luv.c-validate-that-for-COMPRESSION_SGIL.patch + * tiff-4.0.6-libtiff-tif_pixarlog.c-fix-potential-buffer-write-ov.patch + * tiff-4.0.6-libtiff-tif_read.c-make-TIFFReadEncodedStrip-and.patch +- Upstream commits to fix CVE-2016-5314 [bsc#984831], + CVE-2016-5316 [bsc#984837], CVE-2016-5317 [bsc#984842], + CVE-2016-5320 [bsc#984808] and CVE-2016-5875 [bsc#987351] + +--- New: tiff-4.0.6-libtiff-tif_luv.c-validate-that-for-COMPRESSION_SGIL.patch tiff-4.0.6-libtiff-tif_pixarlog.c-fix-potential-buffer-write-ov.patch tiff-4.0.6-libtiff-tif_read.c-make-TIFFReadEncodedStrip-and.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.6nHO8k/_old 2016-07-18 21:23:01.0 +0200 +++ /var/tmp/diff_new_pack.6nHO8k/_new 2016-07-18 21:23:01.0 +0200 @@ -37,6 +37,11 @@ Patch4: tiff-4.0.6-CVE-2015-8782.patch # Patch5: tiff-4.0.6-CVE-2016-3186.patch +# +Patch6: tiff-4.0.6-libtiff-tif_luv.c-validate-that-for-COMPRESSION_SGIL.patch +Patch7: tiff-4.0.6-libtiff-tif_pixarlog.c-fix-potential-buffer-write-ov.patch +Patch8: tiff-4.0.6-libtiff-tif_read.c-make-TIFFReadEncodedStrip-and.patch + BuildRequires: gcc-c++ BuildRequires: libjpeg-devel BuildRequires: libtool @@ -103,6 +108,9 @@ %patch3 %patch4 -p1 %patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.6-libtiff-tif_luv.c-validate-that-for-COMPRESSION_SGIL.patch ++ --- tiff-4.0.6/libtiff/tif_luv.c2015-08-29 00:16:22.554966897 +0200 +++ tiff-4.0.6/libtiff/tif_luv.c2016-07-12 10:15:05.008194511 +0200 @@ -1243,6 +1243,14 @@ assert(sp != NULL); assert(td->td_photometric == PHOTOMETRIC_LOGL); + if( td->td_samplesperpixel != 1 ) + { + TIFFErrorExt(tif->tif_clientdata, module, +"Sorry, can not handle LogL image with %s=%d", +"Samples/pixel", td->td_samplesperpixel); + return 0; + } + /* for some reason, we can't do this in TIFFInitLogL16 */ if (sp->user_datafmt == SGILOGDATAFMT_UNKNOWN) sp->user_datafmt = LogL16GuessDataFmt(td); ++ tiff-4.0.6-libtiff-tif_pixarlog.c-fix-potential-buffer-write-ov.patch ++ --- tiff-4.0.6/libtiff/tif_pixarlog.c 2015-08-29 00:16:22.630733284 +0200 +++ tiff-4.0.6/libtiff/tif_pixarlog.c 2016-07-12 10:11:52.59447 +0200 @@ -457,6 +457,7 @@ typedefstruct { TIFFPredictorState predict; z_streamstream; + tmsize_ttbuf_size; /* only set/used on reading for now */ uint16 *tbuf; uint16 stride; int state; @@ -692,6 +693,7 @@ sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size); if (sp->tbuf == NULL) return (0); + sp->tbuf_size = tbuf_size; if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) sp->user_datafmt = PixarLogGuessDataFmt(td); if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) { @@ -781,6 +783,12 @@ TIFFErrorExt(tif->tif_clientdata, module, "ZLib cannot deal with buffers this size"); return (0); } + /* Check that we will not fill more than what was allocated */ + if ((tmsize_t)sp->stream.avail_out > sp->tbuf_size) + { + TIFFErrorExt(tif->tif_clientdata, module, "sp->stream.avail_out > sp->tbuf_size"); + return (0); + } do { int state = inflate(>stream, Z_PARTIAL_FLUSH); if (state == Z_STREAM_END) { ++ tiff-4.0.6-libtiff-tif_read.c-make-TIFFReadEncodedStrip-and.patch ++ --- tiff-4.0.6/libtiff/tif_read.c 2015-08-29 00:16:22.656727936 +0200 +++ tiff-4.0.6/libtiff/tif_read.c 2016-07-12 10:16:48.693897925 +0200 @@ -38,6 +38,8 @@ static int TIFFCheckRead(TIFF*, int); static tmsize_t TIFFReadRawStrip1(TIFF* tif, uint32 strip, void* buf, tmsize_t size,const char* module); +static tmsize_t +TIFFReadRawTile1(TIFF*
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2016-04-12 18:57:29 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2016-02-03 10:19:03.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2016-04-12 18:57:30.0 +0200 @@ -1,0 +2,7 @@ +Wed Apr 6 13:56:19 UTC 2016 - fst...@suse.com + +- Added patch: + * tiff-4.0.6-CVE-2016-3186.patch +- fix CVE-2016-3186: buffer overflow in gif2tiff [bsc#973340] + +--- New: tiff-4.0.6-CVE-2016-3186.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.Ok3itQ/_old 2016-04-12 18:57:31.0 +0200 +++ /var/tmp/diff_new_pack.Ok3itQ/_new 2016-04-12 18:57:31.0 +0200 @@ -35,6 +35,8 @@ Patch3: tiff-4.0.6-CVE-2015-7554.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2522 Patch4: tiff-4.0.6-CVE-2015-8782.patch +# +Patch5: tiff-4.0.6-CVE-2016-3186.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel BuildRequires: libtool @@ -100,6 +102,7 @@ %patch2 %patch3 %patch4 -p1 +%patch5 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.6-CVE-2016-3186.patch ++ --- tiff-4.0.6/tools/gif2tiff.c 2016-04-06 15:43:01.586048341 +0200 +++ tiff-4.0.6/tools/gif2tiff.c 2016-04-06 15:48:05.523207710 +0200 @@ -349,7 +349,7 @@ int status = 1; (void) getc(infile); -while ((count = getc(infile)) && count <= 255) +while ((count = getc(infile)) && count > 0 && count <= 255) if (fread(buf, 1, count, infile) != (size_t) count) { fprintf(stderr, "short read from file %s (%s)\n", filename, strerror(errno));
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2016-02-03 10:19:02 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2016-01-15 10:40:30.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2016-02-03 10:19:03.0 +0100 @@ -1,0 +2,16 @@ +Mon Feb 1 08:01:19 UTC 2016 - fst...@suse.com + +- Added patch: + * tiff-4.0.6-CVE-2015-8782.patch +- fix CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds + writes for invalid images (upstream bug #2522) [bsc#964225] + +--- +Wed Jan 13 17:03:31 UTC 2016 - fst...@suse.com + +- Added patch: + * tiff-4.0.6-CVE-2015-7554.patch +- fix CVE-2015-7554: Out-of-bounds Write in the thumbnail and + tiffcmp tools (upsteam bug #2499) [bsc#960341] + +--- @@ -4,3 +20,4 @@ -- add tiff-4.0.4-uninitialized_mem_NeXTDecode.patch to fix - uninitialized memory in NeXTDecode (upstream bug #2508) - [bnc#942690] +- Added patch: + * tiff-4.0.4-uninitialized_mem_NeXTDecode.patch +- fix uninitialized memory in NeXTDecode (upstream bug #2508) + [bsc#942690] New: tiff-4.0.6-CVE-2015-7554.patch tiff-4.0.6-CVE-2015-8782.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.CYtZKK/_old 2016-02-03 10:19:04.0 +0100 +++ /var/tmp/diff_new_pack.CYtZKK/_new 2016-02-03 10:19:04.0 +0100 @@ -31,6 +31,10 @@ Patch1: tiff-4.0.3-compress-warning.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2508 Patch2: tiff-4.0.4-uninitialized_mem_NeXTDecode.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2499 +Patch3: tiff-4.0.6-CVE-2015-7554.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2522 +Patch4: tiff-4.0.6-CVE-2015-8782.