Age | Commit message (Collapse) | Author | Files | Lines |
|
Problems found with existing digests:
Package fotoxx distfile fotoxx-14.03.1.tar.gz
ac2033f87de2c23941261f7c50160cddf872c110 [recorded]
118e98a8cc0414676b3c4d37b8df407c28a1407c [calculated]
Package ploticus-examples distfile ploticus-2.00/plnode200.tar.gz
34274a03d0c41fae5690633663e3d4114b9d7a6d [recorded]
da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
Problems found locating distfiles:
Package AfterShotPro: missing distfile AfterShotPro-1.1.0.30/AfterShotPro_i386.deb
Package pgraf: missing distfile pgraf-20010131.tar.gz
Package qvplay: missing distfile qvplay-0.95.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
MAJOR CHANGES:
Now builds with CMake 2.8.9 and newer (previously required
3.0.0)
CHANGES IN THE SOFTWARE CONFIGURATION:
CMakeLists.txt / CMake
Supports CMake 2.8.9 and later.
Add missing file which wasn't being distributed, causing
unit tests to fail.
Make shared/static library building configurable.
CMake reads all version information directly from configure.ac
to avoid duplication of values.
CMake builds are now included in 'distcheck' target.
Makefile.am
Autotools 'make distcheck' now tests the CMake-based build
if CMake is available.
CHANGES IN LIBTIFF:
Fixes to avoid undefined behaviour of signed types (C standard
compliance).
Fixes to avoid possible isses when casting to unsigned char.
Fixes to avoid undefined behaviour with shifts.
Fix generation of output with 16 bit or 32 bit integer, when
byte swapping is needed, in horizontal predictor (#2521).
Fix decoding when there is a single pixel to decode (unlikely
case...) and byte swapping is involved.
Add add explicit masking with 0xff before casting to uchar in
floating-point horizontal differencing and accumulation routines.
Eliminate requirement for and use of 64-bit constant values.
CHANGES IN THE TOOLS:
tiffgt
Silence glut API deprecation warnings on MacOS X.
fax2ps
Detect failure to write to temporary file.
|
|
* Support for configure/build using CMake.
* Support for large (> 2GB) files under Microsoft Windows.
|
|
|
|
Changelog:
2015-06-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff 4.0.4 released.
* configure.ac: Add a HAVE_FOO Automake conditional for each
add-on library.
* test/Makefile.am (JPEG_DEPENDENT_CHECK_PROG): raw_decode
requires JPEG support to compile. Use Automake conditional to
only include it when JPEG support is available.
* html/build.html: Try to improve the nmake-based VC++ build
description.
* libtiff/tiffconf.vc.h: Build fixes based on testing.
* libtiff/tif_config.vc.h: Build fixes based on testing.
* libtiff/libtiff.def: TIFFRasterScanline does not exist so remove
export for it.
2015-06-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_config.vc.h: Make adjustments to match the new
definitions that configure produces, including for WIN64. Still
needs to be tested.
* configure.ac: For 64-bit MinGW, fix SSIZE_FORMAT formatting
specifier. 64-bit MinGW supports 'long long' but support for
'lld' is not assured by the run-time DLLs and so GCC warns.
Add TIFF_SIZE_T and TIFF_SIZE_FORMAT to provide a type definition
and printf format specifier to deal with printing values of
'size_t' type. In particular, this was necessary for WIN64.
Added a configure test for if the system headers provide 'optarg'
(normal case) and block out the many explicit 'extern' statements
in the utilities. This was found to be necessary under Windows
when getopt is in a DLL and the symbols are already imported with
dllimport via standard header files.
* test/raw_decode.c (XMD_H): Avoid conflicting typedefs for INT32
and boolean in MinGW build due to including jpeglib.h.
* test/rewrite_tag.c (main): Fix problem with location of variable
declaration.
* libtiff/libtiff.def: Added exports for TIFFGetConfiguredCODECs,
TIFFReadRGBAImageOriented, TIFFSetCompressionScheme,
TIFFSwabArrayOfTriples, TIFFVGetFieldDefaulted, _TIFFCheckRealloc,
TIFFRasterScanline, TIFFSetErrorHandlerExt,
TIFFSetWarningHandlerExt, TIFFNumberOfDirectories,
TIFFCreateCustomDirectory, TIFFCreateEXIFDirectory,
TIFFWriteCustomDirectory, _TIFFRewriteField as recommended by
Roger Leigh and justified by use in libtiff tests, documentation,
and changelog notes. Also sorted symbol list and removed
duplicate entries.
