diff options
| author | salo <salo> | 2005-05-12 12:53:21 +0000 |
|---|---|---|
| committer | salo <salo> | 2005-05-12 12:53:21 +0000 |
| commit | e14b75bb05d9ef1a54aed8869201aed8b5cf761c (patch) | |
| tree | 737ffd4667d668fd0f03a4b73bd274ecbb3c3c4f /graphics/tiff | |
| parent | b0919d9e89f5d576a26ea27fdc440348f145dc6b (diff) | |
| download | pkgsrc-e14b75bb05d9ef1a54aed8869201aed8b5cf761c.tar.gz | |
Security fix:
"A vulnerability in libTIFF was found, it can be potentially exploited by
malicious people to compromise a vulnerable system."
http://secunia.com/advisories/15320/
http://bugzilla.remotesensing.org/show_bug.cgi?id=843
Bump PKGREVISION, patch from libtiff cvs repository.
Diffstat (limited to 'graphics/tiff')
| -rw-r--r-- | graphics/tiff/Makefile | 3 | ||||
| -rw-r--r-- | graphics/tiff/buildlink3.mk | 4 | ||||
| -rw-r--r-- | graphics/tiff/distinfo | 3 | ||||
| -rw-r--r-- | graphics/tiff/patches/patch-ad | 64 |
4 files changed, 70 insertions, 4 deletions
diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile index 683020f04a4..90cc5a5bb4e 100644 --- a/graphics/tiff/Makefile +++ b/graphics/tiff/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.68 2005/04/11 21:46:09 tv Exp $ +# $NetBSD: Makefile,v 1.69 2005/05/12 12:53:21 salo Exp $ DISTNAME= tiff-3.7.2 +PKGREVISION= 1 CATEGORIES= graphics MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \ http://libtiff.maptools.org/dl/ diff --git a/graphics/tiff/buildlink3.mk b/graphics/tiff/buildlink3.mk index 99fb489fee7..fd3842fa64d 100644 --- a/graphics/tiff/buildlink3.mk +++ b/graphics/tiff/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.11 2005/01/11 05:29:55 jlam Exp $ +# $NetBSD: buildlink3.mk,v 1.12 2005/05/12 12:53:21 salo Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ TIFF_BUILDLINK3_MK:= ${TIFF_BUILDLINK3_MK}+ @@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= tiff .if !empty(TIFF_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.tiff+= tiff>=3.6.1 -BUILDLINK_RECOMMENDED.tiff+= tiff>=3.7.1nb1 +BUILDLINK_RECOMMENDED.tiff+= tiff>=3.7.2nb1 BUILDLINK_PKGSRCDIR.tiff?= ../../graphics/tiff .endif # TIFF_BUILDLINK3_MK diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo index dfa6ae9e0ce..f7a6108a65f 100644 --- a/graphics/tiff/distinfo +++ b/graphics/tiff/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.28 2005/05/07 00:47:29 toshii Exp $ +$NetBSD: distinfo,v 1.29 2005/05/12 12:53:21 salo Exp $ SHA1 (tiff-3.7.2.tar.gz) = 0eb69e88bf6c430160ad2897cd0ae637d507ed66 RMD160 (tiff-3.7.2.tar.gz) = fb156e17f55b1d565adbc5247f01d836d5f25824 @@ -6,3 +6,4 @@ Size (tiff-3.7.2.tar.gz) = 1260598 bytes SHA1 (patch-aa) = 06ecb34e5eeae5650020b456dddd40c8b9fe9647 SHA1 (patch-ab) = 0363e36d8c7575b4a55fee587aa4d92ee6c6db0b SHA1 (patch-ac) = 80c0abc2e8111a9b7608514cce239c8195e44cee +SHA1 (patch-ad) = 2e448a0491c4137820ec81cf566cf1962fab6045 diff --git a/graphics/tiff/patches/patch-ad b/graphics/tiff/patches/patch-ad new file mode 100644 index 00000000000..163fdc010eb --- /dev/null +++ b/graphics/tiff/patches/patch-ad @@ -0,0 +1,64 @@ +$NetBSD: patch-ad,v 1.14 2005/05/12 12:53:21 salo Exp $ + +--- libtiff/tif_dirread.c.orig 2005-03-05 10:06:00.000000000 +0100 ++++ libtiff/tif_dirread.c 2005-05-12 14:38:22.000000000 +0200 +@@ -1310,12 +1310,16 @@ + uint16 buf[10]; + uint16* v = buf; + +- if (samples > NITEMS(buf)) +- v = (uint16*) CheckMalloc(tif, samples, sizeof(uint16), ++ if (dir->tdir_count > NITEMS(buf)) ++ v = (uint16*) CheckMalloc(tif, dir->tdir_count, sizeof(uint16), + "to fetch per-sample values"); + if (v && TIFFFetchShortArray(tif, dir, v)) { + uint16 i; +- for (i = 1; i < samples; i++) ++ int check_count = dir->tdir_count; ++ if( samples < check_count ) ++ check_count = samples; ++ ++ for (i = 1; i < check_count; i++) + if (v[i] != v[0]) { + TIFFError(tif->tif_name, + "Cannot handle different per-sample values for field \"%s\"", +@@ -1347,12 +1351,16 @@ + uint32 buf[10]; + uint32* v = buf; + +- if (samples > NITEMS(buf)) +- v = (uint32*) CheckMalloc(tif, samples, sizeof(uint32), ++ if (dir->tdir_count > NITEMS(buf)) ++ v = (uint32*) CheckMalloc(tif, dir->tdir_count, sizeof(uint32), + "to fetch per-sample values"); + if (v && TIFFFetchLongArray(tif, dir, v)) { + uint16 i; +- for (i = 1; i < samples; i++) ++ int check_count = dir->tdir_count; ++ ++ if( samples < check_count ) ++ check_count = samples; ++ for (i = 1; i < check_count; i++) + if (v[i] != v[0]) { + TIFFError(tif->tif_name, + "Cannot handle different per-sample values for field \"%s\"", +@@ -1384,12 +1392,16 @@ + double buf[10]; + double* v = buf; + +- if (samples > NITEMS(buf)) +- v = (double*) CheckMalloc(tif, samples, sizeof (double), ++ if (dir->tdir_count > NITEMS(buf)) ++ v = (double*) CheckMalloc(tif, dir->tdir_count, sizeof (double), + "to fetch per-sample values"); + if (v && TIFFFetchAnyArray(tif, dir, v)) { + uint16 i; +- for (i = 1; i < samples; i++) ++ int check_count = dir->tdir_count; ++ if( samples < check_count ) ++ check_count = samples; ++ ++ for (i = 1; i < check_count; i++) + if (v[i] != v[0]) { + TIFFError(tif->tif_name, + "Cannot handle different per-sample values for field \"%s\"", |