Security fix for CVE-2006-2193:

"A vulnerability in LibTIFF can be exploited by malicious people to
 cause a DoS (Denial of Service) and potentially compromise a user's
 system.

 The vulnerability is caused due to a boundary error within tiff2pdf
 when handling a TIFF file with a "DocumentName" tag that contains
 UTF-8 characters.  This can be exploited to cause a stack-based buffer
 overflow and may allow arbitrary code execution."

http://secunia.com/advisories/20488/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193

Patch from Ubuntu.

1 files changed, 15 insertions, 0 deletions

diff --git a/graphics/tiff/patches/patch-au b/graphics/tiff/patches/patch-au
new file mode 100644
index 00000000000..822d33121a3
--- /dev/null
+++ b/graphics/tiff/patches/patch-au
@@ -0,0 +1,15 @@
+$NetBSD: patch-au,v 1.5 2006/06/08 11:05:14 salo Exp $
+
+Security fix for CVE-2006-2193, from Ubuntu.
+
+--- tools/tiff2pdf.c.orig	2006-03-21 17:42:51.000000000 +0100
++++ tools/tiff2pdf.c	2006-06-08 12:39:11.000000000 +0200
+@@ -3668,7 +3668,7 @@
+ 	written += TIFFWriteFile(output, (tdata_t) "(", 1);
+ 	for (i=0;i<len;i++){
+ 		if((pdfstr[i]&0x80) || (pdfstr[i]==127) || (pdfstr[i]<32)){
+-			sprintf(buffer, "\\%.3o", pdfstr[i]);
++			sprintf(buffer, "\\%.3hho", pdfstr[i]);
+ 			written += TIFFWriteFile(output, (tdata_t) buffer, 4);
+ 		} else {
+ 			switch (pdfstr[i]){