rpms/libtiff/F-12 libtiff-CVE-2009-2347.patch, NONE, 1.1 libtiff-acversion.patch, NONE, 1.1 libtiff-jpeg-scanline.patch, NONE, 1.1 libtiff-mantypo.patch, NONE, 1.1 .cvsignore, 1.8, 1.9 libtiff.spec, 1.56, 1.57 sources, 1.8, 1.9 libtiff-3.7.2-persample.patch, 1.1, NONE libtiff-3.8.2-CVE-2006-2193.patch, 1.1, NONE libtiff-3.8.2-CVE-2009-2347.patch, 1.1, NONE libtiff-3.8.2-lzw-bugs.patch, 1.2, NONE libtiff-3.8.2-mantypo.patch, 1.1, NONE libtiff-3.8.2-ormandy.patch, 1.1, NONE libtiff-v3.6.1-64bit.patch, 1.1, NONE tiffsplit-overflow.patch, 1.1, NONE
Tom Lane
tgl at fedoraproject.org
Thu Dec 17 01:19:26 UTC 2009
Author: tgl
Update of /cvs/pkgs/rpms/libtiff/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv31030
Modified Files:
.cvsignore libtiff.spec sources
Added Files:
libtiff-CVE-2009-2347.patch libtiff-acversion.patch
libtiff-jpeg-scanline.patch libtiff-mantypo.patch
Removed Files:
libtiff-3.7.2-persample.patch
libtiff-3.8.2-CVE-2006-2193.patch
libtiff-3.8.2-CVE-2009-2347.patch libtiff-3.8.2-lzw-bugs.patch
libtiff-3.8.2-mantypo.patch libtiff-3.8.2-ormandy.patch
libtiff-v3.6.1-64bit.patch tiffsplit-overflow.patch
Log Message:
Update to libtiff 3.9.2
libtiff-CVE-2009-2347.patch:
tiff2rgba.c | 35 +++++++++++++++++++++++++++++++----
1 file changed, 31 insertions(+), 4 deletions(-)
--- NEW FILE libtiff-CVE-2009-2347.patch ---
This is a portion of the patch we were carrying for CVE-2009-2347 in 3.8.2.
Unfortunately the upstream fix in 3.9.2 is incomplete, so we still need this
part. Reported upstream at
http://bugzilla.maptools.org/show_bug.cgi?id=2079
diff -Naur tiff-3.9.2.orig/tools/tiff2rgba.c tiff-3.9.2/tools/tiff2rgba.c
--- tiff-3.9.2.orig/tools/tiff2rgba.c 2009-08-20 16:23:53.000000000 -0400
+++ tiff-3.9.2/tools/tiff2rgba.c 2009-12-03 12:19:07.000000000 -0500
@@ -125,6 +125,17 @@
return (0);
}
+static tsize_t
+multiply(tsize_t m1, tsize_t m2)
+{
+ tsize_t prod = m1 * m2;
+
+ if (m1 && prod / m1 != m2)
+ prod = 0; /* overflow */
+
+ return prod;
+}
+
static int
cvt_by_tile( TIFF *in, TIFF *out )
@@ -134,6 +145,7 @@
uint32 tile_width, tile_height;
uint32 row, col;
uint32 *wrk_line;
+ tsize_t raster_size;
int ok = 1;
TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
@@ -151,7 +163,14 @@
/*
* Allocate tile buffer
*/
- raster = (uint32*)_TIFFmalloc(tile_width * tile_height * sizeof (uint32));
+ raster_size = multiply(multiply(tile_width, tile_height), sizeof (uint32));
+ if (!raster_size) {
+ TIFFError(TIFFFileName(in),
+ "Can't allocate buffer for raster of size %lux%lu",
+ (unsigned long) tile_width, (unsigned long) tile_height);
+ return (0);
+ }
+ raster = (uint32*)_TIFFmalloc(raster_size);
if (raster == 0) {
TIFFError(TIFFFileName(in), "No space for raster buffer");
return (0);
@@ -159,7 +178,7 @@
/*
* Allocate a scanline buffer for swapping during the vertical
- * mirroring pass.
+ * mirroring pass. (Request can't overflow given prior checks.)
