Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-libs
diff options
context:
space:
mode:
Diffstat (limited to 'media-libs')
-rw-r--r--media-libs/tiff/ChangeLog7
-rw-r--r--media-libs/tiff/Manifest5
-rw-r--r--media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch35
-rw-r--r--media-libs/tiff/tiff-3.9.2-r1.ebuild5
4 files changed, 47 insertions, 5 deletions
diff --git a/media-libs/tiff/ChangeLog b/media-libs/tiff/ChangeLog
index 400b3cfb7a89..09be24cbe798 100644
--- a/media-libs/tiff/ChangeLog
+++ b/media-libs/tiff/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for media-libs/tiff
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/ChangeLog,v 1.159 2010/07/03 22:52:56 ssuominen Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/ChangeLog,v 1.160 2010/07/18 21:18:15 nerdboy Exp $
+
+ 18 Jul 2010; Steve Arnold <nerdboy@gentoo.org> tiff-3.9.2-r1.ebuild,
+ +files/tiff-3.9.2-CVE-2010-1411.patch:
+ Updated oldest version for CVE-2010-1411 (as long as it's still in the
+ tree...)
03 Jul 2010; Samuli Suominen <ssuominen@gentoo.org> tiff-3.9.4.ebuild:
ppc64 stable wrt security #324885
diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest
index a7706518eb90..e20d43084a49 100644
--- a/media-libs/tiff/Manifest
+++ b/media-libs/tiff/Manifest
@@ -1,10 +1,11 @@
AUX tiff-3.8.2-CVE-2009-2285.patch 717 RMD160 6fca42b138383626becf1221ec8550935621f60b SHA1 f2daf5306efb6f0908f0046765a10bf30b2642c2 SHA256 bbe28b7dbc6f24619ad851a53d39149100069af6a5d1578b0cd9ade48d7b127b
AUX tiff-3.9.2-CVE-2009-2347.patch 2571 RMD160 142c305b3a1cd9c0f27b482ced15104e82f43a19 SHA1 04c0bb3f6bcfa27e89f00f97c843b2f9d5220ce8 SHA256 27839133f0ddd51b7c5f53e85b7985f68284ab0da4ba589e629fe085be62074b
+AUX tiff-3.9.2-CVE-2010-1411.patch 898 RMD160 8b503834cdf4ade56b990152da4431cda36fe8d1 SHA1 e03812e4f19d22a0e4222a5d0f8d84be71949e18 SHA256 dd7a7e612df083ab2dd3980a1067a3af53c1f71781df7e9f3794d01698d36383
DIST tiff-3.9.2.tar.gz 1419742 RMD160 22716e0bcee93a654a704900f3e19f41600f3d18 SHA1 5c054d31e350e53102221b7760c3700cf70b4327 SHA256 3cd566c19291ea3379115dd0d2ebcdefb6a7cf0511cc33e733ec3a500e10da69
DIST tiff-3.9.4.tar.gz 1436968 RMD160 3e0a74b6294297c16fb983ad68056a1dfbbdb1de SHA1 a4e32d55afbbcabd0391a9c89995e8e8a19961de SHA256 67b76d075fb74f7cb32e7e4b217701674755fe6cee0f463b259a753fce691da6
DIST tiff-4.0.0beta6.tar.gz 1968829 RMD160 deab0908742a309f1b2954f1d1b5e2aaaa3180d0 SHA1 20aabb4d92bd5980a382e8ca53a2e010c7580976 SHA256 de016175742bcdd0cd6f326dd2e7bbc7154437d7bb09976ad4789016065061e6
-EBUILD tiff-3.9.2-r1.ebuild 1604 RMD160 f97539a32f5163afbe916106dadc3f7a98deb0fe SHA1 e0b8bef40db8f5106d17c29897e4c75f086b40af SHA256 3b270c8e8717267ef155ff81aaabeab58c2f2c839c956ad0485862215a37fa28
+EBUILD tiff-3.9.2-r1.ebuild 1648 RMD160 d26f8618325e3d43289ba5bf119a6fe31de15035 SHA1 db42b78488f778674f48025cb6221f918c6bc8ed SHA256 0f203bb139cf38ee043f5f6a3ef7632802d0c097e57dfcdc388a64fb2e9b3e80
