Subject: CVS commit: pkgsrc/graphics/tiff
To: None <>
From: Lubomir Sedlacik <>
List: pkgsrc-changes
Date: 08/02/2006 15:42:25
Module Name:	pkgsrc
Committed By:	salo
Date:		Wed Aug  2 15:42:25 UTC 2006

Modified Files:
	pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
	pkgsrc/graphics/tiff/patches: patch-av patch-aw patch-ax patch-ay
	    patch-az patch-ba patch-bb patch-bc

Log Message:
Security fixes for SA21304:

"Some vulnerabilities have been reported in libTIFF, which can be
 exploited by malicious people to cause a DoS (Denial of Service)
 or potentially compromise a vulnerable system.

 The vulnerabilities are caused due to various heap and integer
 overflows when processing TIFF images and can be exploited via
 a specially crafted TIFF image.

 Successful exploitation allows crashing applications linked against
 libTIFF and may also allow execution of arbitrary code."

Patches from Tavis Ormandy, Google Security Team via SUSE.

To generate a diff of this commit:
cvs rdiff -r1.83 -r1.84 pkgsrc/graphics/tiff/Makefile
cvs rdiff -r1.38 -r1.39 pkgsrc/graphics/tiff/distinfo
cvs rdiff -r0 -r1.5 pkgsrc/graphics/tiff/patches/patch-av \
    pkgsrc/graphics/tiff/patches/patch-aw \
cvs rdiff -r0 -r1.3 pkgsrc/graphics/tiff/patches/patch-ay
cvs rdiff -r0 -r1.1 pkgsrc/graphics/tiff/patches/patch-az \
    pkgsrc/graphics/tiff/patches/patch-ba \
    pkgsrc/graphics/tiff/patches/patch-bb \

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.