2015-06-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_getimage.c: Fix four Coverity issues related to
unintended sign extension.
2015-06-16 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_unix.c: fix compilation with MSVC (fix by Jeff McKenna)
2015-06-14 Lee Howard <faxguy@howardsilvan.com>
* libtiff/tif_unix.c: contribution from Vadim Zeitlin on
Bugzilla Bug #2510 fixes several harmless but still annoying
warnings
* configure: contribution from Ludolf Holzheid on Bugzilla
Bug #2498. Adds an option to select the file I/O style on
Windows hosts.
* libtiff/tif_getimage.c: contribution from Gary Cramblitt
on Bugzilla Bug #2409. Correct reading of certain tiled TIFFs.
* configure, configure.ac: contribution from Marcos H. Woehrmann
on Bugzilla Bug #2405. Correct shell equality operator.
* tools/tiffgt.c (raster_draw): contribution from Jay Berkenbilt
on Bugzilla Bug #2401. Appropriately call glFlush().
* tools/tiff2pdf.c: change ColorTransform from "0" to "1"
following Bugzilla Bug #2150.
2015-06-13 Lee Howard <faxguy@howardsilvan.com>
* libtiff/tif_lzw.c: contribution from Andy Cave - decode
files that contain consecutive CODE_CLEAR codes.
* tools/tiff2pdf.c: contribution from Antti S. Lankila on
Bugzilla Bug #2078. Suppress initial output of the header.
* tools/tiff2pdf.c: contribution from Yuriy M. Kaminskiy -
Take care in using the return value from snprintf().
* tools/tiffcrop.c: contribution from Eduardo Robles Elvira -
correctly copy the compression tag from the source TIFF.
* tools/tiff2ps.c: contribution from Eduardo Robles Elvira -
correct sizing and scaling problems with output document.
2015-06-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_jpeg.c (JPEGDecode): Split JPEGDecode() into two
clean implementations in order to avoid pre-processor hell. Only
one of the implementations is used in a given build.
2015-06-08 Even Rouault <even.rouault at spatialys.com>
* libtiff/tif_jpeg.c: Fix compilation in BITS_IN_JSAMPLE == 12
case
2015-06-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_write.c (TIFFWriteEncodedStrip): Fix Coverity 715975
"Division or modulo by zero".
(TIFFWriteEncodedTile): Fix Coverity 715976 and 715977 "Division
or modulo by zero".
(TIFFWriteRawStrip): Fix Coverity 715978 "Division or modulo by
zero".
(TIFFWriteScanline): Fix Coverity 715979 "Division or modulo by
zero".
* libtiff/tif_read.c (TIFFStartTile): Fix Coverity 715973 and
715974 "Division or modulo by zero".
2015-05-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dir.c (TIFFNumberOfDirectories): Quiet Coverity
1134470 "Logically dead code" by making the roll-over check
explicit.
* libtiff/tif_luv.c (LogLuvDecodeTile): Fix Coverity 991227
"Division or modulo by zero".
(LogLuvDecodeStrip): Fix Coverity 991239 "Division or modulo by
zero".
(LogLuvEncodeStrip): Fix Coverity 991240 "Division or modulo by
zero".
(LogLuvEncodeTile): Fix Coverity 991241 "Division or modulo by
zero".
* libtiff/tif_dirread.c (TIFFReadDirEntryDoubleArray): Fix
Coverity 298626 "Logically dead code".
(TIFFReadDirEntryFloatArray): Fix Coverity 298627 "Logically dead
code".
(TIFFReadDirEntryIfd8Array): Fix Coverity 298628 "Logically dead
code".
(TIFFReadDirEntrySlong8Array): Fix Coverity 298629 "Logically dead
code"
* libtiff/tif_dir.c (TIFFNumberOfDirectories): Don't depend on ++
operator precedenc in evaluation. Might quench Coverity 1134470
"Logically dead code".
* libtiff/tif_jpeg.c (JPEGDecode): Fix Coverity 602597 "Operands
don't affect result". This change uses ifdefs to include
applicable code based on properties of libjpeg. Still needs to be
re-tested with 12-bit "6b" and "MK1".
2015-05-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* libtiff/tif_dirwrite.c (_TIFFRewriteField): Fix Coverity 1024310
"Resource leak".
* libtiff/tif_ojpeg.c (OJPEGReadHeaderInfoSecStreamDht): Fix
Coverity 601720 "Resource leak".
