patch-ag and patch-ao already had security fixes for CESA-2004-006.

But now these are improved in response to iDEFENSE Security Advisory 12.21.04 www.idefense.com/application/poi/display?id=173&type=vulnerabilities libtiff STRIPOFFSETS Integer Overflow Vulnerability December 21, 2004 This fix (in two files) was from that advisory and also seen in tiff 3.7.1. PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for this possible security issue. Other packages depending on this are not bumped.
author: reed <reed@pkgsrc.org> 2004-12-22 03:57:15 +0000
committer: reed <reed@pkgsrc.org> 2004-12-22 03:57:15 +0000
commit: 9b7e84c44bf593e1ee1a0fcbb44a5649c5da27f0 (patch)
tree: 4c9624a27be2a06706acb701a3ead726ce327754 /graphics/tiff
parent: fa2c4cc740e942d43faf6da561b5d4cef120c9ce (diff)
download: pkgsrc-9b7e84c44bf593e1ee1a0fcbb44a5649c5da27f0.tar.gz
5 files changed, 11 insertions, 11 deletions
diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile
index 0e7259a2927..bfea8bc79f0 100644
--- a/graphics/tiff/Makefile
+++ b/graphics/tiff/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.59 2004/11/26 15:32:34 jmmv Exp $
+# $NetBSD: Makefile,v 1.60 2004/12/22 03:57:15 reed Exp $
 
 DISTNAME=	tiff-v3.6.1
 PKGNAME=	${DISTNAME:S/-v/-/}
-PKGREVISION=	5
+PKGREVISION=	6
 CATEGORIES=	graphics
 MASTER_SITES=	ftp://ftp.remotesensing.org/pub/libtiff/old/ \
 		ftp://ftp.fu-berlin.de/unix/graphics/tiff/old/
diff --git a/graphics/tiff/buildlink3.mk b/graphics/tiff/buildlink3.mk
index 939c4c68827..43499428038 100644
--- a/graphics/tiff/buildlink3.mk
+++ b/graphics/tiff/buildlink3.mk
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.8 2004/10/03 00:14:58 tv Exp $
+# $NetBSD: buildlink3.mk,v 1.9 2004/12/22 03:57:15 reed Exp $
 
 BUILDLINK_DEPTH:=	${BUILDLINK_DEPTH}+
 TIFF_BUILDLINK3_MK:=	${TIFF_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+=	tiff
 
 .if !empty(TIFF_BUILDLINK3_MK:M+)
 BUILDLINK_DEPENDS.tiff+=	tiff>=3.6.1
-BUILDLINK_RECOMMENDED.tiff+=	tiff>=3.6.1nb3
+BUILDLINK_RECOMMENDED.tiff+=	tiff>=3.6.1nb6
 BUILDLINK_PKGSRCDIR.tiff?=	../../graphics/tiff
 .endif	# TIFF_BUILDLINK3_MK
 
diff --git a/graphics/tiff/distinfo b/graphics/tiff/distinfo
index 091246a1d5f..c7f6d19973c 100644
--- a/graphics/tiff/distinfo
+++ b/graphics/tiff/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.18 2004/10/18 14:37:24 tron Exp $
+$NetBSD: distinfo,v 1.19 2004/12/22 03:57:15 reed Exp $
 
