| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
CVE-2008-2327. Bump package revision.
|
|
Requested by solo@.
|
|
"Some vulnerabilities have been reported in libTIFF, which can be
exploited by malicious people to cause a DoS (Denial of Service)
or potentially compromise a vulnerable system.
The vulnerabilities are caused due to various heap and integer
overflows when processing TIFF images and can be exploited via
a specially crafted TIFF image.
Successful exploitation allows crashing applications linked against
libTIFF and may also allow execution of arbitrary code."
http://secunia.com/advisories/21304/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465
Patches from Tavis Ormandy, Google Security Team via SUSE.
Bump PKGREVISION.
|
|
"A vulnerability in LibTIFF can be exploited by malicious people to
cause a DoS (Denial of Service) and potentially compromise a user's
system.
The vulnerability is caused due to a boundary error within tiff2pdf
when handling a TIFF file with a "DocumentName" tag that contains
UTF-8 characters. This can be exploited to cause a stack-based buffer
overflow and may allow arbitrary code execution."
http://secunia.com/advisories/20488/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193
Patch from Ubuntu.
|
|
changes:
-many bugfixes
-support PBM files in ppm2tiff
-Added ability to create multipage TIFFs in bmp2tiff
|
|
around a problem caused by a bash'ism in the configure script.
Fix the script instead.
No functional change.
|
|
the inclusion of tiffio.h from C++ as seen in digikam.
Bump revision.
|
|
MAJOR CHANGES:
* Fixed important bug in custom tags handling code..
------------------------------------------------
CHANGES IN THE SOFTWARE CONFIGURATION:
* Applied patch from Patrick Welche (all scripts moved in the 'config'
and 'm4' directories).
* SConstruct, libtiff/SConstruct: Added the first very preliminary
support for SCons software building tool (http://www.scons.org/). This
is experimental infrastructure and it will exist along with the
autotools stuff.
* port/lfind.c: Added lfind() replacement module.
------------------------------------------------
CHANGES IN LIBTIFF:
* tif_dir.c: When prefreeing tv->value in TIFFSetFieldV also set it to
NULL to avoid double free when re-setting custom string fields as per:
http://bugzilla.remotesensing.org/show_bug.cgi?id=922
* tif_dir.c: Fixed up support for swapping "double complex" values (128
bits as 2 64 bits doubles). GDAL gcore tests now pass on bigendian
(macosx) system.
* libtiff/{tif_dirread.c, tif_dirinfo.c}: Do not upcast BYTEs to SHORTs
in the TIFFFetchByteArray(). Remove TIFFFetchExtraSamples() function,
use TIFFFetchNormalTag() instead as per bug
http://bugzilla.remotesensing.org/show_bug.cgi?id=831 Remove
TIFFFetchExtraSamples() function, use TIFFFetchNormalTag() instead.
* tif_print.c: Fixed printing of the BYTE and SBYTE arrays.
* tif_write.c: Do not check the PlanarConfiguration field in the
TIFFWriteCheck() function in case of single band images (as per TIFF
spec).
* libtiff/{tif_dir.c, tif_dir.h, tif_dirinfo.c, tif_print.c}: Make
FieldOfViewCotangent, MatrixWorldToScreen, MatrixWorldToCamera,
ImageFullWidth, ImageFullLength and PrimaryChromaticities tags custom.
------------------------------------------------
CHANGES IN THE TOOLS:
* tiffcp.c: Fixed WhitePoint tag copying.
------------------------------------------------
CHANGES IN THE CONTRIB AREA:
* tiffdump.c: Added support for TIFF_IFD datatype.
* addtiffo/{tif_overview.c, tif_ovrcache.c, tif_ovrcache.h}: Make
overviews working for contiguous images.
|
|
|
|
Many bugfixes and several new features. The runtime endianness check
has been replaced with the compile time one. Support has been added
for the new predictor type (floating point predictor) defined at the
TIFF Technical Note 3, for custom tags passed by value, and for all
DNG tags.
|
|
"A vulnerability in libTIFF was found, it can be potentially exploited by
malicious people to compromise a vulnerable system."
http://secunia.com/advisories/15320/
http://bugzilla.remotesensing.org/show_bug.cgi?id=843
Bump PKGREVISION, patch from libtiff cvs repository.
|
|
don't define __LP64__. This is basically same as patch-ab rev. 1.13,
which was probably removed by mistake.
|
|
from libtiff CVS to fix the build on Darwin.
|
|
Package changes:
Put options in options.mk, and retire support for USE_GIF; turn on
the lzw option by default (since USE_GIF was on by default).
C++ library's name changed, to be in sync with tiff distribution's name
for it (libtiffcxx -> libtiffxx).
Changes in 3.7.2:
Maintainance [sic] release. Many bugfixes in the build
environment and compatibility improvements.
|
|
that fixes a bug where docked TIFF icons in WindowMaker have a black
background rather than a transparent background. Ride the previous
PKGREVISION bump to 3. This fixes PR pkg/28989.
|
|
of $(CXX) so that applications needing libtiff don't also need to be
linked against $(CXX). Bump the PKGREVISION to 3. This should fix
PR pkg/28961.
|
|
with no objects. libtiffcxx.la now correctly builds using tif_stream.lo.
