pkgsrc-changes: CVS commit: pkgsrc/graphics/tiff

Subject: CVS commit: pkgsrc/graphics/tiff
To: None <pkgsrc-changes@NetBSD.org>
From: Jeremy C. Reed <reed@netbsd.org>
List: pkgsrc-changes
Date: 12/22/2004 03:57:15

Module Name:	pkgsrc
Committed By:	reed
Date:		Wed Dec 22 03:57:15 UTC 2004

Modified Files:
	pkgsrc/graphics/tiff: Makefile buildlink3.mk distinfo
	pkgsrc/graphics/tiff/patches: patch-ag patch-ao

Log Message:
patch-ag and patch-ao already had security fixes for CESA-2004-006.
But now these are improved in response to
 iDEFENSE Security Advisory 12.21.04
 www.idefense.com/application/poi/display?id=173&type=vulnerabilities
 libtiff STRIPOFFSETS Integer Overflow Vulnerability
 December 21, 2004

This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.

PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.


To generate a diff of this commit:
cvs rdiff -r1.59 -r1.60 pkgsrc/graphics/tiff/Makefile
cvs rdiff -r1.8 -r1.9 pkgsrc/graphics/tiff/buildlink3.mk
cvs rdiff -r1.18 -r1.19 pkgsrc/graphics/tiff/distinfo
cvs rdiff -r1.7 -r1.8 pkgsrc/graphics/tiff/patches/patch-ag
cvs rdiff -r1.1 -r1.2 pkgsrc/graphics/tiff/patches/patch-ao

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.