summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--user/tiff/APKBUILD14
-rw-r--r--user/tiff/CVE-2019-6128.patch49
-rw-r--r--user/tiff/CVE-2019-7663.patch37
3 files changed, 5 insertions, 95 deletions
diff --git a/user/tiff/APKBUILD b/user/tiff/APKBUILD
index c3f0590f9..602597842 100644
--- a/user/tiff/APKBUILD
+++ b/user/tiff/APKBUILD
@@ -2,8 +2,8 @@
# Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=tiff
-pkgver=4.0.10
-pkgrel=1
+pkgver=4.1.0
+pkgrel=0
pkgdesc="Library to read, create, and manipulate TIFF image files"
url="http://www.libtiff.org/"
arch="all"
@@ -12,10 +12,8 @@ depends=
depends_dev="zlib-dev libjpeg-turbo-dev"
makedepends="libtool autoconf automake $depends_dev"
subpackages="$pkgname-doc $pkgname-dev $pkgname-tools"
-source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz
- CVE-2019-6128.patch
- CVE-2019-7663.patch
- "
+source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz"
+
# secfixes: libtiff
# 4.0.10-r1:
# - CVE-2019-6128
@@ -69,6 +67,4 @@ tools() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="d213e5db09fd56b8977b187c5a756f60d6e3e998be172550c2892dbdb4b2a8e8c750202bc863fe27d0d1c577ab9de1710d15e9f6ed665aadbfd857525a81eea8 tiff-4.0.10.tar.gz
-8dc336e6c863524e3622f61ec6583eebe13fde55649cd8c812e3f6752242a23ff72cfb680dfcbe47d1503a058f5f9001415ae112220729e4ab50fe81190e327e CVE-2019-6128.patch
-6fb7e9aa0afbae96fd6e78c2401262e496f5d62980ea02712bc43f8749341d030df3625f10413f5ed3e130e88d609c2374ae69807a1f9e54ed91cbd8411aab62 CVE-2019-7663.patch"
+sha512sums="fd541dcb11e3d5afaa1ec2f073c9497099727a52f626b338ef87dc93ca2e23ca5f47634015a4beac616d4e8f05acf7b7cd5797fb218758cc2ad31b390491c5a6 tiff-4.1.0.tar.gz"
diff --git a/user/tiff/CVE-2019-6128.patch b/user/tiff/CVE-2019-6128.patch
deleted file mode 100644
index 1b15b6f01..000000000
--- a/user/tiff/CVE-2019-6128.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 0c74a9f49b8d7a36b17b54a7428b3526d20f88a8 Mon Sep 17 00:00:00 2001
-From: Scott Gayou <github.scott@gmail.com>
-Date: Wed, 23 Jan 2019 15:03:53 -0500
-Subject: [PATCH] Fix for simple memory leak that was assigned CVE-2019-6128.
-
-pal2rgb failed to free memory on a few errors. This was reported
-here: http://bugzilla.maptools.org/show_bug.cgi?id=2836.
----
- tools/pal2rgb.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
-index 01d8502e..9492f1cf 100644
---- a/tools/pal2rgb.c
-+++ b/tools/pal2rgb.c
-@@ -118,12 +118,14 @@ main(int argc, char* argv[])
- shortv != PHOTOMETRIC_PALETTE) {
- fprintf(stderr, "%s: Expecting a palette image.\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) {
- fprintf(stderr,
- "%s: No colormap (not a valid palette image).\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- bitspersample = 0;
-@@ -131,11 +133,14 @@ main(int argc, char* argv[])
- if (bitspersample != 8) {
- fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- out = TIFFOpen(argv[optind+1], "w");
-- if (out == NULL)
-+ if (out == NULL) {
-+ (void) TIFFClose(in);
- return (-2);
-+ }
- cpTags(in, out);
- TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth);
- TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength);
---
-2.21.0
-
diff --git a/user/tiff/CVE-2019-7663.patch b/user/tiff/CVE-2019-7663.patch
deleted file mode 100644
index 8049566c6..000000000
--- a/user/tiff/CVE-2019-7663.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 802d3cbf3043be5dce5317e140ccb1c17a6a2d39 Mon Sep 17 00:00:00 2001
-From: Thomas Bernard <miniupnp@free.fr>
-Date: Tue, 29 Jan 2019 11:21:47 +0100
-Subject: [PATCH] TIFFWriteDirectoryTagTransferfunction() : fix NULL
- dereferencing
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2833
-
-we must check the pointer is not NULL before memcmp() the memory
----
- libtiff/tif_dirwrite.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
-index c15a28db..ef30c869 100644
---- a/libtiff/tif_dirwrite.c
-+++ b/libtiff/tif_dirwrite.c
-@@ -1893,12 +1893,14 @@ TIFFWriteDirectoryTagTransferfunction(TIFF* tif, uint32* ndir, TIFFDirEntry* dir
- n=3;
- if (n==3)
- {
-- if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16)))
-+ if (tif->tif_dir.td_transferfunction[2] == NULL ||
-+ !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16)))
- n=2;
- }
- if (n==2)
- {
-- if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16)))
-+ if (tif->tif_dir.td_transferfunction[1] == NULL ||
-+ !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16)))
- n=1;
- }
- if (n==0)
---
-2.21.0
-