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel BuildRequires: libtool @@ -94,6 +98,8 @@ %patch0 -p1 %patch1 -p1 %patch2 +%patch3 +%patch4 -p1 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.6-CVE-2015-7554.patch ++ --- libtiff/tif_dirinfo.c 12 Dec 2015 18:04:26 - 1.124 +++ libtiff/tif_dirinfo.c 12 Jan 2016 15:01:21 - @@ -87,6 +87,7 @@ { TIFFTAG_DATETIME, 20, 20, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "DateTime", NULL }, { TIFFTAG_ARTIST, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "Artist", NULL }, { TIFFTAG_HOSTCOMPUTER, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "HostComputer", NULL }, + { TIFFTAG_PREDICTOR, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UINT16, FIELD_CODEC+0, FALSE, FALSE, "Predictor", NULL }, { TIFFTAG_WHITEPOINT, 2, 2, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "WhitePoint", NULL }, { TIFFTAG_PRIMARYCHROMATICITIES, 6, 6, TIFF_RATIONAL, 0, TIFF_SETGET_C0_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "PrimaryChromaticities", NULL }, { TIFFTAG_COLORMAP, -1, -1, TIFF_SHORT, 0, TIFF_SETGET_OTHER, TIFF_SETGET_UNDEFINED, FIELD_COLORMAP, 1, 0, "ColorMap", NULL }, @@ -95,6 +96,7 @@ { TIFFTAG_TILELENGTH, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UNDEFINED, FIELD_TILEDIMENSIONS, 0, 0, "TileLength", NULL }, { TIFFTAG_TILEOFFSETS, -1, 1, TIFF_LONG8, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_STRIPOFFSETS, 0, 0, "TileOffsets", NULL }, { TIFFTAG_TILEBYTECOUNTS, -1, 1, TIFF_LONG8, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_STRIPBYTECOUNTS, 0, 0, "TileByteCounts", NULL }, + { TIFFTAG_CONSECUTIVEBADFAXLINES, 1, 1, TIFF_LONG, 0, TIFF_SETGET_UINT32, TIFF_SETGET_UINT32, FIELD_CODEC+2, TRUE, FALSE, "ConsecutiveBadFaxLines", NULL }, { TIFFTAG_SUBIFD, -1, -1, TIFF_IFD8, 0, TIFF_SETGET_C16_IFD8, TIFF_SETGET_UNDEFINED, FIELD_SUBIFD, 1, 1, "SubIFD", }, { TIFFTAG_INKSET, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 0, 0, "InkSet", NULL }, { TIFFTAG_INKNAMES, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_C16_ASCII, TIFF_SETGET_UNDEFINED, FIELD_INKNAMES, 1, 1, "InkNames", NULL }, ++ tiff-4.0.6-CVE-2015-8782.patch ++ --- a/libtiff/tif_luv.c +++ b/libtiff/tif_luv.c @@ -202,7 +202,11 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) if (sp->user_datafmt == SGILOGDATAFMT_16BIT) tp = (int16*) op; else { - assert(sp->tbuflen >=
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2016-01-15 10:40:28 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2015-12-17 15:52:59.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2016-01-15 10:40:30.0 +0100 @@ -1,0 +2,7 @@ +Mon Jan 11 13:53:42 UTC 2016 - kstreit...@suse.com + +- add tiff-4.0.4-uninitialized_mem_NeXTDecode.patch to fix + uninitialized memory in NeXTDecode (upstream bug #2508) + [bnc#942690] + +--- New: tiff-4.0.4-uninitialized_mem_NeXTDecode.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.H0CiMd/_old 2016-01-15 10:40:31.0 +0100 +++ /var/tmp/diff_new_pack.H0CiMd/_new 2016-01-15 10:40:31.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,13 +29,12 @@ Patch0: tiff-4.0.3-seek.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch1: tiff-4.0.3-compress-warning.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2508 +Patch2: tiff-4.0.4-uninitialized_mem_NeXTDecode.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel BuildRequires: libtool BuildRequires: zlib-devel -# FYI: this issue is solved another way -# http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 -# Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?suse_version} > 1030 BuildRequires: lzma-devel @@ -94,6 +93,7 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 %build CFLAGS="%{optflags} -fPIE" ++ tiff-4.0.4-uninitialized_mem_NeXTDecode.patch ++ --- libtiff/tif_next.c 29 Dec 2014 12:09:11 - 1.16 +++ libtiff/tif_next.c 27 Dec 2015 16:55:20 - 1.17 @@ -37,7 +37,7 @@ case 0: op[0] = (unsigned char) ((v) << 6); break; \ case 1: op[0] |= (v) << 4; break; \ case 2: op[0] |= (v) << 2; break; \ - case 3: *op++ |= (v); break; \ + case 3: *op++ |= (v); op_offset++; break; \ } \ } @@ -106,6 +106,7 @@ uint32 imagewidth = tif->tif_dir.td_imagewidth; if( isTiled(tif) ) imagewidth = tif->tif_dir.td_tilewidth; +tmsize_t op_offset = 0; /* * The scanline is composed of a sequence of constant @@ -122,10 +123,15 @@ * bounds, potentially resulting in a security * issue. */ - while (n-- > 0 && npixels < imagewidth) + while (n-- > 0 && npixels < imagewidth && op_offset < scanline) SETPIXEL(op, grey); if (npixels >= imagewidth) break; +if (op_offset >= scanline ) { +TIFFErrorExt(tif->tif_clientdata, module, "Invalid data for scanline %ld", +(long) tif->tif_row); +return (0); +} if (cc == 0) goto bad; n = *bp++, cc--;
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2015-12-17 15:52:57 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is "tiff" Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2015-08-07 00:18:52.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2015-12-17 15:52:59.0 +0100 @@ -1,0 +2,56 @@ +Tue Dec 8 15:55:30 UTC 2015 - p.drou...@gmail.com + +- Update to version 4.0.6 + * Supports CMake 2.8.9 and later. + * Add missing file which wasn't being distributed, causing unit +tests to fail. + * Make shared/static library building configurable. + * CMake reads all version information directly from configure.ac +to avoid duplication of values. + * CMake builds are now included in 'distcheck' target. + * Autotools 'make distcheck' now tests the CMake-based build if +CMake is available. + * Fixes to avoid undefined behaviour of signed types (C standard +compliance). + * Fixes to avoid possible isses when casting to unsigned char. + * Fixes to avoid undefined behaviour with shifts. + * Fix generation of output with 16 bit or 32 bit integer, when +byte swapping is needed, in horizontal predictor (#2521). + * Fix decoding when there is a single pixel to decode +(unlikely case...) and byte swapping is involved. + * Add add explicit masking with 0xff before casting to uchar in +floating-point horizontal differencing and accumulation routines. + * Eliminate requirement for and use of 64-bit constant values. + * tiffgt : Silence glut API deprecation warnings on MacOS X. + * fax2ps : Detect failure to write to temporary file. +- Changes from version 4.0.5 + * Support for configure/build using CMake. + * Support for large (> 2GB) files under Microsoft Windows. + * Configuration and building using CMake is now supported under +Microsoft Windows and on Unix-type systems. + * Test for and use fseeko() if it is available. This allows supporting +large files on Unix-type systems with a 32-bit 'long' type and a +64-bit 'off_t' type. + * tiffiop.h: Macros added to use 64-bit equivalents for all standard +I/O and POSIX APIs used by libtiff and its tools which are limited +to 2GB in Windows builds. Note that these 64-bit equivalents were +introduced by the CRT provided with Visual Studio 2005 and if the +necessary CRT is not installed on the target computer, the program +will not run. The wrapper macros will not be activated unless the +definition _MSC_VER is at least 1400 or __MSVCRT_VERSION__ is at +least 0x800. + * tif_unix.c: Updated to support large files under Microsoft Windows. +This makes tif_unix.c a completely viable candidate for use under +Windows (in spite of its name) if the CRT is modern enough. Please +note that tif_win32.c already supported large files, but only +'tiffinfo' and 'tiffdump' made any provision to support large files +under Windows. + * _tiffReadProc() and _tiffWriteProc() are modified to chunk I/O to a +maximum size of 2GB for extremely large I/O requests. This surmounts +limitations in the Microsoft Windows read() and write() APIs (which +are limited to the range of a 32-bit 'int'), and may avoid poor +behavior with extremely large I/O requests on other systems. + * Updated to use I/O wrapper macros from tiffiop.h in order to +support large files under Microsoft Windows. + +--- Old: tiff-4.0.4.tar.gz New: tiff-4.0.6.tar.gz Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.hlVzwV/_old 2015-12-17 15:53:01.0 +0100 +++ /var/tmp/diff_new_pack.hlVzwV/_new 2015-12-17 15:53:01.0 +0100 @@ -17,7 +17,7 @@ Name: tiff -Version:4.0.4 +Version:4.0.6 Release:0 Summary:Tools for Converting from and to the Tiff Format License:HPND ++ tiff-4.0.4.tar.gz -> tiff-4.0.6.tar.gz ++ 7451 lines of diff (skipped)
