Add patches from either libtiff's or Red Hat's Bugzilla which fix the

following vulnerabilities: - CVE-2010-2233 - CVE-2010-2482 - CVE-2010-2483 - CVE-2010-2595 - CVE-2010-2597 There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion gets triggered) and cannot be exploited after the above vulnerabilities are fixed (at least if I understood correctly). No butcher was involved in fixing this package.
author: tron <tron> 2010-08-04 17:48:22 +0000
committer: tron <tron> 2010-08-04 17:48:22 +0000
commit: 8fff730d0116d1bf90edc9c98900d18f84f468c3 (patch)
tree: 1368247758f187479629969bd30836a1963df3cf /graphics/tiff/distinfo
parent: 07776c2466efc98b2d26223f9ecec94025eb9c2b (diff)
download: pkgsrc-8fff730d0116d1bf90edc9c98900d18f84f468c3.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo
index 83ec59227f1..92a8e3875ab 100644
--- a/graphics/tiff/distinfo
+++ b/graphics/tiff/distinfo
@@ -1,5 +1,10 @@
-$NetBSD: distinfo,v 1.48 2010/06/16 13:56:41 drochner Exp $
+$NetBSD: distinfo,v 1.49 2010/08/04 17:48:22 tron Exp $
 
 SHA1 (tiff-3.9.4.tar.gz) = a4e32d55afbbcabd0391a9c89995e8e8a19961de
 RMD160 (tiff-3.9.4.tar.gz) = 3e0a74b6294297c16fb983ad68056a1dfbbdb1de
 Size (tiff-3.9.4.tar.gz) = 1436968 bytes
+SHA1 (patch-aa) = 0ed02eb18454f4d91bf2fad6b9262bc442cd0822
+SHA1 (patch-ab) = 66101ec437ff222d629120e52e2011ea5b36dca0
+SHA1 (patch-ac) = 7211eebf68e73790ac1263efb16943e59cbffa95
+SHA1 (patch-ad) = bae790a9309967f874987f1da57e5f93a67094e1
+SHA1 (patch-ae) = 33dd5e9307a55273e9aaacdd7f5f9aea51aa5adc
author	tron <tron>	2010-08-04 17:48:22 +0000
committer	tron <tron>	2010-08-04 17:48:22 +0000
commit	8fff730d0116d1bf90edc9c98900d18f84f468c3 (patch)
tree	1368247758f187479629969bd30836a1963df3cf /graphics/tiff/distinfo
parent	07776c2466efc98b2d26223f9ecec94025eb9c2b (diff)
download	pkgsrc-8fff730d0116d1bf90edc9c98900d18f84f468c3.tar.gz