pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q4]: pkgsrc/graphics/tiff Pullup ticket 174 - requested by...
details: https://anonhg.NetBSD.org/pkgsrc/rev/b273be297493
branches: pkgsrc-2004Q4
changeset: 485760:b273be297493
user: snj <snj%pkgsrc.org@localhost>
date: Wed Dec 22 08:31:29 2004 +0000
description:
Pullup ticket 174 - requested by Jeremy C. Reed
security fix for tiff
Module Name: pkgsrc
Committed By: reed
Date: Wed Dec 22 03:57:15 UTC 2004
Modified Files:
pkgsrc/graphics/tiff: Makefile buildlink3.mk distinfo
pkgsrc/graphics/tiff/patches: patch-ag patch-ao
Log Message:
patch-ag and patch-ao already had security fixes for CESA-2004-006.
But now these are improved in response to
iDEFENSE Security Advisory 12.21.04
www.idefense.com/application/poi/display?id=173&type=vulnerabilities
libtiff STRIPOFFSETS Integer Overflow Vulnerability
December 21, 2004
This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.
PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.
diffstat:
graphics/tiff/Makefile | 4 ++--
graphics/tiff/buildlink3.mk | 4 ++--
graphics/tiff/distinfo | 6 +++---
graphics/tiff/patches/patch-ag | 4 ++--
graphics/tiff/patches/patch-ao | 4 ++--
5 files changed, 11 insertions(+), 11 deletions(-)
diffs (95 lines):
diff -r 8ac46179d9e0 -r b273be297493 graphics/tiff/Makefile
--- a/graphics/tiff/Makefile Tue Dec 21 19:24:21 2004 +0000
+++ b/graphics/tiff/Makefile Wed Dec 22 08:31:29 2004 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.59 2004/11/26 15:32:34 jmmv Exp $
+# $NetBSD: Makefile,v 1.59.2.1 2004/12/22 08:31:29 snj Exp $
DISTNAME= tiff-v3.6.1
PKGNAME= ${DISTNAME:S/-v/-/}
-PKGREVISION= 5
+PKGREVISION= 6
CATEGORIES= graphics
MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/old/ \
ftp://ftp.fu-berlin.de/unix/graphics/tiff/old/
diff -r 8ac46179d9e0 -r b273be297493 graphics/tiff/buildlink3.mk
--- a/graphics/tiff/buildlink3.mk Tue Dec 21 19:24:21 2004 +0000
+++ b/graphics/tiff/buildlink3.mk Wed Dec 22 08:31:29 2004 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.8 2004/10/03 00:14:58 tv Exp $
+# $NetBSD: buildlink3.mk,v 1.8.2.1 2004/12/22 08:31:29 snj Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
TIFF_BUILDLINK3_MK:= ${TIFF_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
.if !empty(TIFF_BUILDLINK3_MK:M+)
BUILDLINK_DEPENDS.tiff+= tiff>=3.6.1
-BUILDLINK_RECOMMENDED.tiff+= tiff>=3.6.1nb3
+BUILDLINK_RECOMMENDED.tiff+= tiff>=3.6.1nb6
BUILDLINK_PKGSRCDIR.tiff?= ../../graphics/tiff
.endif # TIFF_BUILDLINK3_MK
diff -r 8ac46179d9e0 -r b273be297493 graphics/tiff/distinfo
--- a/graphics/tiff/distinfo Tue Dec 21 19:24:21 2004 +0000
+++ b/graphics/tiff/distinfo Wed Dec 22 08:31:29 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.18 2004/10/18 14:37:24 tron Exp $
+$NetBSD: distinfo,v 1.18.2.1 2004/12/22 08:31:29 snj Exp $
SHA1 (tiff-3.6.1/tiff-v3.6.1.tar.gz) = f7817145d8756152cc341804df6477f37ef93c38
Size (tiff-3.6.1/tiff-v3.6.1.tar.gz) = 1072165 bytes
@@ -12,7 +12,7 @@
SHA1 (patch-ad) = b48c93d29d5ff39079b6d320c5e67d9c1cdde8c7
SHA1 (patch-ae) = 8272e39a8a0324b0f8a1e661721b5c9367c0d8e7
SHA1 (patch-af) = d6c9fd4f10c26e6b2ad8eb5ec51e9205504b62c7
-SHA1 (patch-ag) = 01be3aaddf62748bb575ae8cc71014566f519ce7
+SHA1 (patch-ag) = 9171499433deebf0b1f271fe5940bfc563446381
SHA1 (patch-ah) = 44ecf92862dc20cdb5e4b1dd4cdbf7c765dc95e2
SHA1 (patch-ai) = cab07f23d9ef47008fee393f1d4c2438d0c96124
SHA1 (patch-aj) = 9ea4c71308e73a20f10befcfabe31ecfce794519
@@ -20,7 +20,7 @@
SHA1 (patch-al) = 203c17a448cf61d9b92bf24b93ca87dc8aff2454
SHA1 (patch-am) = 812da6e94797ae976b86c65888804f470abda7a0
SHA1 (patch-an) = 22589375f39ec68e848efc3e11fb5142e8247919
-SHA1 (patch-ao) = 876bd5bf2c3dcc41c31396afc3d1adc6ce279a77
+SHA1 (patch-ao) = 2173925f79eba50a822b8914dc8b09f0b0140209
SHA1 (patch-ap) = 83a15df9ecb4c8c81c808c02ea59f0941c4ba135
SHA1 (patch-aq) = d9056e59e185bc8a7e6375ba0f9c9ffc6f537344
SHA1 (patch-ar) = 9ba144120468a1674276dab4fc15ebba54e594fe
diff -r 8ac46179d9e0 -r b273be297493 graphics/tiff/patches/patch-ag
--- a/graphics/tiff/patches/patch-ag Tue Dec 21 19:24:21 2004 +0000
+++ b/graphics/tiff/patches/patch-ag Wed Dec 22 08:31:29 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $
+$NetBSD: patch-ag,v 1.7.2.1 2004/12/22 08:31:29 snj Exp $
--- libtiff/tif_fax3.c.orig 2003-11-06 09:22:13.000000000 +0100
+++ libtiff/tif_fax3.c 2004-10-18 16:24:04.000000000 +0200
@@ -12,7 +12,7 @@
+ char *cp = NULL;
+ tsize_t bytes = nmemb * elem_size;
+
-+ if (elem_size && bytes / elem_size == nmemb)
++ if (nmemb && elem_size && bytes / elem_size == nmemb)
+ cp = (char*) _TIFFmalloc(bytes);
+
+ if (cp == NULL)
diff -r 8ac46179d9e0 -r b273be297493 graphics/tiff/patches/patch-ao
--- a/graphics/tiff/patches/patch-ao Tue Dec 21 19:24:21 2004 +0000
+++ b/graphics/tiff/patches/patch-ao Wed Dec 22 08:31:29 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $
+$NetBSD: patch-ao,v 1.1.4.1 2004/12/22 08:31:29 snj Exp $
--- libtiff/tif_dirread.c.orig 2003-12-22 09:22:15.000000000 +0100
+++ libtiff/tif_dirread.c 2004-10-18 16:25:32.000000000 +0200
@@ -13,7 +13,7 @@
+ char *cp = NULL;
+ tsize_t bytes = nmemb * elem_size;
+
-+ if (elem_size && bytes / elem_size == nmemb)
++ if (nmemb && elem_size && bytes / elem_size == nmemb)
+ cp = (char*)_TIFFmalloc(bytes);
+
if (cp == NULL)
Home |
Main Index |
Thread Index |
Old Index