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2015-08-07 00:18:50 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2015-07-05 17:55:36.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2015-08-07 00:18:52.0 +0200 @@ -1,0 +2,5 @@ +Tue Aug 4 08:17:35 UTC 2015 - kstreit...@suse.com + +- use spec-cleaner + +--- Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.MBPR3V/_old 2015-08-07 00:18:53.0 +0200 +++ /var/tmp/diff_new_pack.MBPR3V/_new 2015-08-07 00:18:53.0 +0200 @@ -17,9 +17,26 @@ Name: tiff +Version:4.0.4 +Release:0 +Summary:Tools for Converting from and to the Tiff Format +License:HPND +Group: Productivity/Graphics/Convertors +Url:http://www.remotesensing.org/libtiff +Source: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz +Source2:README.SUSE +Source3:baselibs.conf +Patch0: tiff-4.0.3-seek.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2442 +Patch1: tiff-4.0.3-compress-warning.patch BuildRequires: gcc-c++ BuildRequires: libjpeg-devel BuildRequires: libtool +BuildRequires: zlib-devel +# FYI: this issue is solved another way +# http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 +# Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?suse_version} 1030 BuildRequires: lzma-devel %endif @@ -29,7 +46,6 @@ %if 0%{?suse_version} 1000 BuildRequires: pkg-config %endif -BuildRequires: zlib-devel # bug437293 %ifarch ppc64 Obsoletes: tiff-64bit @@ -37,23 +53,6 @@ %if 0%{?suse_version} 1210 BuildRequires: libjbig-devel %endif -Version:4.0.4 -Release:0 -Summary:Tools for Converting from and to the Tiff Format -License:HPND -Group: Productivity/Graphics/Convertors -Url:http://www.remotesensing.org/libtiff -Source: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz -Source2:README.SUSE -Source3:baselibs.conf -Patch0: tiff-4.0.3-seek.patch -# http://bugzilla.maptools.org/show_bug.cgi?id=2442 -Patch1: tiff-4.0.3-compress-warning.patch - -# FYI: this issue is solved another way -# http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 -# Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This package contains the library and support programs for the TIFF @@ -97,13 +96,13 @@ %patch1 -p1 %build -CFLAGS=$RPM_OPT_FLAGS -fPIE +CFLAGS=%{optflags} -fPIE %configure --disable-static --with-pic make %{?_smp_mflags} LDFLAGS=-pie %install mkdir -p %{buildroot}/{%{_mandir}/{man1,man3},usr/{bin,lib,include}} -%makeinstall +make DESTDIR=%{buildroot} install %{?_smp_mflags} for f in `find %{buildroot}/%{_mandir} -type f -print ` ; do if [ `wc -l $f` -eq 1 ] grep -q ^\.so $f ; then linkto=`sed -e s|^\.so || $f` @@ -113,7 +112,7 @@ cp %{SOURCE2} . rm -rf %{buildroot}%{_datadir}/doc/tiff* -rm -f %{buildroot}/%{_libdir}/*.la +find %{buildroot} -type f -name *.la -delete -print find html -name Makefile* | xargs rm %check @@ -129,7 +128,7 @@ %{_bindir}/* %doc html %doc README COPYRIGHT VERSION ChangeLog TODO RELEASE-DATE -%doc %{_mandir}/man1/* +%{_mandir}/man1/* %files -n libtiff5 %defattr(-,root,root) @@ -141,6 +140,6 @@ %{_includedir}/* %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc -%doc %{_mandir}/man3/* +%{_mandir}/man3/* %changelog
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2015-07-05 17:55:35 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2015-03-09 10:04:40.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2015-07-05 17:55:36.0 +0200 @@ -1,0 +2,28 @@ +Wed Jul 1 07:17:13 UTC 2015 - pgaj...@suse.com + +- update to 4.0.4 +Dtiff-4.0.3-double-free.patch +Dtiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch +Dtiff-4.0.3-CVE-2013-1961.patch +Derouault.2862.patch +Dbfriesen.2805.patch +Dtiff-4.0.3-CVE-2013-4232.patch +Dtiff-4.0.3-CVE-2013-4244.patch +Derouault.2861.patch +Derouault.2857.patch +Derouault.2856.patch +Derouault.2859.patch +Dtiff-4.0.3-CVE-2012-4564.patch +Dtiff-4.0.3-tiff2pdf-colors.patch +Derouault.2876.patch +Derouault.2860.patch +Dtiff-dither-malloc-check.patch +Dtiff-4.0.3-CVE-2013-1960.patch +Derouault.2858.patch +Dtiff-handle-TIFFTAG_PREDICTOR.patch +Dtiff-4.0.3-CVE-2013-4231.patch +Dtiff-4.0.3-CVE-2013-4243.patch +Derouault.2863.patch +Dtiff-4.0.3-test-jpeg-turbo.patch + +--- Old: bfriesen.2805.patch erouault.2856.patch erouault.2857.patch erouault.2858.patch erouault.2859.patch erouault.2860.patch erouault.2861.patch erouault.2862.patch erouault.2863.patch erouault.2876.patch tiff-4.0.3-CVE-2012-4564.patch tiff-4.0.3-CVE-2013-1960.patch tiff-4.0.3-CVE-2013-1961.patch tiff-4.0.3-CVE-2013-4231.patch tiff-4.0.3-CVE-2013-4232.patch tiff-4.0.3-CVE-2013-4243.patch tiff-4.0.3-CVE-2013-4244.patch tiff-4.0.3-double-free.patch tiff-4.0.3-test-jpeg-turbo.patch tiff-4.0.3-tiff2pdf-colors.patch tiff-4.0.3.tar.gz tiff-dither-malloc-check.patch tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch tiff-handle-TIFFTAG_PREDICTOR.patch New: tiff-4.0.4.tar.gz Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.jZ7SLQ/_old 2015-07-05 17:55:38.0 +0200 +++ /var/tmp/diff_new_pack.jZ7SLQ/_new 2015-07-05 17:55:38.0 +0200 @@ -37,7 +37,7 @@ %if 0%{?suse_version} 1210 BuildRequires: libjbig-devel %endif -Version:4.0.3 +Version:4.0.4 Release:0 Summary:Tools for Converting from and to the Tiff Format License:HPND @@ -46,33 +46,9 @@ Source: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz Source2:README.SUSE Source3:baselibs.conf -Patch0: tiff-%{version}-test-jpeg-turbo.patch -Patch1: tiff-%{version}-seek.patch -Patch2: tiff-%{version}-tiff2pdf-colors.patch -Patch3: tiff-%{version}-CVE-2012-4564.patch -Patch4: tiff-%{version}-CVE-2013-1961.patch -Patch5: tiff-%{version}-CVE-2013-1960.patch -# http://bugzilla.maptools.org/show_bug.cgi?id=2443 -Patch6: tiff-%{version}-double-free.patch +Patch0: tiff-4.0.3-seek.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 -Patch7: tiff-%{version}-compress-warning.patch -Patch8: tiff-4.0.3-CVE-2013-4232.patch -Patch9: tiff-4.0.3-CVE-2013-4231.patch -Patch10:tiff-4.0.3-CVE-2013-4244.patch -Patch11:tiff-4.0.3-CVE-2013-4243.patch -Patch12:erouault.2856.patch -Patch13:erouault.2857.patch -Patch14:erouault.2858.patch -Patch15:erouault.2859.patch -Patch16:erouault.2860.patch -Patch17:erouault.2861.patch -Patch18:erouault.2862.patch -Patch19:erouault.2863.patch -Patch20:erouault.2876.patch -Patch21:bfriesen.2805.patch -Patch22:tiff-dither-malloc-check.patch -Patch23:tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch -Patch24:tiff-handle-TIFFTAG_PREDICTOR.patch +Patch1: tiff-4.0.3-compress-warning.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 @@ -119,29 +95,6 @@ %setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -%patch4 -%patch5 -%patch6 -%patch7 -p1 -%patch8 -%patch9 -%patch10 -%patch11 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 -%patch20 -p1 -%patch21 -p1 -%patch22 -%patch23 -%patch24 %build CFLAGS=$RPM_OPT_FLAGS -fPIE ++ tiff-4.0.3.tar.gz - tiff-4.0.4.tar.gz ++ 43487 lines of diff (skipped)
