diff options
author | he <he@pkgsrc.org> | 2017-05-05 19:16:57 +0000 |
---|---|---|
committer | he <he@pkgsrc.org> | 2017-05-05 19:16:57 +0000 |
commit | 4fef3d9b6a85e34dc387862b2bbfd98688b0a2a6 (patch) | |
tree | c2319311687b612beb969342d14619f18cd123f8 /graphics/tiff | |
parent | 5b38e2adbb01d9e7001015f023e373d1b0751e76 (diff) | |
download | pkgsrc-4fef3d9b6a85e34dc387862b2bbfd98688b0a2a6.tar.gz |
Apply fix from upstream to fix CVE-2016-10092, ref.
http://bugzilla.maptools.org/show_bug.cgi?id=2620 and
https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a
Bump PKGREVISION.
Diffstat (limited to 'graphics/tiff')
-rw-r--r-- | graphics/tiff/Makefile | 4 | ||||
-rw-r--r-- | graphics/tiff/patches/patch-tools_tiffcrop.c | 17 |
2 files changed, 19 insertions, 2 deletions
diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile index 594ebe22081..e03848ef6ff 100644 --- a/graphics/tiff/Makefile +++ b/graphics/tiff/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.126 2017/05/03 23:00:59 sevan Exp $ +# $NetBSD: Makefile,v 1.127 2017/05/05 19:16:57 he Exp $ DISTNAME= tiff-4.0.7 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= graphics MASTER_SITES= ftp://download.osgeo.org/libtiff/ diff --git a/graphics/tiff/patches/patch-tools_tiffcrop.c b/graphics/tiff/patches/patch-tools_tiffcrop.c new file mode 100644 index 00000000000..9c3a6230d84 --- /dev/null +++ b/graphics/tiff/patches/patch-tools_tiffcrop.c @@ -0,0 +1,17 @@ +$NetBSD$ + +Fix for CVE-2016-10092, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2620 +and +https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a + +--- tools/tiffcrop.c.orig 2016-11-19 01:45:30.000000000 +0000 ++++ tools/tiffcrop.c +@@ -3698,7 +3698,7 @@ static int readContigStripsIntoBuffer (T + (unsigned long) strip, (unsigned long)rows); + return 0; + } +- bufp += bytes_read; ++ bufp += stripsize; + } + + return 1; |