* libtiff/tif_jpeg.c (JPEGCleanup): Fix Coverity 298624
"Dereference before null check".
* libtiff/tif_ojpeg.c (OJPEGReadBufferFill): Fix Coverity 603400
"Missing break in switch".
* contrib/addtiffo/tif_overview.c (TIFF_DownSample): Check buffer
size calculation for overflow.
* contrib/addtiffo/addtiffo.c (main): Possibly address Coverity
1024226 "Untrusted value as argument".
* tools/gif2tiff.c (readgifimage): Fix Coverity 1024222 "Untrusted
value as argument".
(checksignature): Fix Coverity 1024894 "Ignoring number of bytes
read".
(readextension): Fix Coverity 1024893 "Ignoring number of bytes
read".
(readgifimage): Fix Coverity 1024890 "Ignoring number of bytes
read".
(readraster): Fix Coverity 1024891 "Ignoring number of bytes
read".
(readgifimage): Fix Coverity 1024892 "Ignoring number of bytes
read".
* tools/tiff2pdf.c (t2p_readwrite_pdf_image): Fix Coverity 1024181
"Structurally dead code".
* tools/raw2tiff.c (main): Fix Coverity 1024887 "Unchecked return
value from library".
(guessSize): Fix Coverity 1024888 "Unchecked return value from
library".
(guessSize): Fix Coverity 1214162 "Ignoring number of bytes read".
(guessSize): Fix Coverity 1024889 "Unchecked return value from
library".
* tools/tiff2pdf.c (t2p_readwrite_pdf_image): Fix Coverity 298621
"Resource leak".
(t2p_readwrite_pdf_image): Fix Coverity 1024181 "Structurally dead
code".
(t2p_write_pdf): Fix Coverity 1227690 "Unused value".
2015-05-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* contrib/iptcutil/iptcutil.c (formatIPTC): Fix Coverity 1024468
"Infinite loop".
(formatIPTC): Fix Coverity 1024727 "Truncated stdio return value".
(formatIPTC): Fix Coverity 1214240 "Untrusted loop bound".
2015-05-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix
Coverity 298615 "Resource leak".
(TIFFGetOvrBlock): Fix Coverity 1024649 "Unintended sign
extension".
* tools/bmp2tiff.c (main): Fix Coverity 1024225 "Untrusted value
as argument".
(main): Fix Coverity 1024678 "Unchecked return value from
library".
(main): Fix Coverity 1024679 "Unchecked return value from
library".
(main): Fix Coverity 1214160 "Ignoring number of bytes read".
* contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix
Coverity 298615 "Resource leak".
* tools/tiffcp.c: Fix Coverity 1024306, 1024307, 1024308, 1024309
"Resource leak".
* tools/tiffsplit.c (cpTiles): Fix Coverity 1024304 "Resource
leak".
(cpStrips): Fix Coverity 1024305 "Resource leak".
2015-05-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* tools/ras2tiff.c: Fix Sun Raster header definition to be safe
for 64-bit systems. Add some header validations. Should fix many
Coverity issues.
(main): Fix Coverity 1301206: "Integer handling issues (BAD_SHIFT)".
(main): Quiet Coverity 1024223 "Untrusted value as argument".
* tools/tiffmedian.c (GetInputLine): Fix Coverity 1024795 "Nesting
level does not match indentation".
(get_histogram): Quiet Coverity 1024386 "Out-of-bounds read".
This was a benign mis-diagnosis but added code to enforce against
buffer overflow.
* tools/tiffcrop.c (ROTATE_ANY): Fix Coverity 1294542 "Logical
vs. bitwise operator".
(readContigStripsIntoBuffer): Fix Coverity 1024545 "Division or
modulo by zero".
(readContigTilesIntoBuffer): Fix Coverity 1024586 "Logically dead
code".
(writeSingleSection): Fix Coverity 1024796 "Nesting level does not
match indentation".
(writeCroppedImage): Fix Coverity 1024797 "Nesting level does not
match indentation".
(loadImage): Fix Coverity 1299741 "Dereference before null check".
(loadImage): Fix Coverity 1299740 "Out-of-bounds write".
