diff options
author | reed <reed@pkgsrc.org> | 2004-12-22 03:57:15 +0000 |
---|---|---|
committer | reed <reed@pkgsrc.org> | 2004-12-22 03:57:15 +0000 |
commit | 77d31fda4a27cdad3417f1ddc05f610f9526e513 (patch) | |
tree | 4c9624a27be2a06706acb701a3ead726ce327754 /graphics/tiff | |
parent | d97165a7978a97a5c49a207d0133a24933fc81af (diff) | |
download | pkgsrc-77d31fda4a27cdad3417f1ddc05f610f9526e513.tar.gz |
patch-ag and patch-ao already had security fixes for CESA-2004-006.
But now these are improved in response to
iDEFENSE Security Advisory 12.21.04
www.idefense.com/application/poi/display?id=173&type=vulnerabilities
libtiff STRIPOFFSETS Integer Overflow Vulnerability
December 21, 2004
This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.
PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.
Diffstat (limited to 'graphics/tiff')
-rw-r--r-- | graphics/tiff/Makefile | 4 | ||||
-rw-r--r-- | graphics/tiff/buildlink3.mk | 4 | ||||
-rw-r--r-- | graphics/tiff/distinfo | 6 | ||||
-rw-r--r-- | graphics/tiff/patches/patch-ag | 4 | ||||
-rw-r--r-- | graphics/tiff/patches/patch-ao | 4 |
5 files changed, 11 insertions, 11 deletions
diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile index 0e7259a2927..bfea8bc79f0 100644 --- a/graphics/tiff/Makefile +++ b/graphics/tiff/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.59 2004/11/26 15:32:34 jmmv Exp $ +# $NetBSD: Makefile,v 1.60 2004/12/22 03:57:15 reed Exp $ DISTNAME= tiff-v3.6.1 PKGNAME= ${DISTNAME:S/-v/-/} -PKGREVISION= 5 +PKGREVISION= 6 CATEGORIES= graphics MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/old/ \ ftp://ftp.fu-berlin.de/unix/graphics/tiff/old/ diff --git a/graphics/tiff/buildlink3.mk b/graphics/tiff/buildlink3.mk index 939c4c68827..43499428038 100644 --- a/graphics/tiff/buildlink3.mk +++ b/graphics/tiff/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.8 2004/10/03 00:14:58 tv Exp $ +# $NetBSD: buildlink3.mk,v 1.9 2004/12/22 03:57:15 reed Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ TIFF_BUILDLINK3_MK:= ${TIFF_BUILDLINK3_MK}+ @@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= tiff .if !empty(TIFF_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.tiff+= tiff>=3.6.1 -BUILDLINK_RECOMMENDED.tiff+= tiff>=3.6.1nb3 +BUILDLINK_RECOMMENDED.tiff+= tiff>=3.6.1nb6 BUILDLINK_PKGSRCDIR.tiff?= ../../graphics/tiff .endif # TIFF_BUILDLINK3_MK diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo index 091246a1d5f..c7f6d19973c 100644 --- a/graphics/tiff/distinfo +++ b/graphics/tiff/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.18 2004/10/18 14:37:24 tron Exp $ +$NetBSD: distinfo,v 1.19 2004/12/22 03:57:15 reed Exp $ SHA1 (tiff-3.6.1/tiff-v3.6.1.tar.gz) = f7817145d8756152cc341804df6477f37ef93c38 Size (tiff-3.6.1/tiff-v3.6.1.tar.gz) = 1072165 bytes @@ -12,7 +12,7 @@ SHA1 (patch-ac) = 754a02bb0561f8944fa1c870ab8dd6c1d6bf0c49 SHA1 (patch-ad) = b48c93d29d5ff39079b6d320c5e67d9c1cdde8c7 SHA1 (patch-ae) = 8272e39a8a0324b0f8a1e661721b5c9367c0d8e7 SHA1 (patch-af) = d6c9fd4f10c26e6b2ad8eb5ec51e9205504b62c7 -SHA1 (patch-ag) = 01be3aaddf62748bb575ae8cc71014566f519ce7 +SHA1 (patch-ag) = 9171499433deebf0b1f271fe5940bfc563446381 SHA1 (patch-ah) = 44ecf92862dc20cdb5e4b1dd4cdbf7c765dc95e2 SHA1 (patch-ai) = cab07f23d9ef47008fee393f1d4c2438d0c96124 SHA1 (patch-aj) = 9ea4c71308e73a20f10befcfabe31ecfce794519 @@ -20,7 +20,7 @@ SHA1 (patch-ak) = f3375d4b1f6a93c0a14c05ba2047ede622ddae9a SHA1 (patch-al) = 203c17a448cf61d9b92bf24b93ca87dc8aff2454 SHA1 (patch-am) = 812da6e94797ae976b86c65888804f470abda7a0 SHA1 (patch-an) = 22589375f39ec68e848efc3e11fb5142e8247919 -SHA1 (patch-ao) = 876bd5bf2c3dcc41c31396afc3d1adc6ce279a77 +SHA1 (patch-ao) = 2173925f79eba50a822b8914dc8b09f0b0140209 SHA1 (patch-ap) = 83a15df9ecb4c8c81c808c02ea59f0941c4ba135 SHA1 (patch-aq) = d9056e59e185bc8a7e6375ba0f9c9ffc6f537344 SHA1 (patch-ar) = 9ba144120468a1674276dab4fc15ebba54e594fe diff --git a/graphics/tiff/patches/patch-ag b/graphics/tiff/patches/patch-ag index f7a7ef05d1c..377ae4c0cf2 100644 --- a/graphics/tiff/patches/patch-ag +++ b/graphics/tiff/patches/patch-ag @@ -1,4 +1,4 @@ -$NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $ +$NetBSD: patch-ag,v 1.8 2004/12/22 03:57:15 reed Exp $ --- libtiff/tif_fax3.c.orig 2003-11-06 09:22:13.000000000 +0100 +++ libtiff/tif_fax3.c 2004-10-18 16:24:04.000000000 +0200 @@ -12,7 +12,7 @@ $NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $ + char *cp = NULL; + tsize_t bytes = nmemb * elem_size; + -+ if (elem_size && bytes / elem_size == nmemb) ++ if (nmemb && elem_size && bytes / elem_size == nmemb) + cp = (char*) _TIFFmalloc(bytes); + + if (cp == NULL) diff --git a/graphics/tiff/patches/patch-ao b/graphics/tiff/patches/patch-ao index f2be1528adf..91d2fa79a0c 100644 --- a/graphics/tiff/patches/patch-ao +++ b/graphics/tiff/patches/patch-ao @@ -1,4 +1,4 @@ -$NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $ +$NetBSD: patch-ao,v 1.2 2004/12/22 03:57:15 reed Exp $ --- libtiff/tif_dirread.c.orig 2003-12-22 09:22:15.000000000 +0100 +++ libtiff/tif_dirread.c 2004-10-18 16:25:32.000000000 +0200 @@ -13,7 +13,7 @@ $NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $ + char *cp = NULL; + tsize_t bytes = nmemb * elem_size; + -+ if (elem_size && bytes / elem_size == nmemb) ++ if (nmemb && elem_size && bytes / elem_size == nmemb) + cp = (char*)_TIFFmalloc(bytes); + if (cp == NULL) |