pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/tiff patch-ag and patch-ao already had securi...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/1c574dc41fab
branches:  trunk
changeset: 486060:1c574dc41fab
user:      reed <reed%pkgsrc.org@localhost>
date:      Wed Dec 22 03:57:15 2004 +0000

description:
patch-ag and patch-ao already had security fixes for CESA-2004-006.
But now these are improved in response to
 iDEFENSE Security Advisory 12.21.04
 www.idefense.com/application/poi/display?id=173&type=vulnerabilities
 libtiff STRIPOFFSETS Integer Overflow Vulnerability
 December 21, 2004

This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.

PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.

diffstat:

 graphics/tiff/Makefile         |  4 ++--
 graphics/tiff/buildlink3.mk    |  4 ++--
 graphics/tiff/distinfo         |  6 +++---
 graphics/tiff/patches/patch-ag |  4 ++--
 graphics/tiff/patches/patch-ao |  4 ++--
 5 files changed, 11 insertions(+), 11 deletions(-)

diffs (95 lines):

diff -r 639276e8a0bc -r 1c574dc41fab graphics/tiff/Makefile
--- a/graphics/tiff/Makefile    Wed Dec 22 02:46:03 2004 +0000
+++ b/graphics/tiff/Makefile    Wed Dec 22 03:57:15 2004 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.59 2004/11/26 15:32:34 jmmv Exp $
+# $NetBSD: Makefile,v 1.60 2004/12/22 03:57:15 reed Exp $
 
 DISTNAME=      tiff-v3.6.1
 PKGNAME=       ${DISTNAME:S/-v/-/}
-PKGREVISION=   5
+PKGREVISION=   6
 CATEGORIES=    graphics
 MASTER_SITES=  ftp://ftp.remotesensing.org/pub/libtiff/old/ \
                ftp://ftp.fu-berlin.de/unix/graphics/tiff/old/
diff -r 639276e8a0bc -r 1c574dc41fab graphics/tiff/buildlink3.mk
--- a/graphics/tiff/buildlink3.mk       Wed Dec 22 02:46:03 2004 +0000
+++ b/graphics/tiff/buildlink3.mk       Wed Dec 22 03:57:15 2004 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.8 2004/10/03 00:14:58 tv Exp $
+# $NetBSD: buildlink3.mk,v 1.9 2004/12/22 03:57:15 reed Exp $
 
 BUILDLINK_DEPTH:=      ${BUILDLINK_DEPTH}+
 TIFF_BUILDLINK3_MK:=   ${TIFF_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
 
 .if !empty(TIFF_BUILDLINK3_MK:M+)
 BUILDLINK_DEPENDS.tiff+=       tiff>=3.6.1
-BUILDLINK_RECOMMENDED.tiff+=   tiff>=3.6.1nb3
+BUILDLINK_RECOMMENDED.tiff+=   tiff>=3.6.1nb6
 BUILDLINK_PKGSRCDIR.tiff?=     ../../graphics/tiff
 .endif # TIFF_BUILDLINK3_MK
 
diff -r 639276e8a0bc -r 1c574dc41fab graphics/tiff/distinfo
--- a/graphics/tiff/distinfo    Wed Dec 22 02:46:03 2004 +0000
+++ b/graphics/tiff/distinfo    Wed Dec 22 03:57:15 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.18 2004/10/18 14:37:24 tron Exp $
+$NetBSD: distinfo,v 1.19 2004/12/22 03:57:15 reed Exp $
 
 SHA1 (tiff-3.6.1/tiff-v3.6.1.tar.gz) = f7817145d8756152cc341804df6477f37ef93c38
 Size (tiff-3.6.1/tiff-v3.6.1.tar.gz) = 1072165 bytes
@@ -12,7 +12,7 @@
 SHA1 (patch-ad) = b48c93d29d5ff39079b6d320c5e67d9c1cdde8c7
 SHA1 (patch-ae) = 8272e39a8a0324b0f8a1e661721b5c9367c0d8e7
 SHA1 (patch-af) = d6c9fd4f10c26e6b2ad8eb5ec51e9205504b62c7
-SHA1 (patch-ag) = 01be3aaddf62748bb575ae8cc71014566f519ce7
+SHA1 (patch-ag) = 9171499433deebf0b1f271fe5940bfc563446381
 SHA1 (patch-ah) = 44ecf92862dc20cdb5e4b1dd4cdbf7c765dc95e2
 SHA1 (patch-ai) = cab07f23d9ef47008fee393f1d4c2438d0c96124
 SHA1 (patch-aj) = 9ea4c71308e73a20f10befcfabe31ecfce794519
@@ -20,7 +20,7 @@
 SHA1 (patch-al) = 203c17a448cf61d9b92bf24b93ca87dc8aff2454
 SHA1 (patch-am) = 812da6e94797ae976b86c65888804f470abda7a0
 SHA1 (patch-an) = 22589375f39ec68e848efc3e11fb5142e8247919
-SHA1 (patch-ao) = 876bd5bf2c3dcc41c31396afc3d1adc6ce279a77
+SHA1 (patch-ao) = 2173925f79eba50a822b8914dc8b09f0b0140209
 SHA1 (patch-ap) = 83a15df9ecb4c8c81c808c02ea59f0941c4ba135
 SHA1 (patch-aq) = d9056e59e185bc8a7e6375ba0f9c9ffc6f537344
 SHA1 (patch-ar) = 9ba144120468a1674276dab4fc15ebba54e594fe
diff -r 639276e8a0bc -r 1c574dc41fab graphics/tiff/patches/patch-ag
--- a/graphics/tiff/patches/patch-ag    Wed Dec 22 02:46:03 2004 +0000
+++ b/graphics/tiff/patches/patch-ag    Wed Dec 22 03:57:15 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $
+$NetBSD: patch-ag,v 1.8 2004/12/22 03:57:15 reed Exp $
 
 --- libtiff/tif_fax3.c.orig    2003-11-06 09:22:13.000000000 +0100
 +++ libtiff/tif_fax3.c 2004-10-18 16:24:04.000000000 +0200
@@ -12,7 +12,7 @@
 +      char    *cp = NULL;
 +      tsize_t bytes = nmemb * elem_size;
 +
-+      if (elem_size && bytes / elem_size == nmemb)
++      if (nmemb && elem_size && bytes / elem_size == nmemb)
 +              cp = (char*) _TIFFmalloc(bytes);
 +
 +      if (cp == NULL)
diff -r 639276e8a0bc -r 1c574dc41fab graphics/tiff/patches/patch-ao
--- a/graphics/tiff/patches/patch-ao    Wed Dec 22 02:46:03 2004 +0000
+++ b/graphics/tiff/patches/patch-ao    Wed Dec 22 03:57:15 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $
+$NetBSD: patch-ao,v 1.2 2004/12/22 03:57:15 reed Exp $
 
 --- libtiff/tif_dirread.c.orig 2003-12-22 09:22:15.000000000 +0100
 +++ libtiff/tif_dirread.c      2004-10-18 16:25:32.000000000 +0200
@@ -13,7 +13,7 @@
 +      char    *cp = NULL;
 +      tsize_t bytes = nmemb * elem_size;
 +
-+      if (elem_size && bytes / elem_size == nmemb)
++      if (nmemb && elem_size && bytes / elem_size == nmemb)
 +              cp = (char*)_TIFFmalloc(bytes);
 +
        if (cp == NULL)



Home | Main Index | Thread Index | Old Index