2015-03-02 Even Rouault <even.rouault@spatialys.com>
* tools/tiffdither.c: check memory allocations to avoid writing to
NULL pointer. Also check multiplication overflow. Fixes #2501,
CVE-2014-8128. Derived from patch by Petr Gajdos.
|
|
CVE-2014-8127
CVE-2014-8128
CVE-2014-8129
CVE-2014-8130 (likely)
Remaining unfixed vulnerabilities: CVE-2014-9655, CVE-2015-1547 (but
these are unfixed upstream AFAICS).
ok wiz
|
|
|
|
and use-after-free problems in the "gif2tiff" and "tiff2pdf"
command line tools (the library is not affected)
(CVE-2013-4231, CVE-2013-4232, CVE-2013-4244)
bump PKGREV
|
|
"tiff2pdf" tool by crafted TIFF image files
(CVE-2013-1960/61)
bump PKGREV
|
|
due to integer overflow in the ppm2tiff cmd line tool (CVE-2012-4564)
bump PKGREV
|
|
MAJOR CHANGES:
None
CHANGES IN THE SOFTWARE CONFIGURATION:
Updated to use Automake 1.12.4. Avoids security problem with 'make distcheck' (CVE-2012-3386).
CHANGES IN LIBTIFF:
Various memory buffer access fixes.
Fix handling when writing RGBA jpeg compressed imagery (http://trac.osgeo.org/gdal/ticket/4732).
Fix to work properly with IJG JPEG 7+.
New functions TIFFFieldTag(), TIFFFieldName(), TIFFFieldDataType(), TIFFFieldPassCount(), TIFFFieldReadCount(), TIFFFieldWriteCount() to use as external accessors for the opaque type TIFFField.
Fix bug rewriting image tiles in a compressed file (http://trac.osgeo.org/gdal/ticket/4771).
Add TIFF/FX tag support in libtiff.
CHANGES IN THE TOOLS:
tiff2pdf: Fail when TIFFSetDirectory() fails. This prevents core dumps or perhaps even arbitrary code execution when processing a corrupt input file (CVE-2012-3401).
tiff2pdf: Fix two places where t2p_error didn't get set after a malloc failure. No crash risk AFAICS, but the program might not report exit code 1 as desired.
CHANGES IN THE CONTRIB AREA:
None
|
|
Bump PKGREVISION.
|
|
* tif_getimage.c: added support for _SEPARATED CMYK images.
* tif_getimage.c: Added support for greyscale + alpha.
* Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory()
functions.
* tif_print.c: Lots of fixes around printing corrupt or hostile input.
* Improve handling of corrupt ycbcrsubsampling values.
* tif_unix.c: use strerror to get meaningful error messages.
* tif_jpeg.c: fix serious bugs in JPEGDecodeRaw().
* tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173).
|
|
Bump PKGREVISION.
|
|
-update to 4.0.1 -- this only adds symbol versioning support to ease
transition from 3.x to 4.x; this is not used in pkgsrc so the
update is purely cosmetical
|
|
At long last, libtiff 4.0.0 is finally released. Libtiff 4.0.0 is the
successor to the libtiff 3.9.X release series. It is intended to be
largely API compatible with the 3.9.X releases, but it is definitely
not ABI compatible so any software which plans to use it will need to
be recompiled. With appropriate care, source code can easily compile
with both the 3.9.X releases and libtiff 4.0.0.
This release supports the BigTIFF TIFF format in which all offsets are
unsigned 64-bit, supporting huge files. APIs which deal with tag
offsets are necessarily updated to pass 64-bit values. I/O functions
supporting the TIFFClientOpen() interface are updated to pass 64-bit
offset values.
|
|
Many bugs and security issues are resolved in this stable release.
|
|
(http://bugzilla.maptools.org/show_bug.cgi?id=2300)
to fix possible buffer overflow in the "thunder" decoder (CVE-2011-1167)
bump PKGREV
|
|
"libtiff" CVS repository.
|
|
following vulnerabilities:
- CVE-2010-2233
- CVE-2010-2482
- CVE-2010-2483
- CVE-2010-2595
- CVE-2010-2597
There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion
gets triggered) and cannot be exploited after the above vulnerabilities
are fixed (at least if I understood correctly).
No butcher was involved in fixing this package.
|
|
changes:
-Complete the fixes for CVE-2009-2347.
-Tiffcrop now supports custom page sizes.
+minor bugfixes
|
|
gory details at http://www.remotesensing.org/libtiff/v3.9.3.html.
|
|
changes:
-bugfixes
-OJPEG support updated to work with IJG JPEG 7 release
-Tiffcrop validated for most TIFF storage subformats and sample depths
|
|
This is a bugfix release to correct serious defects found in libtiff
3.9.0. In particular, it was discovered that libtiff 3.9.0 may
write defective TIFF files. This release is intended to be API and
ABI compatible with libtiff 3.8.2.
|
|
MAJOR CHANGES:
* New tiffcrop utility contributed by Richard Nolde. tiffcrop does the
same as tiffcp, but also can crop, extract, rotate and mirror images.