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2015-03-09 10:04:39 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2014-12-25 23:19:57.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2015-03-09 10:04:40.0 +0100 @@ -1,0 +2,20 @@ +Thu Feb 26 13:58:54 UTC 2015 - pgaj...@suse.com + +- security update: CVE-2014-9655, CVE-2014-8127, CVE-2014-8128, + CVE-2014-8129, CVE-2014-8130, CVE-2015-1547 + bnc#914890, bnc#916925, bnc#916927 + + erouault.2856.patch + + erouault.2857.patch + + erouault.2858.patch + + erouault.2859.patch + + erouault.2860.patch + + erouault.2861.patch + + erouault.2862.patch + + erouault.2863.patch + + erouault.2876.patch + + bfriesen.2805.patch + + tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch + + tiff-handle-TIFFTAG_PREDICTOR.patch + + tiff-dither-malloc-check.patch + +--- New: bfriesen.2805.patch erouault.2856.patch erouault.2857.patch erouault.2858.patch erouault.2859.patch erouault.2860.patch erouault.2861.patch erouault.2862.patch erouault.2863.patch erouault.2876.patch tiff-dither-malloc-check.patch tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch tiff-handle-TIFFTAG_PREDICTOR.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.YM5Mir/_old 2015-03-09 10:04:41.0 +0100 +++ /var/tmp/diff_new_pack.YM5Mir/_new 2015-03-09 10:04:41.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -60,6 +60,20 @@ Patch9: tiff-4.0.3-CVE-2013-4231.patch Patch10:tiff-4.0.3-CVE-2013-4244.patch Patch11:tiff-4.0.3-CVE-2013-4243.patch +Patch12:erouault.2856.patch +Patch13:erouault.2857.patch +Patch14:erouault.2858.patch +Patch15:erouault.2859.patch +Patch16:erouault.2860.patch +Patch17:erouault.2861.patch +Patch18:erouault.2862.patch +Patch19:erouault.2863.patch +Patch20:erouault.2876.patch +Patch21:bfriesen.2805.patch +Patch22:tiff-dither-malloc-check.patch +Patch23:tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch +Patch24:tiff-handle-TIFFTAG_PREDICTOR.patch + # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -115,6 +129,19 @@ %patch9 %patch10 %patch11 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 +%patch18 -p1 +%patch19 -p1 +%patch20 -p1 +%patch21 -p1 +%patch22 +%patch23 +%patch24 %build CFLAGS=$RPM_OPT_FLAGS -fPIE ++ bfriesen.2805.patch ++ - PatchSet 2805 Date: 2012/11/18 19:51:52 Author: bfriesen Branch: HEAD Tag: (none) Log: * libtiff/tif_{unix,vms,win32}.c (_TIFFmalloc): ANSI C does not require malloc() to return NULL pointer if requested allocation size is zero. Assure that _TIFFmalloc does. Members: ChangeLog:1.924-1.925 libtiff/tif_unix.c:1.23-1.24 libtiff/tif_vms.c:1.11-1.12 libtiff/tif_win32.c:1.39-1.40 Index: libtiff/libtiff/tif_unix.c diff -u libtiff/libtiff/tif_unix.c:1.23 libtiff/libtiff/tif_unix.c:1.24 --- libtiff/libtiff/tif_unix.c:1.23 Fri Jun 1 16:40:59 2012 +++ libtiff/libtiff/tif_unix.c Sun Nov 18 12:51:52 2012 @@ -257,6 +257,9 @@ void* _TIFFmalloc(tmsize_t s) { +if (s == 0) +return ((void *) NULL); + return (malloc((size_t) s)); } ++ erouault.2856.patch ++ - PatchSet 2856 Date: 2014/12/21 17:15:31 Author: erouault Branch: HEAD Tag: (none) Log: Fix various crasher bugs on fuzzed images. * libtiff/tif_dir.c: TIFFSetField(): refuse to set negative values for TIFFTAG_XRESOLUTION and TIFFTAG_YRESOLUTION that cause asserts when writing the directory * libtiff/tif_dirread.c: TIFFReadDirectory(): refuse to read ColorMap or TransferFunction if BitsPerSample has not yet been read, otherwise reading it later will cause user code to crash if BitsPerSample 1 * libtiff/tif_getimage.c: TIFFRGBAImageOK(): return FALSE if LOGLUV with SamplesPerPixel != 3, or if CIELAB with SamplesPerPixel != 3 or BitsPerSample != 8 *
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2014-12-25 23:20:06 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2013-09-08 13:06:03.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2014-12-25 23:19:57.0 +0100 @@ -1,0 +2,5 @@ +Mon Dec 22 19:58:43 UTC 2014 - meiss...@suse.com + +- build with PIE + +--- Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.4ARf1K/_old 2014-12-25 23:19:58.0 +0100 +++ /var/tmp/diff_new_pack.4ARf1K/_new 2014-12-25 23:19:58.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -117,8 +117,9 @@ %patch11 %build +CFLAGS=$RPM_OPT_FLAGS -fPIE %configure --disable-static --with-pic -make %{?_smp_mflags} +make %{?_smp_mflags} LDFLAGS=-pie %install mkdir -p %{buildroot}/{%{_mandir}/{man1,man3},usr/{bin,lib,include}} -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2013-09-08 13:06:02 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2013-06-28 19:29:19.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2013-09-08 13:06:03.0 +0200 @@ -1,0 +2,9 @@ +Wed Aug 21 12:57:57 UTC 2013 - pgaj...@suse.com + +- security update + * CVE-2013-4232.patch [bnc#834477] + * CVE-2013-4231.patch [bnc#834477] + * CVE-2013-4244.patch [bnc#834788] + * CVE-2013-4243.patch [bnc#834779] + +--- New: tiff-4.0.3-CVE-2013-4231.patch tiff-4.0.3-CVE-2013-4232.patch tiff-4.0.3-CVE-2013-4243.patch tiff-4.0.3-CVE-2013-4244.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.iQ7zit/_old 2013-09-08 13:06:03.0 +0200 +++ /var/tmp/diff_new_pack.iQ7zit/_new 2013-09-08 13:06:03.0 +0200 @@ -56,6 +56,10 @@ Patch6: tiff-%{version}-double-free.patch # http://bugzilla.maptools.org/show_bug.cgi?id=2442 Patch7: tiff-%{version}-compress-warning.patch +Patch8: tiff-4.0.3-CVE-2013-4232.patch +Patch9: tiff-4.0.3-CVE-2013-4231.patch +Patch10:tiff-4.0.3-CVE-2013-4244.patch +Patch11:tiff-4.0.3-CVE-2013-4243.