Subject: CVS commit: [pkgsrc-2004Q4] pkgsrc/graphics/tiff
To: None <>
From: Soren Jacobsen <>
List: pkgsrc-changes
Date: 12/22/2004 08:31:29
Module Name:	pkgsrc
Committed By:	snj
Date:		Wed Dec 22 08:31:29 UTC 2004

Modified Files:
	pkgsrc/graphics/tiff [pkgsrc-2004Q4]: Makefile distinfo
	pkgsrc/graphics/tiff/patches [pkgsrc-2004Q4]: patch-ag patch-ao

Log Message:
Pullup ticket 174 - requested by Jeremy C. Reed
security fix for tiff

Module Name:    pkgsrc
Committed By:   reed
Date:           Wed Dec 22 03:57:15 UTC 2004

Modified Files:
        pkgsrc/graphics/tiff: Makefile distinfo
        pkgsrc/graphics/tiff/patches: patch-ag patch-ao

Log Message:
patch-ag and patch-ao already had security fixes for CESA-2004-006.
But now these are improved in response to
 iDEFENSE Security Advisory 12.21.04
 libtiff STRIPOFFSETS Integer Overflow Vulnerability
 December 21, 2004

This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.

PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not

To generate a diff of this commit:
cvs rdiff -r1.59 -r1.59.2.1 pkgsrc/graphics/tiff/Makefile
cvs rdiff -r1.8 -r1.8.2.1 pkgsrc/graphics/tiff/
cvs rdiff -r1.18 -r1.18.2.1 pkgsrc/graphics/tiff/distinfo
cvs rdiff -r1.7 -r1.7.2.1 pkgsrc/graphics/tiff/patches/patch-ag
cvs rdiff -r1.1 -r1.1.4.1 pkgsrc/graphics/tiff/patches/patch-ao

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.