* tif_jbig.c: Added support for JBIG compression scheme (34661 code),
contributed by Lee Howard.
* Totally new implementation of OJPEG module from Joris Van Damme. No
need to patch libjpeg anymore. Many OJPEG files should be supported
now that was not supported previously.
------------------------------------------------
CHANGES IN THE SOFTWARE CONFIGURATION:
* tif_config.wince.h, tiffconf.wince.h, tif_wince.c: WinCE-specific
compatibility stuff from Mateusz Loskot.
* Rename config.h.vc and tif_config.h.vc to config.vc.h and
tif_config.vc.h for easier identification by folks using an IDE.
* configure, configure.ac: OJPEG support enabled by default (i.e., whe
the conformant JPEG support enabled).
* README.vms, Makefile.am, configure.com, libtiff/{Makefile.am,
tif_config.h-vms, tif_stream.cxx, tif_vms.c, tiffconf.h-vms}: Added
support for OpenVMS by Alexey Chupahin.
* nmake.opt: use /EHsc for VS2005 compatibility. Also define
_CRT_SECURE_NO_DEPRECATE to avoid noise on VS2005.
------------------------------------------------
CHANGES IN LIBTIFF:
* tif_dirinfo.c (_TIFFFindFieldInfo): Don't attempt to bsearch() on a
NULL fieldinfo list. (_TIFFFindFieldInfoByName): Don't attempt to
lfind() on a NULL fieldinfo list.
* tif_jpeg.c: Changed JPEGInitializeLibJPEG() so that it will convert
from decompressor to compressor or compress to decompress if required
by the force arguments. This works around a problem in where the
JPEGFixupTestSubsampling() may cause a decompressor to be setup on a
directory when later a compressor is required with the force flag set.
Occurs with the addtiffo program for instance.
* tif_dirwrite.c: Fixed swapping of byte arrays stored in-place in tag
offsets as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1363
* tif_getimage.c: workaround for 'Fractional scanline' error reading
OJPEG images with rowsperstrip that is not a multiple of vertical
subsampling factor. This bug is mentioned in
http://bugzilla.remotesensing.org/show_bug.cgi?id=1390 and
http://www.asmail.be/msg0054766825.html
* tif_dirread.c: Added special function to handle SubjectDistance EXIF
tag as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1362
* tif_dirread.c, tif_read.c: Type of the byte counters changed from
tsize_t to uint32 to be able to work with data arrays larger than 2GB.
Fixes bug http://bugzilla.remotesensing.org/show_bug.cgi?id=89 Idea
submitted by Matt Hancher.
* tif_dir.c: Workaround for incorrect TIFFs with ExtraSamples == 999
produced by Corel Draw. As per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1490
* tif_write.c: TIFFAppendToStrip() - clear sorted flag if we move a
strip. http://bugzilla.remotesensing.org/show_bug.cgi?id=1359
* tif_fax3.c: Save the state of printdir codec dependent method.
* tif_jpeg.c: Save the state of printdir codec dependent method as per
bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1273
* tif_win32.c: Fixed problem with offset value manipulation as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1322
* tif_fax3.c, tif_next.c, tif_pixarlog.c: Fixed multiple
vulnerabilities, as per Gentoo bug ():
http://bugs.gentoo.org/show_bug.cgi?id=142383
* tif_lzw.c, tif_zip.c: Fixed problems with mixing encoding and decoding
on the same read-write TIFF handle. The LZW code can now maintain
encode and decode state at the same time. The ZIP code will switch
back and forth as needed.
http://bugzilla.remotesensing.org/show_bug.cgi?id=757
* tif_msdos.c: Avoid handle leak for failed opens. c/o Thierry Pierron
* tif_dirwrite.c: take care not to flush out buffer of strip/tile data
in _TIFFWriteDirectory if TIFF_BEENWRITING not set. Relates to bug
report by Peng Gao with black strip at bottom of images.
* tif_dirwrite.c: make sure to use uint32 for wordcount in
TIFFWriteNormanTag if writecount is VARIABLE2 for ASCII fields. It
already seems to have been done for other field types. Needed for
"tiffset" on files with geotiff ascii text.
* tif_dirinfo.c: Added missed EXIF tag ColorSpace (40961).
