diff options
author | reed <reed> | 2004-12-22 03:57:15 +0000 |
---|---|---|
committer | reed <reed> | 2004-12-22 03:57:15 +0000 |
commit | 8fe273e21c80fb1306aa6943a981e0f5509fb8a2 (patch) | |
tree | 4c9624a27be2a06706acb701a3ead726ce327754 /graphics/tiff/patches | |
parent | 4d404bc758ddc891df98f367c13e9b16b2368afb (diff) | |
download | pkgsrc-8fe273e21c80fb1306aa6943a981e0f5509fb8a2.tar.gz |
patch-ag and patch-ao already had security fixes for CESA-2004-006.
But now these are improved in response to
iDEFENSE Security Advisory 12.21.04
www.idefense.com/application/poi/display?id=173&type=vulnerabilities
libtiff STRIPOFFSETS Integer Overflow Vulnerability
December 21, 2004
This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.
PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.
Diffstat (limited to 'graphics/tiff/patches')
-rw-r--r-- | graphics/tiff/patches/patch-ag | 4 | ||||
-rw-r--r-- | graphics/tiff/patches/patch-ao | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/graphics/tiff/patches/patch-ag b/graphics/tiff/patches/patch-ag index f7a7ef05d1c..377ae4c0cf2 100644 --- a/graphics/tiff/patches/patch-ag +++ b/graphics/tiff/patches/patch-ag @@ -1,4 +1,4 @@ -$NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $ +$NetBSD: patch-ag,v 1.8 2004/12/22 03:57:15 reed Exp $ --- libtiff/tif_fax3.c.orig 2003-11-06 09:22:13.000000000 +0100 +++ libtiff/tif_fax3.c 2004-10-18 16:24:04.000000000 +0200 @@ -12,7 +12,7 @@ $NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $ + char *cp = NULL; + tsize_t bytes = nmemb * elem_size; + -+ if (elem_size && bytes / elem_size == nmemb) ++ if (nmemb && elem_size && bytes / elem_size == nmemb) + cp = (char*) _TIFFmalloc(bytes); + + if (cp == NULL) diff --git a/graphics/tiff/patches/patch-ao b/graphics/tiff/patches/patch-ao index f2be1528adf..91d2fa79a0c 100644 --- a/graphics/tiff/patches/patch-ao +++ b/graphics/tiff/patches/patch-ao @@ -1,4 +1,4 @@ -$NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $ +$NetBSD: patch-ao,v 1.2 2004/12/22 03:57:15 reed Exp $ --- libtiff/tif_dirread.c.orig 2003-12-22 09:22:15.000000000 +0100 +++ libtiff/tif_dirread.c 2004-10-18 16:25:32.000000000 +0200 @@ -13,7 +13,7 @@ $NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $ + char *cp = NULL; + tsize_t bytes = nmemb * elem_size; + -+ if (elem_size && bytes / elem_size == nmemb) ++ if (nmemb && elem_size && bytes / elem_size == nmemb) + cp = (char*)_TIFFmalloc(bytes); + if (cp == NULL) |