Subject: CVS commit: pkgsrc/graphics/tiff
To: None <pkgsrc-changes@NetBSD.org>
From: Jeremy C. Reed <reed@netbsd.org>
List: pkgsrc-changes
Date: 12/22/2004 03:57:15
Module Name: pkgsrc
Committed By: reed
Date: Wed Dec 22 03:57:15 UTC 2004
Modified Files:
pkgsrc/graphics/tiff: Makefile buildlink3.mk distinfo
pkgsrc/graphics/tiff/patches: patch-ag patch-ao
Log Message:
patch-ag and patch-ao already had security fixes for CESA-2004-006.
But now these are improved in response to
iDEFENSE Security Advisory 12.21.04
www.idefense.com/application/poi/display?id=173&type=vulnerabilities
libtiff STRIPOFFSETS Integer Overflow Vulnerability
December 21, 2004
This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.
PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.
To generate a diff of this commit:
cvs rdiff -r1.59 -r1.60 pkgsrc/graphics/tiff/Makefile
cvs rdiff -r1.8 -r1.9 pkgsrc/graphics/tiff/buildlink3.mk
cvs rdiff -r1.18 -r1.19 pkgsrc/graphics/tiff/distinfo
cvs rdiff -r1.7 -r1.8 pkgsrc/graphics/tiff/patches/patch-ag
cvs rdiff -r1.1 -r1.2 pkgsrc/graphics/tiff/patches/patch-ao
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.