* tif_dirread.c: Move IFD fetching code in the separate function
TIFFFetchDirectory() avoiding code duplication in TIFFReadDirectory()
and TIFFReadCustomDirectory().
* tif_readdir.c: Added case in EstimateStripByteCounts() for tiled
files. Modified TIFFReadDirectory() to not invoke
EstimateStripByteCounts() for case where entry 0 and 1 are unequal but
one of them is zero.
http://bugzilla.remotesensing.org/show_bug.cgi?id=1204
* tif_open.c, tif_dirread.c, tiffiop.h: Move IFD looping checking code
in the separate function TIFFCheckDirOffset().
* tif_aux.c: Added _TIFFCheckRealloc() function.
* tif_fax3.c: Fixed problems in fax decoder as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1194
* tif_jbig.c: Added support for JBIG compression scheme (34661 code)
contributed by Lee Howard. As per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=896
* tif_getimage.c: Added support for planarconfig separate non-subsampled
YCbCr (i.e. separate YCbCr with subsampling [1,1]).
* tif_getimage.c: Revision of all RGB(A) put routines:
* Conversion of unassociated alpha to associated alpha now done
with more performant LUT, and calculation more correct.
* Conversion of 16bit data to 8bit data now done with more
performant LUT, and calculation more correct
* Bugfix of handling of 16bit RGB with unassociated alpha
* tif_ojpeg.c: totally new implementation
* tif_getimage.c: removed TIFFTAG_JPEGCOLORMODE handling of OJPEG images
in favor of tif_getimage.c native handling of YCbCr and desubsampling.
* tif_jpeg.c: JPEGVSetField() so that altering the photometric
interpretation causes the "upsampled" flag to be recomputed. Fixes
peculiar bug where photometric flag had to be set before jpegcolormode
flag.
------------------------------------------------
CHANGES IN THE TOOLS:
* tiff2ps.c: Added support 16-bit images as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1566. Patch from
William Bader.
* tiff2pdf.c: Fix for TIFFTAG_JPEGTABLES tag fetching and significant
upgrade of the whole utility as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1560. Now we don't
need tiffiop.h in tiff2pdf anymore and will open output PDF file using
TIFFClientOpen() machinery as it is implemented by Leon Bottou.
* tiffcrop.c: New tiffcrop utility contributed by Richard Nolde. As per
bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1383
* tiff2pdf.c: Do not assume inches when the resolution units do not
specified. As per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1366
* tiffset.c: Properly handle tags with TIFF_VARIABLE writecount. As per
bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1350
* tif2rgba.c: This utility does not work properly on big-endian
architectures. It was fixed including the bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1149
* tiff2pdf.c: Fix handling of -q values.
http://bugzilla.remotesensing.org/show_bug.cgi?id=587
* tiffcmp.c: Fixed floating point comparison logic as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1191
* tiff2pdf.c: Fixed buffer overflow condition in t2p_write_pdf_string()
as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1196
------------------------------------------------
CHANGES IN THE CONTRIB AREA:
* contrib/addtiffo/tif_overview.c: Fix problems with odd sized output
blocks in TIFF_DownSample_Subsampled() (bug 1542).
* contrib/dbs/xtiff/xtiff.c: Make xtiff utility compilable. Though it is
still far from the state of being working and useful.
|
|
tools taken from MapTools Bugzilla. This fixes CVE-2009-2347.
|
|
(http://bugzilla.maptools.org/show_bug.cgi?id=2065)
to fix a buffer underflow which can cause DOS or system access
(SA35515)
bump PKGREVISION
|
|
CVE-2008-2327. Bump package revision.
|
|
Requested by solo@.
|
|
"Some vulnerabilities have been reported in libTIFF, which can be
exploited by malicious people to cause a DoS (Denial of Service)
or potentially compromise a vulnerable system.
The vulnerabilities are caused due to various heap and integer
overflows when processing TIFF images and can be exploited via
a specially crafted TIFF image.
Successful exploitation allows crashing applications linked against
libTIFF and may also allow execution of arbitrary code."
http://secunia.com/advisories/21304/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465
Patches from Tavis Ormandy, Google Security Team via SUSE.
Bump PKGREVISION.
|
|
"A vulnerability in LibTIFF can be exploited by malicious people to
cause a DoS (Denial of Service) and potentially compromise a user's
system.