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -107,6 +111,10 @@ %patch5 %patch6 %patch7 -p1 +%patch8 +%patch9 +%patch10 +%patch11 %build %configure --disable-static --with-pic ++ tiff-4.0.3-CVE-2013-4231.patch ++ Index: gif2tiff.c === RCS file: /cvs/maptools/cvsroot/libtiff/tools/gif2tiff.c,v retrieving revision 1.12 diff -u -r1.12 gif2tiff.c --- tools/gif2tiff.c15 Dec 2010 00:22:44 - 1.12 +++ tools/gif2tiff.c13 Aug 2013 08:25:38 - @@ -333,6 +333,10 @@ int status = 1; datasize = getc(infile); + +if (datasize 12) +return 0; + clear = 1 datasize; eoi = clear + 1; avail = clear + 2; ++ tiff-4.0.3-CVE-2013-4232.patch ++ Index: tiff2pdf.c === RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v retrieving revision 1.71 diff -u -r1.71 tiff2pdf.c --- tools/tiff2pdf.c2 May 2013 14:54:08 - 1.71 +++ toolstiff2pdf.c 13 Aug 2013 04:45:40 - @@ -2462,6 +2462,7 @@ TIFFFileName(input)); t2p-t2p_error = T2P_ERR_ERROR; _TIFFfree(buffer); + return(0); } else { buffer=samplebuffer; t2p-tiff_datasize *= t2p-tiff_samplesperpixel; ++ tiff-4.0.3-CVE-2013-4243.patch ++ Index: tools/gif2tiff.c === --- tools/gif2tiff.c.orig +++ tools/gif2tiff.c @@ -280,6 +280,10 @@ readgifimage(char* mode) fprintf(stderr, no colormap present for image\n); return (0); } +if (width == 0 || height == 0) { +fprintf(stderr, Invalid value of width or height\n); +return(0); +} if ((raster = (unsigned char*) _TIFFmalloc(width*height+EXTRAFUDGE)) == NULL) { fprintf(stderr, not enough memory for image\n); return (0); @@ -406,6 +410,10 @@ process(register int code, unsigned char fprintf(stderr, bad input: code=%d is larger than clear=%d\n,code, clear); return 0; } +if (*fill = raster + width*height) { +fprintf(stderr, raster full before eoi code\n); +return 0; +} *(*fill)++ = suffix[code]; firstchar = oldcode = code; return 1; @@ -436,6 +444,10 @@ process(register int code, unsigned char } oldcode = incode; do { +if (*fill = raster + width*height) { +fprintf(stderr, raster full before eoi code\n); +return 0; +} *(*fill)++ = *--stackp; } while (stackp stack); return 1; ++ tiff-4.0.3-CVE-2013-4244.patch ++ Index: gif2tiff.c === RCS file: /cvs/maptools/cvsroot/libtiff/tools/gif2tiff.c,v retrieving revision 1.12 diff -u -r1.12 gif2tiff.c --- tools/gif2tiff.c15 Dec 2010 00:22:44 - 1.12 +++ tools/gif2tiff.c14 Aug 2013 04:28:07 - @@
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2013-06-28 19:29:18 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2013-05-03 13:52:31.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2013-06-28 19:29:19.0 +0200 @@ -1,0 +2,7 @@ +Wed Jun 26 10:48:50 UTC 2013 - pgaj...@suse.com + +- tiff2pdf: introduced warning when the compression isn't lzw or + none [bnc#819142] +- tiff2pdf: fixed crash [bnc#821872] + +--- New: tiff-4.0.3-compress-warning.patch tiff-4.0.3-double-free.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.ZKQoHx/_old 2013-06-28 19:29:20.0 +0200 +++ /var/tmp/diff_new_pack.ZKQoHx/_new 2013-06-28 19:29:20.0 +0200 @@ -52,6 +52,10 @@ Patch3: tiff-%{version}-CVE-2012-4564.patch Patch4: tiff-%{version}-CVE-2013-1961.patch Patch5: tiff-%{version}-CVE-2013-1960.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2443 +Patch6: tiff-%{version}-double-free.patch +# http://bugzilla.maptools.org/show_bug.cgi?id=2442 +Patch7: tiff-%{version}-compress-warning.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -101,6 +105,8 @@ %patch3 %patch4 %patch5 +%patch6 +%patch7 -p1 %build %configure --disable-static --with-pic ++ tiff-4.0.3-compress-warning.patch ++ Index: tiff-4.0.3/tools/tiff2pdf.c === --- tiff-4.0.3.orig/tools/tiff2pdf.c +++ tiff-4.0.3/tools/tiff2pdf.c @@ -1264,6 +1264,15 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* return; } + if(t2p-tiff_compression != COMPRESSION_LZW + t2p-tiff_compression != COMPRESSION_NONE){ + TIFFWarning( + TIFF2PDF_MODULE, + %s is not compressed with LZW or NONE.\n + tiff2pdf result may be incorrect in that case.\n + Consider to use tiffcp(1) to change compress algorithm first., + TIFFFileName(input)); + } if( TIFFIsCODECConfigured(t2p-tiff_compression) == 0){ TIFFError( TIFF2PDF_MODULE, ++ tiff-4.0.3-double-free.patch ++ Index: tools/tiff2pdf.c === --- tools/tiff2pdf.c.orig +++ tools/tiff2pdf.c @@ -2436,7 +2436,7 @@ tsize_t t2p_readwrite_pdf_image(T2P* t2p TIFFReadEncodedStrip(input, i, (tdata_t) buffer[bufferoffset], - stripsize); + TIFFmin(stripsize, t2p-tiff_datasize - bufferoffset)); if(read==-1){ TIFFError(TIFF2PDF_MODULE, Error on decoding strip %u of %s, -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2013-05-03 13:52:29 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2013-04-05 17:14:02.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2013-05-03 13:52:31.0 +0200 @@ -1,0 +2,7 @@ +Tue Apr 30 13:20:50 UTC 2013 - pgaj...@suse.com + +- security update + * CVE-2013-1961.patch [bnc#818117] + * CVE-2013-1960.patch [bnc#817573] + +--- New: tiff-4.0.3-CVE-2013-1960.patch tiff-4.0.3-CVE-2013-1961.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.ei8ngK/_old 2013-05-03 13:52:32.0 +0200 +++ /var/tmp/diff_new_pack.ei8ngK/_new 2013-05-03 13:52:32.0 +0200 @@ -50,6 +50,8 @@ Patch1: tiff-%{version}-seek.patch Patch2: tiff-%{version}-tiff2pdf-colors.patch Patch3: tiff-%{version}-CVE-2012-4564.patch +Patch4: tiff-%{version}-CVE-2013-1961.patch +Patch5: tiff-%{version}-CVE-2013-1960.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -97,6 +99,8 @@ %patch1 -p1 %patch2 -p1 %patch3 +%patch4 +%patch5 %build %configure --disable-static --with-pic ++ tiff-4.0.3-CVE-2013-1960.patch ++ https://bugzilla.novell.com/show_bug.cgi?id=817573#c1 CVE-2013-1960 libtiff (tiff2pdf): Heap-based buffer overflow in t2_process_jpeg_strip() === A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF (Tagged Image File Format) image format files, performed write of TIFF image content into particular PDF document file, in the tp_process_jpeg_strip() function. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the privileges of the user running the tiff2pdf binary. Index: tools/tiff2pdf.c === --- tools/tiff2pdf.c.orig +++ tools/tiff2pdf.c @@ -3341,33 +3341,56 @@ int t2p_process_jpeg_strip( uint32 height){ tsize_t i=0; - uint16 ri =0; - uint16 v_samp=1; - uint16 h_samp=1; - int j=0; - - i++; - - while(i(*striplength)){ + + while (i *striplength) { + tsize_t datalen; + uint16 ri; + uint16 v_samp; + uint16 h_samp; + int j; + int ncomp; + + /* marker header: one or more FFs */ + if (strip[i] != 0xff) + return(0); + i++; + while (i *striplength strip[i] == 0xff) + i++; + if (i = *striplength) + return(0); + /* SOI is the only pre-SOS marker without a length word */ + if (strip[i] == 0xd8) + datalen = 0; + else { + if ((*striplength - i) = 2) + return(0); + datalen = (strip[i+1] 8) | strip[i+2]; + if (datalen 2 || datalen = (*striplength - i)) + return(0); + } switch( strip[i] ){ - case 0xd8: - /* SOI - start of image */ + case 0xd8: /* SOI - start of image */ _TIFFmemcpy((buffer[*bufferoffset]), (strip[i-1]), 2); *bufferoffset+=2; - i+=2; break; - case 0xc0: - case 0xc1: - case 0xc3: - case 0xc9: - case 0xca: + case 0xc0: /* SOF0 */ + case 0xc1: /* SOF1 */ + case 0xc3: /* SOF3 */ + case 0xc9: /* SOF9 */ + case 0xca: /* SOF10 */ if(no==0){ - _TIFFmemcpy((buffer[*bufferoffset]), (strip[i-1]), strip[i+2]+2); -
