Pullup ticket #5881 - requested by maya

graphics/tiff: security update

Revisions pulled up:
- graphics/tiff/Makefile                                        1.144
- graphics/tiff/PLIST                                           1.26
- graphics/tiff/distinfo                                        1.93
- graphics/tiff/patches/patch-CVE-2017-11613                    deleted
- graphics/tiff/patches/patch-CVE-2017-18013                    deleted
- graphics/tiff/patches/patch-CVE-2017-9935                     deleted
- graphics/tiff/patches/patch-CVE-2018-10963                    deleted
- graphics/tiff/patches/patch-CVE-2018-17100                    deleted
- graphics/tiff/patches/patch-CVE-2018-17101                    deleted
- graphics/tiff/patches/patch-CVE-2018-5784                     deleted
- graphics/tiff/patches/patch-CVE-2018-8905                     deleted
- graphics/tiff/patches/patch-libtiff_tif__jbig.c               deleted
- graphics/tiff/patches/patch-libtiff_tif__read.c               deleted
- graphics/tiff/patches/patch-tools_pal2rgb.c                   deleted

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Sat Nov 10 21:14:54 UTC 2018

   Modified Files:
   	pkgsrc/graphics/tiff: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/graphics/tiff/patches: patch-CVE-2017-11613 patch-CVE-2017-18013
   	    patch-CVE-2017-9935 patch-CVE-2018-10963 patch-CVE-2018-17100
   	    patch-CVE-2018-17101 patch-CVE-2018-5784 patch-CVE-2018-8905
   	    patch-libtiff_tif__jbig.c patch-libtiff_tif__read.c
   	    patch-tools_pal2rgb.c

   Log Message:
   tiff: update to 4.0.10

   It has been a year since the previous release.  This is the first
   release made from the Git repository at
   https://gitlab.com/libtiff/libtiff using a collaborative process.

   Since the previous release, a number of security issues have been
   fixed, and some significant new features have been added.

   This release adds support for Zstd and WebP compression algorithms.
   In their own way, each of these compression algorithms is highly
   complimentary to TIFF.

   Zstd provides improved compression and decompression speed vs zlib's
   Deflate as well as a broader range of compression ratios.  Zstd is
   developed by Facebook and the implementation continues to be improved.

   WebP is optimized for small/medium 8-bit images while offering
   improved compression performance vs traditional JPEG.  WebP works well
   in strips or tiles to compress large images down to very small files,
   while preserving a good looking image.  WebP is developed by Google,
   and its implementation continues to be improved.

   Due to Adobe's TIFF tag registration interface going off-line, we have
   had to assign our own tags for Zstd and WebP.


   To generate a diff of this commit:
   cvs rdiff -u -r1.143 -r1.144 pkgsrc/graphics/tiff/Makefile
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/graphics/tiff/PLIST
   cvs rdiff -u -r1.92 -r1.93 pkgsrc/graphics/tiff/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/tiff/patches/patch-CVE-2017-11613 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2017-18013 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2017-9935 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-10963 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-17100 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-17101 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-5784 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-8905 \
       pkgsrc/graphics/tiff/patches/patch-libtiff_tif__jbig.c \
       pkgsrc/graphics/tiff/patches/patch-libtiff_tif__read.c \
       pkgsrc/graphics/tiff/patches/patch-tools_pal2rgb.c

1 files changed, 0 insertions, 40 deletions

diff --git a/graphics/tiff/patches/patch-CVE-2018-8905 b/graphics/tiff/patches/patch-CVE-2018-8905
deleted file mode 100644
index 5df66525568..00000000000
--- a/graphics/tiff/patches/patch-CVE-2018-8905
+++ /dev/null
@@ -1,40 +0,0 @@
-$NetBSD: patch-CVE-2018-8905,v 1.1 2018/06/21 23:11:04 tez Exp $
-
-fix CVE-2018-8905 from https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d
-
-
---- libtiff/tif_lzw.c.orig	2017-07-11 13:27:35.000000000 +0000
-+++ libtiff/tif_lzw.c
-@@ -604,6 +604,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t
- 	char *tp;
- 	unsigned char *bp;
- 	int code, nbits;
-+	int len;
- 	long nextbits, nextdata, nbitsmask;
- 	code_t *codep, *free_entp, *maxcodep, *oldcodep;
- 
-@@ -755,13 +756,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t
- 				}  while (--occ);
- 				break;
- 			}
--			assert(occ >= codep->length);
--			op += codep->length;
--			occ -= codep->length;
--			tp = op;
-+			len = codep->length;
-+			tp = op + len;
- 			do {
--				*--tp = codep->value;
--			} while( (codep = codep->next) != NULL );
-+				int t;
-+				--tp;
-+				t = codep->value;
-+				codep = codep->next;
-+				*tp = (char)t;
-+			} while (codep && tp > op);
-+			assert(occ >= len);
-+			op += len;
-+			occ -= len;
- 		} else {
- 			*op++ = (char)code;
- 			occ--;