The vulnerability is caused due to a boundary error within tiff2pdf
when handling a TIFF file with a "DocumentName" tag that contains
UTF-8 characters. This can be exploited to cause a stack-based buffer
overflow and may allow arbitrary code execution."
http://secunia.com/advisories/20488/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193
Patch from Ubuntu.
|
|
changes: bugfixes
|
|
changes:
-many bugfixes
-support PBM files in ppm2tiff
-Added ability to create multipage TIFFs in bmp2tiff
|
|
around a problem caused by a bash'ism in the configure script.
Fix the script instead.
No functional change.
|
|
the inclusion of tiffio.h from C++ as seen in digikam.
Bump revision.
|
|
MAJOR CHANGES:
* Read-only support for custom directories (e.g. EXIF directory).
* Preliminary support for MS MDI format.
----------------------------------------------------------------------------------------
CHANGES IN THE SOFTWARE CONFIGURATION:
* Make the default strip size configurable via the
--with-default-strip-size and STRIP_SIZE_DEFAULT options.
----------------------------------------------------------------------------------------
CHANGES IN LIBTIFF:
* tiffio.h: Added VC_EXTRALEAN definition before including
windows.h, to reduce the compile time.
* tif_jpeg.c: Improve compilation under MinGW.
* {tif_aux.c, tif_dir.c, tif_dir.h, tif_dirwrite.c, tif_print.c,
tif_getimage.c}: Make InkSet, NumberOfInks, DotRange and StoNits tags
custom.
* {tif_aux.c, tif_dir.c, tif_dir.h, tif_print.c}: Make WhitePoint tag
custom.
* tiffio.h: fixed typo that potentially resulted in redefininition of
USE_WIN32_FILEIO
* {tif_dir.c, tif_dir.h, tif_print.c}: Make RichTIFFIPTC, Photoshop and
ICCProfile tags custom.
* libtiff/*, contrib/*: Added 'dual-mode' error handling, enabling newer
code to get context indicator in error handler and still remain
compatible with older code: Done TIFFError calls everywhere
except in tools.
* tiffinfo.c: Print EXIF directory contents if exist.
* {tif_dirinfo.c, tif_dirread.c, tif_dir.h, tif_dir.c}: Custom
directory read-only support.
* {tif_aux.c, tif_dirinfo.c, tif_dirread.c, tif_dir.h, tif_dir.c,
tif_print.c}: Make YCbCrCoefficients and ReferenceBlackWhite tags
custom.
* tif_dirread.c: One more workaround for broken StripByteCounts tag.
Handle the case when StripByteCounts array filled with completely wrong
values.
* tif_dirinfo.c: Release file descriptor in case of failure in
the TIFFOpenW() function as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=1003
* tif_dirinfo.c: Correctly yse bsearch() and lfind() functions
as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1008
* tif_open.c, tiff.h, tiffdump.c: Incorporate preliminary support for MS
MDI format.
http://bugzilla.remotesensing.org/show_bug.cgi?id=1002
* libtiff.def, tiffiop.h, tiffio.h: Made TIFFFreeDirectory public.
* /tif_dirinfo.c: Make XResolution, YResolution and ResolutionUnit tags
modifiable during write process. As per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=977
* if_dirread.c: Don't try and split single strips into "0" strips in
ChopUpSingleUncompressedStrip. This happens in some degenerate
cases (like 1x1 files with stripbytecounts==0 (gtsmall.jp2 embed tiff)
* tif_fax3.c: changed 'at scanline ...' style warning/errors with
incorrect use of tif_row, to 'at line ... of strip/tile ...'
style.
CHANGES IN THE TOOLS:
* tiffcp.c: Added many error reporting messages; fixed integer
overflow as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=789
* tiffcp.c: Return non-zero status when reading fails.
* fax2tiff.c: Properly calculate sizes of temporary arrays as
per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=943
* fax2tiff.c: Added option '-r' to set RowsPerStrip parameter as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=944
* tiffdump.c: Fixed typeshift and typemask arrays initialization problem
as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=946
* bmp2tiff.c: Fixed possible integer overflow error as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=965
* tiffsplit.c: Copy fax related fields over splitted parts as
per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=983
* tiffdump.c: Fixed crash when reading malformed tags.
* tiff2pdf.c: Added missed 'break' statement as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=932
|
|
MAJOR CHANGES:
* Fixed important bug in custom tags handling code..
------------------------------------------------
CHANGES IN THE SOFTWARE CONFIGURATION:
* Applied patch from Patrick Welche (all scripts moved in the 'config'
and 'm4' directories).
* SConstruct, libtiff/SConstruct: Added the first very preliminary
support for SCons software building tool (http://www.scons.org/). This
is experimental infrastructure and it will exist along with the
autotools stuff.