EBUILD tiff-3.9.4.ebuild 1526 RMD160 f9e150ab25f819cfd6f19789bcca6b21319c2db7 SHA1 de217cd646ac717a493b74abbb34aa861fb33f5e SHA256 6c25df51529b5a0b1a9378537f3c32f0257b4bff6119726b1cc5cc2a817f0eb2
EBUILD tiff-4.0.0_beta6.ebuild 1642 RMD160 63b88215a222718efe6a61a7d0c181dc8a6dfbd7 SHA1 fe6495402135a1af43a01029792e163cdc1a3d92 SHA256 89d42095c57293868147881f1ccbb66395f1866a4b5d16707f0f377bab6a3ec2
-MISC ChangeLog 21767 RMD160 cefd21d1e5c678bc851e195f0eee0b854b87ac3d SHA1 9b8799115668baef858ae42fb0a3b12d4405d886 SHA256 dac1bc95881ac72dc07470fa0b678900d786ec5bfd4f43fa11d171a66b944c81
+MISC ChangeLog 21963 RMD160 f78a2094172564c97db9a834ab4f2204f4883496 SHA1 e93d782d9d35149d905cf5c11dd60dbfd8036e4b SHA256 103fafa56f1864ecd7e4f73c102b7420f37e98380c1ec2e25a81b77d00519fa2
MISC metadata.xml 448 RMD160 0419f91f1f20efdc94d3894f6a4fc6471f22d0a1 SHA1 d743d16f4afb124bbe57a45b217b92f71b515f20 SHA256 61b04082cf0ccec1f58146fab271f88e56009277edee28b3f297eafb0562f4c9
diff --git a/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch b/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch
new file mode 100644
index 000000000000..7de456578c76
--- /dev/null
+++ b/media-libs/tiff/files/tiff-3.9.2-CVE-2010-1411.patch
@@ -0,0 +1,35 @@
+--- libtiff/tif_fax3.c.orig 2010-05-13 19:36:08.995479161 +0200
++++ libtiff/tif_fax3.c 2010-05-13 19:48:04.215467428 +0200
+@@ -42,6 +42,7 @@
+ #define G3CODES
+ #include "t4.h"
+ #include <stdio.h>
++#include <stdint.h>
+
+ /*
+ * Compression+decompression state blocks are
+@@ -493,9 +494,21 @@
+ td->td_compression == COMPRESSION_CCITTFAX4
+ );
+
+- nruns = needsRefLine ? 2*TIFFroundup(rowpixels,32) : rowpixels;
++ uint64_t val64 = rowpixels;
++ if (needsRefLine)
++ {
++ val64 = 2*TIFFroundup(rowpixels,32);
++ if (val64 > 0xffffffff)
++ return (0);
++ }
++ nruns = (val64 &0xffffffff);
+ nruns += 3;
+- dsp->runs = (uint32*) _TIFFCheckMalloc(tif, 2*nruns, sizeof (uint32),
++
++ val64 = 2*nruns+3;
++ if (val64 > 0xffffffff)
++ return (0);
++
++ dsp->runs = (uint32*) _TIFFCheckMalloc(tif, (val64 & 0xffffffff), sizeof (uint32),
+ "for Group 3/4 run arrays");
+ if (dsp->runs == NULL)
+ return (0);
+
diff --git a/media-libs/tiff/tiff-3.9.2-r1.ebuild b/media-libs/tiff/tiff-3.9.2-r1.ebuild
index 4daa626b6203..eb238e22ad11 100644
--- a/media-libs/tiff/tiff-3.9.2-r1.ebuild
+++ b/media-libs/tiff/tiff-3.9.2-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.2-r1.ebuild,v 1.7 2010/03/09 21:46:10 josejx Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.2-r1.ebuild,v 1.8 2010/07/18 21:18:15 nerdboy Exp $
EAPI=2
inherit eutils libtool
@@ -20,7 +20,8 @@ DEPEND="jpeg? ( >=media-libs/jpeg-6b:0 )
src_prepare() {
epatch "${FILESDIR}"/${PN}-3.8.2-CVE-2009-2285.patch \
- "${FILESDIR}"/${P}-CVE-2009-2347.patch
+ "${FILESDIR}"/${P}-CVE-2009-2347.patch \
+ "${FILESDIR}"/${P}-CVE-2010-1411.patch
elibtoolize
}