 SHA1 (tiff-3.6.1/tiff-v3.6.1.tar.gz) = f7817145d8756152cc341804df6477f37ef93c38
 Size (tiff-3.6.1/tiff-v3.6.1.tar.gz) = 1072165 bytes
@@ -12,7 +12,7 @@ SHA1 (patch-ac) = 754a02bb0561f8944fa1c870ab8dd6c1d6bf0c49
 SHA1 (patch-ad) = b48c93d29d5ff39079b6d320c5e67d9c1cdde8c7
 SHA1 (patch-ae) = 8272e39a8a0324b0f8a1e661721b5c9367c0d8e7
 SHA1 (patch-af) = d6c9fd4f10c26e6b2ad8eb5ec51e9205504b62c7
-SHA1 (patch-ag) = 01be3aaddf62748bb575ae8cc71014566f519ce7
+SHA1 (patch-ag) = 9171499433deebf0b1f271fe5940bfc563446381
 SHA1 (patch-ah) = 44ecf92862dc20cdb5e4b1dd4cdbf7c765dc95e2
 SHA1 (patch-ai) = cab07f23d9ef47008fee393f1d4c2438d0c96124
 SHA1 (patch-aj) = 9ea4c71308e73a20f10befcfabe31ecfce794519
@@ -20,7 +20,7 @@ SHA1 (patch-ak) = f3375d4b1f6a93c0a14c05ba2047ede622ddae9a
 SHA1 (patch-al) = 203c17a448cf61d9b92bf24b93ca87dc8aff2454
 SHA1 (patch-am) = 812da6e94797ae976b86c65888804f470abda7a0
 SHA1 (patch-an) = 22589375f39ec68e848efc3e11fb5142e8247919
-SHA1 (patch-ao) = 876bd5bf2c3dcc41c31396afc3d1adc6ce279a77
+SHA1 (patch-ao) = 2173925f79eba50a822b8914dc8b09f0b0140209
 SHA1 (patch-ap) = 83a15df9ecb4c8c81c808c02ea59f0941c4ba135
 SHA1 (patch-aq) = d9056e59e185bc8a7e6375ba0f9c9ffc6f537344
 SHA1 (patch-ar) = 9ba144120468a1674276dab4fc15ebba54e594fe
diff --git a/graphics/tiff/patches/patch-ag b/graphics/tiff/patches/patch-ag
index f7a7ef05d1c..377ae4c0cf2 100644
--- a/graphics/tiff/patches/patch-ag
+++ b/graphics/tiff/patches/patch-ag
@@ -1,4 +1,4 @@
-$NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $
+$NetBSD: patch-ag,v 1.8 2004/12/22 03:57:15 reed Exp $
 
 --- libtiff/tif_fax3.c.orig	2003-11-06 09:22:13.000000000 +0100
 +++ libtiff/tif_fax3.c	2004-10-18 16:24:04.000000000 +0200
@@ -12,7 +12,7 @@ $NetBSD: patch-ag,v 1.7 2004/10/18 14:37:24 tron Exp $
 +	char	*cp = NULL;
 +	tsize_t	bytes = nmemb * elem_size;
 +
-+	if (elem_size && bytes / elem_size == nmemb)
++	if (nmemb && elem_size && bytes / elem_size == nmemb)
 +		cp = (char*) _TIFFmalloc(bytes);
 +
 +	if (cp == NULL)
diff --git a/graphics/tiff/patches/patch-ao b/graphics/tiff/patches/patch-ao
index f2be1528adf..91d2fa79a0c 100644
--- a/graphics/tiff/patches/patch-ao
+++ b/graphics/tiff/patches/patch-ao
@@ -1,4 +1,4 @@
-$NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $
+$NetBSD: patch-ao,v 1.2 2004/12/22 03:57:15 reed Exp $
 
 --- libtiff/tif_dirread.c.orig	2003-12-22 09:22:15.000000000 +0100
 +++ libtiff/tif_dirread.c	2004-10-18 16:25:32.000000000 +0200
@@ -13,7 +13,7 @@ $NetBSD: patch-ao,v 1.1 2004/10/18 14:37:24 tron Exp $
 +	char	*cp = NULL;
 +	tsize_t	bytes = nmemb * elem_size;
 +
-+	if (elem_size && bytes / elem_size == nmemb)
++	if (nmemb && elem_size && bytes / elem_size == nmemb)
 +		cp = (char*)_TIFFmalloc(bytes);
 +
  	if (cp == NULL)
author	reed <reed@pkgsrc.org>	2004-12-22 03:57:15 +0000
committer	reed <reed@pkgsrc.org>	2004-12-22 03:57:15 +0000
commit	9b7e84c44bf593e1ee1a0fcbb44a5649c5da27f0 (patch)
tree	4c9624a27be2a06706acb701a3ead726ce327754 /graphics/tiff
parent	fa2c4cc740e942d43faf6da561b5d4cef120c9ce (diff)
download	pkgsrc-9b7e84c44bf593e1ee1a0fcbb44a5649c5da27f0.tar.gz