* port/lfind.c: Added lfind() replacement module.
------------------------------------------------
CHANGES IN LIBTIFF:
* tif_dir.c: When prefreeing tv->value in TIFFSetFieldV also set it to
NULL to avoid double free when re-setting custom string fields as per:
http://bugzilla.remotesensing.org/show_bug.cgi?id=922
* tif_dir.c: Fixed up support for swapping "double complex" values (128
bits as 2 64 bits doubles). GDAL gcore tests now pass on bigendian
(macosx) system.
* libtiff/{tif_dirread.c, tif_dirinfo.c}: Do not upcast BYTEs to SHORTs
in the TIFFFetchByteArray(). Remove TIFFFetchExtraSamples() function,
use TIFFFetchNormalTag() instead as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=831 Remove
TIFFFetchExtraSamples() function, use TIFFFetchNormalTag() instead.
* tif_print.c: Fixed printing of the BYTE and SBYTE arrays.
* tif_write.c: Do not check the PlanarConfiguration field in the
TIFFWriteCheck() function in case of single band images (as per TIFF
spec).
* libtiff/{tif_dir.c, tif_dir.h, tif_dirinfo.c, tif_print.c}: Make
FieldOfViewCotangent, MatrixWorldToScreen, MatrixWorldToCamera,
ImageFullWidth, ImageFullLength and PrimaryChromaticities tags custom.
------------------------------------------------
CHANGES IN THE TOOLS:
* tiffcp.c: Fixed WhitePoint tag copying.
------------------------------------------------
CHANGES IN THE CONTRIB AREA:
* tiffdump.c: Added support for TIFF_IFD datatype.
* addtiffo/{tif_overview.c, tif_ovrcache.c, tif_ovrcache.h}: Make
overviews working for contiguous images.
|
|
|
|
Many bugfixes and several new features. The runtime endianness check
has been replaced with the compile time one. Support has been added
for the new predictor type (floating point predictor) defined at the
TIFF Technical Note 3, for custom tags passed by value, and for all
DNG tags.
|
|
"A vulnerability in libTIFF was found, it can be potentially exploited by
malicious people to compromise a vulnerable system."
http://secunia.com/advisories/15320/
http://bugzilla.remotesensing.org/show_bug.cgi?id=843
Bump PKGREVISION, patch from libtiff cvs repository.
|
|
don't define __LP64__. This is basically same as patch-ab rev. 1.13,
which was probably removed by mistake.
|
|
from libtiff CVS to fix the build on Darwin.
|
|
Package changes:
Put options in options.mk, and retire support for USE_GIF; turn on
the lzw option by default (since USE_GIF was on by default).
C++ library's name changed, to be in sync with tiff distribution's name
for it (libtiffcxx -> libtiffxx).
Changes in 3.7.2:
Maintainance [sic] release. Many bugfixes in the build
environment and compatibility improvements.
|
|
|
|
that fixes a bug where docked TIFF icons in WindowMaker have a black
background rather than a transparent background. Ride the previous
PKGREVISION bump to 3. This fixes PR pkg/28989.
|
|
of $(CXX) so that applications needing libtiff don't also need to be
linked against $(CXX). Bump the PKGREVISION to 3. This should fix
PR pkg/28961.
|
|
with no objects. libtiffcxx.la now correctly builds using tif_stream.lo.
Bump the PKGREVISION to 2.
|
|
It's meant to be used directly in place of libtiff.so, i.e. instead
of linking against -ltiff, you link against -ltiffcxx. It also leaves
libtiff.so as a plain C-linkage library again, as it was in tiff-3.6.x,
and avoids needing to patch tiff-using packages to link using the C++
compiler. Bump the PKGREVISION to 1.
|
|
Remove OpenWindows workaround in pkgsrc for this.
Too many changes to include here.
See http://www.remotesensing.org/libtiff/v3.7.1.html
and http://www.remotesensing.org/libtiff/v3.7.0.html
and previous change files for changes information.
tiff-3.7.1 now includes the lzw compression code again.
It also uses autoconf and libtool now.
A new tool is bmp2tiff.
Docs are placed under share/doc/tiff/html instead of share/doc/html/tiff.
Many manpage symlinks are now missing. (This was reported to tiff list.)
|
|
But now these are improved in response to
iDEFENSE Security Advisory 12.21.04
www.idefense.com/application/poi/display?id=173&type=vulnerabilities
libtiff STRIPOFFSETS Integer Overflow Vulnerability
December 21, 2004
This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.
PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.
|