summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'media-libs/tiff')
-rw-r--r--media-libs/tiff/ChangeLog7
-rw-r--r--media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch35
-rw-r--r--media-libs/tiff/tiff-3.9.2-r1.ebuild5
3 files changed, 44 insertions, 3 deletions
diff --git a/media-libs/tiff/ChangeLog b/media-libs/tiff/ChangeLog
index 400b3cfb7a89..09be24cbe798 100644
--- a/media-libs/tiff/ChangeLog
+++ b/media-libs/tiff/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for media-libs/tiff
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/ChangeLog,v 1.159 2010/07/03 22:52:56 ssuominen Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/ChangeLog,v 1.160 2010/07/18 21:18:15 nerdboy Exp $
+
+ 18 Jul 2010; Steve Arnold <nerdboy@gentoo.org> tiff-3.9.2-r1.ebuild,
+ +files/tiff-3.9.2-CVE-2010-1411.patch:
+ Updated oldest version for CVE-2010-1411 (as long as it's still in the
+ tree...)
03 Jul 2010; Samuli Suominen <ssuominen@gentoo.org> tiff-3.9.4.ebuild:
ppc64 stable wrt security #324885
diff --git a/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch b/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch
new file mode 100644
index 000000000000..7de456578c76
--- /dev/null
+++ b/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch
@@ -0,0 +1,35 @@
+--- libtiff/tif_fax3.c.orig 2010-05-13 19:36:08.995479161 +0200
++++ libtiff/tif_fax3.c 2010-05-13 19:48:04.215467428 +0200
+@@ -42,6 +42,7 @@
+ #define G3CODES
+ #include "t4.h"
+ #include <stdio.h>
++#include <stdint.h>
+
+ /*
+ * Compression+decompression state blocks are
+@@ -493,9 +494,21 @@
+ td->td_compression == COMPRESSION_CCITTFAX4
+ );
+
+- nruns = needsRefLine ? 2*TIFFroundup(rowpixels,32) : rowpixels;
++ uint64_t val64 = rowpixels;
++ if (needsRefLine)
++ {
++ val64 = 2*TIFFroundup(rowpixels,32);
++ if (val64 > 0xffffffff)
++ return (0);
++ }
++ nruns = (val64 &0xffffffff);
+ nruns += 3;
+- dsp->runs = (uint32*) _TIFFCheckMalloc(tif, 2*nruns, sizeof (uint32),
++
++ val64 = 2*nruns+3;
++ if (val64 > 0xffffffff)
++ return (0);
++
++ dsp->runs = (uint32*) _TIFFCheckMalloc(tif, (val64 & 0xffffffff), sizeof (uint32),
+ "for Group 3/4 run arrays");
+ if (dsp->runs == NULL)
+ return (0);
+
diff --git a/media-libs/tiff/tiff-3.9.2-r1.ebuild b/media-libs/tiff/tiff-3.9.2-r1.ebuild
index 4daa626b6203..eb238e22ad11 100644
--- a/media-libs/tiff/tiff-3.9.2-r1.ebuild
+++ b/media-libs/tiff/tiff-3.9.2-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.2-r1.ebuild,v 1.7 2010/03/09 21:46:10 josejx Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.2-r1.ebuild,v 1.8 2010/07/18 21:18:15 nerdboy Exp $
EAPI=2
inherit eutils libtool
@@ -20,7 +20,8 @@ DEPEND="jpeg? ( >=media-libs/jpeg-6b:0 )
src_prepare() {
epatch "${FILESDIR}"/${PN}-3.8.2-CVE-2009-2285.patch \
- "${FILESDIR}"/${P}-CVE-2009-2347.patch
+ "${FILESDIR}"/${P}-CVE-2009-2347.patch \
+ "${FILESDIR}"/${P}-CVE-2010-1411.patch
elibtoolize
}