*/
wrk_line = (uint32*)_TIFFmalloc(tile_width * sizeof (uint32));
if (!wrk_line) {
@@ -236,6 +255,7 @@
uint32 width, height; /* image width & height */
uint32 row;
uint32 *wrk_line;
+ tsize_t raster_size;
int ok = 1;
TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
@@ -251,7 +271,14 @@
/*
* Allocate strip buffer
*/
- raster = (uint32*)_TIFFmalloc(width * rowsperstrip * sizeof (uint32));
+ raster_size = multiply(multiply(width, rowsperstrip), sizeof (uint32));
+ if (!raster_size) {
+ TIFFError(TIFFFileName(in),
+ "Can't allocate buffer for raster of size %lux%lu",
+ (unsigned long) width, (unsigned long) rowsperstrip);
+ return (0);
+ }
+ raster = (uint32*)_TIFFmalloc(raster_size);
if (raster == 0) {
TIFFError(TIFFFileName(in), "No space for raster buffer");
return (0);
@@ -259,7 +286,7 @@
/*
* Allocate a scanline buffer for swapping during the vertical
- * mirroring pass.
+ * mirroring pass. (Request can't overflow given prior checks.)
*/
wrk_line = (uint32*)_TIFFmalloc(width * sizeof (uint32));
if (!wrk_line) {
libtiff-acversion.patch:
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE libtiff-acversion.patch ---
This patch is needed for building the package as of F-11. It can be
dropped whenever autoconf 2.63 is no longer used on any live branch.
diff -Naur tiff-3.9.2.orig/configure.ac tiff-3.9.2/configure.ac
--- tiff-3.9.2.orig/configure.ac 2009-11-04 12:11:20.000000000 -0500
+++ tiff-3.9.2/configure.ac 2009-12-03 12:52:41.000000000 -0500
@@ -24,7 +24,7 @@
dnl Process this file with autoconf to produce a configure script.
-AC_PREREQ(2.64)
+AC_PREREQ(2.63)
AC_INIT([LibTIFF Software],[3.9.2],[tiff at lists.maptools.org],[tiff])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_MACRO_DIR(m4)
libtiff-jpeg-scanline.patch:
tif_jpeg.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
--- NEW FILE libtiff-jpeg-scanline.patch ---
Upstream patch that partially fixes bug #460322. The tiffcmp case is
still there, but this is a step forward anyhow, so going with it for now.
diff -Naur tiff-3.9.2.orig/libtiff/tif_jpeg.c tiff-3.9.2/libtiff/tif_jpeg.c
--- tiff-3.9.2.orig/libtiff/tif_jpeg.c 2009-08-30 12:21:46.000000000 -0400
+++ tiff-3.9.2/libtiff/tif_jpeg.c 2009-12-05 16:48:56.000000000 -0500
@@ -1613,7 +1613,11 @@
* Must recalculate cached tile size in case sampling state changed.
* Should we really be doing this now if image size isn't set?
*/
- tif->tif_tilesize = isTiled(tif) ? TIFFTileSize(tif) : (tsize_t) -1;
+ if( tif->tif_tilesize > 0 )
+ tif->tif_tilesize = isTiled(tif) ? TIFFTileSize(tif) : (tsize_t) -1;
+
+ if(tif->tif_scanlinesize > 0 )
+ tif->tif_scanlinesize = TIFFScanlineSize(tif);
}
static int
@@ -1741,13 +1745,21 @@
return;
}
else
- {
+ {
if( !TIFFFillStrip( tif, 0 ) )
return;
}
TIFFSetField( tif, TIFFTAG_YCBCRSUBSAMPLING,
(uint16) sp->h_sampling, (uint16) sp->v_sampling );
+
+ /*
+ ** We want to clear the loaded strip so the application has time
+ ** to set JPEGCOLORMODE or other behavior modifiers. This essentially
+ ** undoes the JPEGPreDecode triggers by TIFFFileStrip(). (#1936)
+ */
+ tif->tif_curstrip = -1;
+
#endif /* CHECK_JPEG_YCBCR_SUBSAMPLING */
}
libtiff-mantypo.patch:
tiffset.1 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE libtiff-mantypo.patch ---
Minor typo, reported upstream at
http://bugzilla.maptools.org/show_bug.cgi?id=2129
This patch should not be needed as of libtiff 4.0.