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2013-04-05 17:14:02 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2012-11-12 07:07:22.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2013-04-05 17:14:02.0 +0200 @@ -1,0 +2,5 @@ +Fri Apr 5 10:23:51 UTC 2013 - idon...@suse.com + +- Add Source URL, see https://en.opensuse.org/SourceUrls + +--- Old: tiff-4.0.3.tar.bz2 New: tiff-4.0.3.tar.gz Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.iGcAtw/_old 2013-04-05 17:14:03.0 +0200 +++ /var/tmp/diff_new_pack.iGcAtw/_new 2013-04-05 17:14:03.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -43,7 +43,7 @@ License:HPND Group: Productivity/Graphics/Convertors Url:http://www.remotesensing.org/libtiff -Source: tiff-%{version}.tar.bz2 +Source: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz Source2:README.SUSE Source3:baselibs.conf Patch0: tiff-%{version}-test-jpeg-turbo.patch -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2012-11-12 07:07:19 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2012-07-24 17:21:07.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2012-11-12 07:07:22.0 +0100 @@ -1,0 +2,16 @@ +Mon Nov 5 09:27:59 UTC 2012 - pgaj...@suse.com + +- updated to 4.0.3: + * Add some TIFF/FX support in libtiff. + * Fix bug rewriting image tiles in a compressed file. + * Fix read past end of data buffer. + * etc., see ChangeLog +- removed upstreamed patches: + * bigendian.patch + * dont-fancy-upsampling.patch + * CVE-2012-3401.patch +- new patch: + * test-jpeg-turbo.patch + * CVE-2012-4564.patch [bnc#787892] + +--- Old: tiff-4.0.2-CVE-2012-3401.patch tiff-4.0.2-dont-fancy-upsampling.patch tiff-4.0.2-seek.patch tiff-4.0.2-tiff2pdf-colors.patch tiff-4.0.2.tar.bz2 tiff-bigendian.patch New: tiff-4.0.3-CVE-2012-4564.patch tiff-4.0.3-seek.patch tiff-4.0.3-test-jpeg-turbo.patch tiff-4.0.3-tiff2pdf-colors.patch tiff-4.0.3.tar.bz2 Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.NYZZc9/_old 2012-11-12 07:07:23.0 +0100 +++ /var/tmp/diff_new_pack.NYZZc9/_new 2012-11-12 07:07:23.0 +0100 @@ -37,7 +37,7 @@ %if 0%{?suse_version} 1210 BuildRequires: libjbig-devel %endif -Version:4.0.2 +Version:4.0.3 Release:0 Summary:Tools for Converting from and to the Tiff Format License:HPND @@ -46,11 +46,10 @@ Source: tiff-%{version}.tar.bz2 Source2:README.SUSE Source3:baselibs.conf -Patch2: tiff-%{version}-seek.patch -Patch3: tiff-%{version}-tiff2pdf-colors.patch -Patch9: tiff-%{version}-dont-fancy-upsampling.patch -Patch10:tiff-bigendian.patch -Patch11:tiff-%{version}-CVE-2012-3401.patch +Patch0: tiff-%{version}-test-jpeg-turbo.patch +Patch1: tiff-%{version}-seek.patch +Patch2: tiff-%{version}-tiff2pdf-colors.patch +Patch3: tiff-%{version}-CVE-2012-4564.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -94,11 +93,10 @@ %prep %setup -q +%patch0 -p1 +%patch1 -p1 %patch2 -p1 -%patch3 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 +%patch3 %build %configure --disable-static --with-pic ++ tiff-4.0.2-CVE-2012-3401.patch - tiff-4.0.3-CVE-2012-4564.patch ++ --- /work/SRC/openSUSE:Factory/tiff/tiff-4.0.2-CVE-2012-3401.patch 2012-07-24 17:21:07.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff-4.0.3-CVE-2012-4564.patch 2012-11-12 07:07:22.0 +0100 @@ -1,12 +1,34 @@ -Index: tools/tiff2pdf.c +https://bugzilla.redhat.com/attachment.cgi?id=635949action=diff +Index: tools/ppm2tiff.c === tools/tiff2pdf.c.orig -+++ tools/tiff2pdf.c -@@ -1066,6 +1066,7 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* - Can't set directory %u of input file %s, - i, - TIFFFileName(input)); -+ t2p-t2p_error = T2P_ERR_ERROR; - return; - } - if(TIFFGetField(input, TIFFTAG_PAGENUMBER, pagen, paged)){ +RCS file: /cvs/maptools/cvsroot/libtiff/tools/ppm2tiff.c,v +--- tools/ppm2tiff.c 10 Apr 2010 19:22:34 - 1.16 tools/ppm2tiff.c 31 Oct 2012 06:25:13 - +@@ -89,6 +89,7 @@ + int c; + extern int optind; + extern char* optarg; ++ tmsize_t scanline_size; + + if (argc 2) { + fprintf(stderr, %s: Too few arguments\n, argv[0]); +@@ -237,8 +238,16 @@ + } + if (TIFFScanlineSize(out) linebytes) + buf = (unsigned char *)_TIFFmalloc(linebytes); +- else +- buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); ++ else { ++ scanline_size = TIFFScanlineSize(out); ++ if (scanline_size != 0) ++ buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); ++ else { ++ fprintf(stderr, %s: scanline size overflow\n,infile); ++ (void) TIFFClose(out); ++ exit(-2); ++ } ++ } + if (resolution 0) { +
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2012-07-24 15:39:36 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2012-06-29 10:45:20.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2012-07-24 17:21:07.0 +0200 @@ -1,0 +2,5 @@ +Mon Jul 23 09:52:50 UTC 2012 - pgaj...@suse.com + +- fixed CVE-2012-3401 [bnc#770816] + +--- New: tiff-4.0.2-CVE-2012-3401.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.tKP8EC/_old 2012-07-24 17:21:13.0 +0200 +++ /var/tmp/diff_new_pack.tKP8EC/_new 2012-07-24 17:21:13.0 +0200 @@ -50,6 +50,7 @@ Patch3: tiff-%{version}-tiff2pdf-colors.patch Patch9: tiff-%{version}-dont-fancy-upsampling.patch Patch10:tiff-bigendian.patch +Patch11:tiff-%{version}-CVE-2012-3401.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -97,6 +98,7 @@ %patch3 -p1 %patch9 -p1 %patch10 -p1 +%patch11 %build %configure --disable-static --with-pic ++ tiff-4.0.2-CVE-2012-3401.patch ++ Index: tools/tiff2pdf.c === --- tools/tiff2pdf.c.orig +++ tools/tiff2pdf.c @@ -1066,6 +1066,7 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* Can't set directory %u of input file %s, i, TIFFFileName(input)); + t2p-t2p_error = T2P_ERR_ERROR; return; } if(TIFFGetField(input, TIFFTAG_PAGENUMBER, pagen, paged)){ -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2012-06-29 10:24:39 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2012-06-25 14:57:10.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2012-06-29 10:45:20.0 +0200 @@ -1,0 +2,6 @@ +Thu Jun 28 10:16:29 UTC 2012 - meiss...@suse.com + +- RGBA is packed in host order, use the right macros to unpack + and verify in raw_decode test. + +--- New: tiff-bigendian.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.bQulqJ/_old 2012-06-29 10:45:25.0 +0200 +++ /var/tmp/diff_new_pack.bQulqJ/_new 2012-06-29 10:45:25.0 +0200 @@ -49,6 +49,7 @@ Patch2: tiff-%{version}-seek.patch Patch3: tiff-%{version}-tiff2pdf-colors.patch Patch9: tiff-%{version}-dont-fancy-upsampling.patch +Patch10:tiff-bigendian.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -95,6 +96,7 @@ %patch2 -p1 %patch3 -p1 %patch9 -p1 +%patch10 -p1 %build %configure --disable-static --with-pic ++ tiff-bigendian.patch ++ --- tiff-4.0.2/test/raw_decode.c.xx 2012-06-28 11:48:43.0 +0200 +++ tiff-4.0.2/test/raw_decode.c2012-06-28 12:15:46.0 +0200 @@ -85,9 +85,9 @@ static int check_rgba_pixel( int pixel, int red, int green, int blue, int alpha, unsigned char *buffer ) { /* RGBA images are upside down - adjust for normal ordering */ int adjusted_pixel = pixel % 128 + (127 - (pixel/128)) * 128; - unsigned char *rgba = buffer + 4 * adjusted_pixel; - - if( rgba[0] == red rgba[1] == green rgba[2] == blue rgba[3] == alpha ) { + unsigned int *rgba = (unsigned int*)(buffer + 4 * adjusted_pixel); + + if( TIFFGetR(*rgba) == red TIFFGetG(*rgba) == green TIFFGetB(*rgba) == blue TIFFGetA(*rgba) == alpha ) { return 0; } -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2012-06-25 14:28:55 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2012-05-31 17:11:14.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2012-06-25 14:57:10.0 +0200 @@ -1,0 +2,15 @@ +Wed Jun 20 09:29:37 UTC 2012 - pgaj...