Bump the PKGREVISION to 2.
|
|
It's meant to be used directly in place of libtiff.so, i.e. instead
of linking against -ltiff, you link against -ltiffcxx. It also leaves
libtiff.so as a plain C-linkage library again, as it was in tiff-3.6.x,
and avoids needing to patch tiff-using packages to link using the C++
compiler. Bump the PKGREVISION to 1.
|
|
Remove OpenWindows workaround in pkgsrc for this.
Too many changes to include here.
See http://www.remotesensing.org/libtiff/v3.7.1.html
and http://www.remotesensing.org/libtiff/v3.7.0.html
and previous change files for changes information.
tiff-3.7.1 now includes the lzw compression code again.
It also uses autoconf and libtool now.
A new tool is bmp2tiff.
Docs are placed under share/doc/tiff/html instead of share/doc/html/tiff.
Many manpage symlinks are now missing. (This was reported to tiff list.)
|
|
But now these are improved in response to
iDEFENSE Security Advisory 12.21.04
www.idefense.com/application/poi/display?id=173&type=vulnerabilities
libtiff STRIPOFFSETS Integer Overflow Vulnerability
December 21, 2004
This fix (in two files) was from that advisory and also seen
in tiff 3.7.1.
PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for
this possible security issue. Other packages depending on this are not
bumped.
|
|
include fixes for CESA-2004-006. Bump package revision.
|
|
with a '-' as '../-', as this is basically guaranteed to be wrong.
Examples: -n32 or -64 for IRIX ABI would be substituted as '../-64',
which of course breaks the package. Other possible CFLAGS would
have the same result.
|
|
|
|
|
|
|
|
Flagged by wizd :) - many thanks.
Note to self: Running patch on a file twice does tend to make the .orig file
less than useful for comparing to the original state...
|
|
Add a patch to fix fax3 tiff handling. Without this hylafax
generates completely garbled tiff images unless error correction
was disabled: http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=500
|
|
The main changes include:
new utility tiff2pdf for converting a TIFF image to a PDF document
new utility raw2tiff for converting raw rasters into TIFF files
new tiff2ps options
new fax2tiff options
bug fixes for LZW, JPEG and OJPEG compression.
more documentation
and upgrade to libtiff.so.3.6
other changes at http://www.libtiff.org/v3.6.0.html
Removed patch-ab because
html/Makefile.in: added missing images per bug 92
Removed patch-ag because
http://bugzilla.remotesensing.org/show_bug.cgi?id=315
Other changes:
HOMEPAGE changed due to libtiff.org has been hijacked
INSTALL.OpenWindows updated (thank you to dieter)
tiff is backward compatible with older version,
but buildlink2.mk version is increased because libtiff
was broken for amd64 support.
|
|
|
|
Patch from Ingolf Steinbach in PR 19306.
Bump PKGREVISION to 1.
|
|
* many bug fixes
* added support for 16bit minisblack/miniswhite images in RGBA interface
* integrated experimental OJPEG support
* updated tiffcp utility
* substantial changes to tiff2ps
|
|
|
|
the required headers and libraries for jpeg and zlib.
|
|
This fixes pkg/12797
|
|
libtool.
|
|
|
|
Use USE_LIBTOOL instead of USE_PKGLIBTOOL.
|
|
and beginning support for 2-4GB files. Complete list of changes at
http://www.libtiff.org/v3.5.5.html
|
|
|
|
optional and controlled by USE_GIF in mk.conf, decompression is unchanged.
Comment for USE_GIF in mk.conf has been updated. Some HTML documentation
gets installed now, too.
Changes:
A Y2K bugfix in ras2tiff, removal of LZW compression, new Pixar tags,
and Adobe ZIP support, as well as removal of some compiler warnings
and minor fixes.
|
|
Changes in TIFF v3.5.1
* Support was added for IPTC Newsphoto metadata (TIFFTAGE_IPTCNEWSPHOTO)
* Support was added for photoshop caption handling (TIFFTAG_PHOTOSHOP)
Changes in TIFF v3.5.2
* Added TIFFReassignTagToIgnore() API on behalf of
Bruce Cameron <cameron@petris.com>. Man page still pending.
* Fixed problem with cvtcmap() in tif_getimage.c modifying the
colormaps owned by the TIFF handle itself when trying to fixup wrong
(eight bit) colormaps. Corrected by maintaining a private copy of
the colormap.
* Added TIFFReadRGBATile()/TIFFReadRGBAStrip() support in
tif_getimage.c.
* Applied "a" mode fix to tif_win32.c/TIFFOpen() as suggested
by Christopher Lawton <clawton@mathworks.com>
* Set O_BINARY for tif_unix.c open() ... used on cygwin for instance.
* Applied Francois Dagand's patch to handle fax decompression bug.
(sizes >= 65536 were failing)
|
|
|
|
installing manual pages.
|
|
|
|
|
|
BSD_INSTALL_PROGRAM.
|
|
|
|
by me slightly.
|
|
minor fixes from me. Closes PR pkg/4603.
|
|
XXX This doesn't work for ELF/binutils.
|