diff -Naur tiff-3.9.2.orig/man/tiffset.1 tiff-3.9.2/man/tiffset.1
--- tiff-3.9.2.orig/man/tiffset.1 2006-04-20 08:17:19.000000000 -0400
+++ tiff-3.9.2/man/tiffset.1 2009-12-03 12:11:58.000000000 -0500
@@ -60,7 +60,7 @@
``Anonymous'':
.RS
.nf
-tiffset \-s 305 Anonymous a.tif
+tiffset \-s 315 Anonymous a.tif
.fi
.RE
.PP
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/libtiff/F-12/.cvsignore,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -p -r1.8 -r1.9
--- .cvsignore 26 Apr 2006 18:43:45 -0000 1.8
+++ .cvsignore 17 Dec 2009 01:19:26 -0000 1.9
@@ -1 +1 @@
-tiff-3.8.2.tar.gz
+tiff-3.9.2.tar.gz
Index: libtiff.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libtiff/F-12/libtiff.spec,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -p -r1.56 -r1.57
--- libtiff.spec 25 Jul 2009 08:45:40 -0000 1.56
+++ libtiff.spec 17 Dec 2009 01:19:26 -0000 1.57
@@ -1,21 +1,22 @@
Summary: Library of functions for manipulating TIFF format image files
Name: libtiff
-Version: 3.8.2
-Release: 15%{?dist}
+Version: 3.9.2
+Release: 2%{?dist}
+
License: libtiff
Group: System Environment/Libraries
URL: http://www.remotesensing.org/libtiff/
Source: ftp://ftp.remotesensing.org/pub/libtiff/tiff-%{version}.tar.gz
-Patch0: tiffsplit-overflow.patch
-Patch1: libtiff-3.8.2-ormandy.patch
-Patch2: libtiff-3.8.2-CVE-2006-2193.patch
-Patch3: libtiff-3.8.2-mantypo.patch
-Patch4: libtiff-3.8.2-lzw-bugs.patch
-Patch5: libtiff-3.8.2-CVE-2009-2347.patch
+Patch1: libtiff-acversion.patch
+Patch2: libtiff-mantypo.patch
+Patch3: libtiff-CVE-2009-2347.patch
+Patch4: libtiff-jpeg-scanline.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: zlib-devel libjpeg-devel
+BuildRequires: libtool automake autoconf
+
%define LIBVER %(echo %{version} | cut -f 1-2 -d .)
%description
@@ -54,12 +55,19 @@ necessary for some boot packages.
%prep
%setup -q -n tiff-%{version}
-%patch0 -p1 -b .overflow
-%patch1 -p1 -b .ormandy
-%patch2 -p1 -b .CVE-2006-2193
-%patch3 -p1 -b .mantypo
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
%patch4 -p1
-%patch5 -p1
+
+# Use build system's libtool.m4, not the one in the package.
+rm -f libtool.m4
+
+libtoolize --force --copy
+aclocal -I . -I m4
+automake --add-missing --copy
+autoconf
+autoheader
%build
export CFLAGS="%{optflags} -fno-strict-aliasing"
@@ -71,7 +79,7 @@ LD_LIBRARY_PATH=$PWD:$LD_LIBRARY_PATH ma
%install
rm -rf $RPM_BUILD_ROOT
-%makeinstall
+make DESTDIR=$RPM_BUILD_ROOT install
# remove what we didn't want installed
rm $RPM_BUILD_ROOT%{_libdir}/*.la
@@ -93,10 +101,10 @@ rm -f html/man/tiffsv.1.html
# multilib header hack
# we only apply this to known Red Hat multilib arches, per bug #233091
case `uname -i` in
- i386 | ppc | s390)
+ i386 | ppc | s390 | sparc )
wordsize="32"
;;
- x86_64 | ppc64 | s390x)
+ x86_64 | ppc64 | s390x | sparc64 )
wordsize="64"
;;
*)
@@ -159,6 +167,17 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/*.a
%changelog
+* Wed Dec 16 2009 Tom Lane <tgl at redhat.com> 3.9.2-2
+- Update to libtiff 3.9.2; stop carrying a lot of old patches
+Resolves: #520734
+Resolves: #543289
+- Apply Warmerdam's partial fix for bug #460322 ... better than nothing.
+Related: #460322
+- Use build system's libtool instead of what package contains;
+ among other cleanup this gets rid of unwanted rpath specs in executables
+Related: #226049
+- add sparc/sparc64 to multilib header support
+
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.8.2-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/libtiff/F-12/sources,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -p -r1.8 -r1.9
--- sources 26 Apr 2006 18:43:45 -0000 1.8
+++ sources 17 Dec 2009 01:19:26 -0000 1.9
@@ -1 +1 @@
-fbb6f446ea4ed18955e2714934e5b698 tiff-3.8.2.tar.gz
+93e56e421679c591de7552db13384cb8 tiff-3.9.2.tar.gz
--- libtiff-3.7.2-persample.patch DELETED ---
--- libtiff-3.8.2-CVE-2006-2193.patch DELETED ---
--- libtiff-3.8.2-CVE-2009-2347.patch DELETED ---
--- libtiff-3.8.2-lzw-bugs.patch DELETED ---
--- libtiff-3.8.2-mantypo.patch DELETED ---
--- libtiff-3.8.2-ormandy.patch DELETED ---
--- libtiff-v3.6.1-64bit.patch DELETED ---
--- tiffsplit-overflow.patch DELETED ---
More information about the fedora-extras-commits
mailing list