@suse.com + +- updated to 4.0.2: [bnc#767852] [bnc#767854] +tif_getimage.c: added support for _SEPARATED CMYK images. +tif_getimage.c: Added support for greyscale + alpha. +Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory() functions. +tif_print.c: Lots of fixes around printing corrupt or hostile input. +Improve handling of corrupt ycbcrsubsampling values. +tif_unix.c: use strerror to get meaningful error messages. +tif_jpeg.c: fix serious bugs in JPEGDecodeRaw(). +tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173). +tiff2pdf: Defend against integer overflows while calculating required + buffer sizes (CVE-2012-2113). + +--- Old: tiff-4.0.1-dont-fancy-upsampling.patch tiff-4.0.1-seek.patch tiff-4.0.1-tiff2pdf-colors.patch tiff-4.0.1.tar.bz2 New: tiff-4.0.2-dont-fancy-upsampling.patch tiff-4.0.2-seek.patch tiff-4.0.2-tiff2pdf-colors.patch tiff-4.0.2.tar.bz2 Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.55zN3a/_old 2012-06-25 14:57:12.0 +0200 +++ /var/tmp/diff_new_pack.55zN3a/_new 2012-06-25 14:57:12.0 +0200 @@ -37,7 +37,7 @@ %if 0%{?suse_version} 1210 BuildRequires: libjbig-devel %endif -Version:4.0.1 +Version:4.0.2 Release:0 Summary:Tools for Converting from and to the Tiff Format License:HPND ++ tiff-4.0.1-dont-fancy-upsampling.patch - tiff-4.0.2-dont-fancy-upsampling.patch ++ ++ tiff-4.0.1-seek.patch - tiff-4.0.2-seek.patch ++ ++ tiff-4.0.1-tiff2pdf-colors.patch - tiff-4.0.2-tiff2pdf-colors.patch ++ ++ tiff-4.0.1.tar.bz2 - tiff-4.0.2.tar.bz2 ++ 4007 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2012-04-12 09:54:14 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2012-03-29 07:48:47.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2012-04-12 09:54:17.0 +0200 @@ -1,0 +2,31 @@ +Thu Mar 29 09:51:49 UTC 2012 - idon...@suse.com + +- Add lzma support +- Implement %check +- Drop visibility patch because it breaks compilation + +--- +Wed Mar 28 18:06:34 UTC 2012 - i...@marguerite.su + +- change package name libtiff4 to libtiff5. + library number is 5 actually. + +--- +Wed Mar 28 17:29:16 UTC 2012 - i...@marguerite.su + +- Update to 4.0.1 + * configure.ac +- Add libtiff private dependency on -llzma for pkg-config +- Add support for using library symbol versioning on + ELF systems with the GNU linker. + * libtiff/tif_win32.c: Eliminate some minor 64-bit warnings in + tif_win32.c + * libtiff/tif_jpeg.c: Extra caution for case where sp is NULL. + * libtiff/tif_dir.c, libtiff/tif_dirread.c: Extra caution around +assumption tag fetching is always successful. + * libtiff/tiffio.h: Use double-underbar syntax in GCC printf +attribute specification to lessen the risk of accidental macro +substitution. + * Update automake used to 1.11.3. + +--- Old: tiff-3.9.5-dont-fancy-upsampling.patch tiff-3.9.5-seek.patch tiff-3.9.5-tiff2pdf-colors.patch tiff-3.9.5.tar.bz2 tiff-visibility.patch New: tiff-4.0.1-dont-fancy-upsampling.patch tiff-4.0.1-seek.patch tiff-4.0.1-tiff2pdf-colors.patch tiff-4.0.1.tar.bz2 Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.O4l1aT/_old 2012-04-12 09:54:21.0 +0200 +++ /var/tmp/diff_new_pack.O4l1aT/_new 2012-04-12 09:54:21.0 +0200 @@ -16,34 +16,30 @@ # - Name: tiff -License:HPND -Group: Productivity/Graphics/Convertors BuildRequires: gcc-c++ BuildRequires: libjpeg-devel BuildRequires: libtool +BuildRequires: lzma-devel +BuildRequires: pkg-config BuildRequires: zlib-devel # bug437293 %ifarch ppc64 Obsoletes: tiff-64bit %endif -Version:3.9.5 -Release:6 +Version:4.0.1 +Release:0 Summary:Tools for Converting from and to the Tiff Format +License:HPND +Group: Productivity/Graphics/Convertors # -Url:http://www.remotesensing.org/libtiff/ +Url:http://www.remotesensing.org/libtiff Source: tiff-%{version}.tar.bz2 Source2:README.SUSE Source3:baselibs.conf -# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch2: tiff-%{version}-seek.patch -# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch3: tiff-%{version}-tiff2pdf-colors.patch -# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch9: tiff-%{version}-dont-fancy-upsampling.patch -# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines -Patch10:tiff-visibility.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -53,8 +49,7 @@ This package contains the library and support programs for the TIFF image format. -%package -n libtiff3 -License:HPND +%package -n libtiff5 Summary:The Tiff Library (with JPEG and compression support) Group: System/Libraries Provides: libtiff = %{version} @@ -65,18 +60,17 @@ %endif # -%description -n libtiff3 +%description -n libtiff5 This package includes the tiff libraries. To link a program with libtiff, you will have to add -ljpeg and -lz to include the necessary libjpeg and libz in the linking process. %package -n libtiff-devel -License:HPND Summary:Development Tools for Programs which will use the libtiff Library Group: Development/Libraries/C and C++ Requires: glibc-devel Requires: libstdc++-devel -Requires: libtiff3 = %{version} +Requires: libtiff5 = %{version} # bug437293 %ifarch ppc64 Obsoletes: tiff-devel-64bit @@ -90,16 +84,11 @@ %prep %setup -q -%patch2 +%patch2 -p1 %patch3 -p1 %patch9 -p1
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2012-03-29 07:48:46 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2012-01-11 15:39:00.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2012-03-29 07:48:47.0 +0200 @@ -1,0 +2,7 @@ +Wed Mar 28 12:12:23 UTC 2012 - cfarr...@suse.com + +- license update: HPND + tiff license most akin to spdx recognised + http://www.spdx.org/licenses/HPND + +--- Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.Q65Dl2/_old 2012-03-29 07:48:49.0 +0200 +++ /var/tmp/diff_new_pack.Q65Dl2/_new 2012-03-29 07:48:49.0 +0200 @@ -18,7 +18,7 @@ Name: tiff -License:PERMISSIVE-OSI-COMPLIANT ; MIT License (or similar) +License:HPND Group: Productivity/Graphics/Convertors BuildRequires: gcc-c++ BuildRequires: libjpeg-devel @@ -54,7 +54,7 @@ image format. %package -n libtiff3 -License:PERMISSIVE-OSI-COMPLIANT ; MIT License (or similar) +License:HPND Summary:The Tiff Library (with JPEG and compression support) Group: System/Libraries Provides: libtiff = %{version} @@ -71,7 +71,7 @@ libjpeg and libz in the linking process. %package -n libtiff-devel -License:PERMISSIVE-OSI-COMPLIANT +License:HPND Summary:Development Tools for Programs which will use the libtiff Library Group: Development/Libraries/C and C++ Requires: glibc-devel -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2012-01-11 15:38:10 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2011-11-23 19:37:55.0 +0100 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2012-01-11 15:39:00.0 +0100 @@ -1,0 +2,16 @@ +Tue Jan 10 01:21:45 UTC 2012 - crrodrig...@opensuse.org + +- remove libjpeg-devel and zlib-devel from libtiff-devel + requires as they are _not_ required to use the library. + Now, this _will_ break packages with wrong buildrequires + for good. + +--- +Tue Jan 10 00:55:53 UTC 2012 - crrodrig...@opensuse.org + +- Hide private symbols using gcc visibility, this has been + applied only to functions that the source code clearly states + that are internal to the library. +- Run spec cleaner + +--- New: tiff-visibility.