pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/graphics/tiff Security fix:
details: https://anonhg.NetBSD.org/pkgsrc/rev/ab4ed566a9b4
branches: trunk
changeset: 493691:ab4ed566a9b4
user: salo <salo%pkgsrc.org@localhost>
date: Thu May 12 12:53:21 2005 +0000
description:
Security fix:
"A vulnerability in libTIFF was found, it can be potentially exploited by
malicious people to compromise a vulnerable system."
http://secunia.com/advisories/15320/
http://bugzilla.remotesensing.org/show_bug.cgi?id=843
Bump PKGREVISION, patch from libtiff cvs repository.
diffstat:
graphics/tiff/Makefile | 3 +-
graphics/tiff/buildlink3.mk | 4 +-
graphics/tiff/distinfo | 3 +-
graphics/tiff/patches/patch-ad | 64 ++++++++++++++++++++++++++++++++++++++++++
4 files changed, 70 insertions(+), 4 deletions(-)
diffs (112 lines):
diff -r 43ffcdf6355c -r ab4ed566a9b4 graphics/tiff/Makefile
--- a/graphics/tiff/Makefile Thu May 12 11:09:09 2005 +0000
+++ b/graphics/tiff/Makefile Thu May 12 12:53:21 2005 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.68 2005/04/11 21:46:09 tv Exp $
+# $NetBSD: Makefile,v 1.69 2005/05/12 12:53:21 salo Exp $
DISTNAME= tiff-3.7.2
+PKGREVISION= 1
CATEGORIES= graphics
MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \
http://libtiff.maptools.org/dl/
diff -r 43ffcdf6355c -r ab4ed566a9b4 graphics/tiff/buildlink3.mk
--- a/graphics/tiff/buildlink3.mk Thu May 12 11:09:09 2005 +0000
+++ b/graphics/tiff/buildlink3.mk Thu May 12 12:53:21 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.11 2005/01/11 05:29:55 jlam Exp $
+# $NetBSD: buildlink3.mk,v 1.12 2005/05/12 12:53:21 salo Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
TIFF_BUILDLINK3_MK:= ${TIFF_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
.if !empty(TIFF_BUILDLINK3_MK:M+)
BUILDLINK_DEPENDS.tiff+= tiff>=3.6.1
-BUILDLINK_RECOMMENDED.tiff+= tiff>=3.7.1nb1
+BUILDLINK_RECOMMENDED.tiff+= tiff>=3.7.2nb1
BUILDLINK_PKGSRCDIR.tiff?= ../../graphics/tiff
.endif # TIFF_BUILDLINK3_MK
diff -r 43ffcdf6355c -r ab4ed566a9b4 graphics/tiff/distinfo
--- a/graphics/tiff/distinfo Thu May 12 11:09:09 2005 +0000
+++ b/graphics/tiff/distinfo Thu May 12 12:53:21 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.28 2005/05/07 00:47:29 toshii Exp $
+$NetBSD: distinfo,v 1.29 2005/05/12 12:53:21 salo Exp $
SHA1 (tiff-3.7.2.tar.gz) = 0eb69e88bf6c430160ad2897cd0ae637d507ed66
RMD160 (tiff-3.7.2.tar.gz) = fb156e17f55b1d565adbc5247f01d836d5f25824
@@ -6,3 +6,4 @@
SHA1 (patch-aa) = 06ecb34e5eeae5650020b456dddd40c8b9fe9647
SHA1 (patch-ab) = 0363e36d8c7575b4a55fee587aa4d92ee6c6db0b
SHA1 (patch-ac) = 80c0abc2e8111a9b7608514cce239c8195e44cee
+SHA1 (patch-ad) = 2e448a0491c4137820ec81cf566cf1962fab6045
diff -r 43ffcdf6355c -r ab4ed566a9b4 graphics/tiff/patches/patch-ad
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/tiff/patches/patch-ad Thu May 12 12:53:21 2005 +0000
@@ -0,0 +1,64 @@
+$NetBSD: patch-ad,v 1.14 2005/05/12 12:53:21 salo Exp $
+
+--- libtiff/tif_dirread.c.orig 2005-03-05 10:06:00.000000000 +0100
++++ libtiff/tif_dirread.c 2005-05-12 14:38:22.000000000 +0200
+@@ -1310,12 +1310,16 @@
+ uint16 buf[10];
+ uint16* v = buf;
+
+- if (samples > NITEMS(buf))
+- v = (uint16*) CheckMalloc(tif, samples, sizeof(uint16),
++ if (dir->tdir_count > NITEMS(buf))
++ v = (uint16*) CheckMalloc(tif, dir->tdir_count, sizeof(uint16),
+ "to fetch per-sample values");
+ if (v && TIFFFetchShortArray(tif, dir, v)) {
+ uint16 i;
+- for (i = 1; i < samples; i++)
++ int check_count = dir->tdir_count;
++ if( samples < check_count )
++ check_count = samples;
++
++ for (i = 1; i < check_count; i++)
+ if (v[i] != v[0]) {
+ TIFFError(tif->tif_name,
+ "Cannot handle different per-sample values for field \"%s\"",
+@@ -1347,12 +1351,16 @@
+ uint32 buf[10];
+ uint32* v = buf;
+
+- if (samples > NITEMS(buf))
+- v = (uint32*) CheckMalloc(tif, samples, sizeof(uint32),
++ if (dir->tdir_count > NITEMS(buf))
++ v = (uint32*) CheckMalloc(tif, dir->tdir_count, sizeof(uint32),
+ "to fetch per-sample values");
+ if (v && TIFFFetchLongArray(tif, dir, v)) {
+ uint16 i;
+- for (i = 1; i < samples; i++)
++ int check_count = dir->tdir_count;
++
++ if( samples < check_count )
++ check_count = samples;
++ for (i = 1; i < check_count; i++)
+ if (v[i] != v[0]) {
+ TIFFError(tif->tif_name,
+ "Cannot handle different per-sample values for field \"%s\"",
+@@ -1384,12 +1392,16 @@
+ double buf[10];
+ double* v = buf;
+
+- if (samples > NITEMS(buf))
+- v = (double*) CheckMalloc(tif, samples, sizeof (double),
++ if (dir->tdir_count > NITEMS(buf))
++ v = (double*) CheckMalloc(tif, dir->tdir_count, sizeof (double),
+ "to fetch per-sample values");
+ if (v && TIFFFetchAnyArray(tif, dir, v)) {
+ uint16 i;
+- for (i = 1; i < samples; i++)
++ int check_count = dir->tdir_count;
++ if( samples < check_count )
++ check_count = samples;
++
++ for (i = 1; i < check_count; i++)
+ if (v[i] != v[0]) {
+ TIFFError(tif->tif_name,
+ "Cannot handle different per-sample values for field \"%s\"",
Home |
Main Index |
Thread Index |
Old Index