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.okFMxE/_old 2012-01-11 15:39:01.0 +0100 +++ /var/tmp/diff_new_pack.okFMxE/_new 2012-01-11 15:39:01.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tiff # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,25 +18,32 @@ Name: tiff -BuildRequires: gcc-c++ libjpeg-devel libtool zlib-devel License:PERMISSIVE-OSI-COMPLIANT ; MIT License (or similar) Group: Productivity/Graphics/Convertors -AutoReqProv:on +BuildRequires: gcc-c++ +BuildRequires: libjpeg-devel +BuildRequires: libtool +BuildRequires: zlib-devel # bug437293 %ifarch ppc64 Obsoletes: tiff-64bit %endif -# -Url:http://www.remotesensing.org/libtiff/ Version:3.9.5 Release:6 Summary:Tools for Converting from and to the Tiff Format +# +Url:http://www.remotesensing.org/libtiff/ Source: tiff-%{version}.tar.bz2 Source2:README.SUSE Source3:baselibs.conf +# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch2: tiff-%{version}-seek.patch +# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch3: tiff-%{version}-tiff2pdf-colors.patch +# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch9: tiff-%{version}-dont-fancy-upsampling.patch +# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines +Patch10:tiff-visibility.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -46,19 +53,12 @@ This package contains the library and support programs for the TIFF image format. - - -Authors: - -Sam Leffler s...@engr.sgi.com - %package -n libtiff3 License:PERMISSIVE-OSI-COMPLIANT ; MIT License (or similar) Summary:The Tiff Library (with JPEG and compression support) Group: System/Libraries Provides: libtiff = %{version} Obsoletes: libtiff %{version} -AutoReqProv:on # bug437293 %ifarch ppc64 Obsoletes: libtiff-64bit @@ -70,17 +70,13 @@ libtiff, you will have to add -ljpeg and -lz to include the necessary libjpeg and libz in the linking process. - - -Authors: - -Sam Leffler s...@engr.sgi.com - %package -n libtiff-devel License:PERMISSIVE-OSI-COMPLIANT Summary:Development Tools for Programs which will use the libtiff Library Group: Development/Libraries/C and C++ -Requires: libtiff3 = %{version} libjpeg-devel zlib-devel libstdc++-devel glibc-devel +Requires: glibc-devel +Requires: libstdc++-devel +Requires: libtiff3 = %{version} # bug437293 %ifarch ppc64 Obsoletes: tiff-devel-64bit @@ -92,13 +88,12 @@ developing programs which will manipulate TIFF format image files using the libtiff library. - - %prep %setup -q %patch2 %patch3 -p1 %patch9 -p1 +%patch10 find -type d -name CVS | xargs rm -rfv find -type d | xargs chmod 755 @@ -109,17 +104,17 @@ make %{?_smp_mflags} %install -mkdir -p $RPM_BUILD_ROOT/{%{_mandir}/{man1,man3},usr/{bin,lib,include}} -make install DESTDIR=$RPM_BUILD_ROOT
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at 2011-11-23 19:37:53 Comparing /work/SRC/openSUSE:Factory/tiff (Old) and /work/SRC/openSUSE:Factory/.tiff.new (New) Package is tiff, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:Factory/tiff/tiff.changes2011-09-23 12:48:12.0 +0200 +++ /work/SRC/openSUSE:Factory/.tiff.new/tiff.changes 2011-11-23 19:37:55.0 +0100 @@ -1,0 +2,5 @@ +Wed Nov 23 09:31:16 UTC 2011 - co...@suse.com + +- add libtool as buildrequire to avoid implicit dependency + +--- Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.WSVfEI/_old 2011-11-23 19:37:58.0 +0100 +++ /var/tmp/diff_new_pack.WSVfEI/_new 2011-11-23 19:37:58.0 +0100 @@ -18,7 +18,7 @@ Name: tiff -BuildRequires: gcc-c++ libjpeg-devel zlib-devel +BuildRequires: gcc-c++ libjpeg-devel libtool zlib-devel License:PERMISSIVE-OSI-COMPLIANT ; MIT License (or similar) Group: Productivity/Graphics/Convertors AutoReqProv:on -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at Sat Aug 6 19:12:03 CEST 2011. --- tiff/tiff.changes 2011-04-14 14:19:38.0 +0200 +++ /mounts/work_src_done/STABLE/tiff/tiff.changes 2011-08-05 23:10:59.0 +0200 @@ -1,0 +2,7 @@ +Fri Aug 5 21:09:33 UTC 2011 - crrodrig...@opensuse.org + +- Do not use -fno-strict-aliasing, no longer needed + and will probably slow down the code. +- Fix self-obsoletion warning + +--- calling whatdependson for head-i586 Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.KwOUOK/_old 2011-08-06 19:09:57.0 +0200 +++ /var/tmp/diff_new_pack.KwOUOK/_new 2011-08-06 19:09:57.0 +0200 @@ -29,7 +29,7 @@ # Url:http://www.remotesensing.org/libtiff/ Version:3.9.5 -Release:1 +Release:6 Summary:Tools for Converting from and to the Tiff Format Source: tiff-%{version}.tar.bz2 Source2:README.SUSE @@ -57,7 +57,7 @@ Summary:The Tiff Library (with JPEG and compression support) Group: System/Libraries Provides: libtiff = %{version} -Obsoletes: libtiff = %{version} +Obsoletes: libtiff %{version} AutoReqProv:on # bug437293 %ifarch ppc64 @@ -105,8 +105,7 @@ %build rm m4/ltversion.m4 m4/ltsugar.m4 m4/ltoptions.m4 m4/libtool.m4 autoreconf --force --install -v -CFLAGS=$RPM_OPT_FLAGS -fno-strict-aliasing -fstack-protector \ - ./configure --prefix=/usr --mandir=%{_mandir} --libdir=%{_libdir} --disable-static +%configure --disable-static --with-pic make %{?_smp_mflags} %install Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tiff for openSUSE:Factory
Hello community, here is the log from the commit of package tiff for openSUSE:Factory checked in at Mon Mar 14 09:40:37 CET 2011. --- tiff/tiff.changes 2010-09-06 15:07:08.0 +0200 +++ /mounts/work_src_done/STABLE/tiff/tiff.changes 2011-03-03 09:30:27.0 +0100 @@ -1,0 +2,6 @@ +Thu Feb 17 15:40:54 CET 2011 - pgaj...@suse.cz + +- fixed buffer overflow [bnc#672510] + * CVE-2011-0192.patch + +--- calling whatdependson for head-i586 New: tiff-3.9.4-CVE-2011-0192.patch Other differences: -- ++ tiff.spec ++ --- /var/tmp/diff_new_pack.jWu4xE/_old 2011-03-14 09:40:19.0 +0100 +++ /var/tmp/diff_new_pack.jWu4xE/_new 2011-03-14 09:40:19.0 +0100 @@ -1,7 +1,7 @@ # -# spec file for package tiff (Version 3.9.4) +# spec file for package tiff # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,7 +29,7 @@ # Url:http://www.remotesensing.org/libtiff/ Version:3.9.4 -Release:2 +Release:3 Summary:Tools for Converting from and to the Tiff Format Source: tiff-%{version}.tar.bz2 Source2:README.SUSE @@ -40,6 +40,7 @@ Patch7: tiff-%{version}-getimage-64bit.patch Patch8: tiff-%{version}-scanlinesize.patch Patch9: tiff-%{version}-dont-fancy-upsampling.patch +Patch10:tiff-%{version}-CVE-2011-0192.patch # FYI: this issue is solved another way # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1 # Patch9: tiff-%{version}-lzw-CVE-2009-2285.patch @@ -105,6 +106,7 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 find -type d -name CVS | xargs rm -rfv find -type d | xargs chmod 755 ++ tiff-3.9.4-CVE-2011-0192.patch ++ Index: libtiff/tif_fax3.h === --- libtiff/tif_fax3.h.orig +++ libtiff/tif_fax3.h @@ -478,6 +478,10 @@ done1d: \ break; \ case S_VL: \ CHECK_b1; \ +if (b1 = (int) (a0 + TabEnt-Param)) { \ + unexpected(VL, a0); \ + goto eol2d; \ +} \ SETVALUE(b1 - a0 - TabEnt-Param); \ b1 -= *--pb;\ break; \ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org