diff options
-rw-r--r-- | user/tiff/APKBUILD | 14 | ||||
-rw-r--r-- | user/tiff/CVE-2019-6128.patch | 49 | ||||
-rw-r--r-- | user/tiff/CVE-2019-7663.patch | 37 |
3 files changed, 5 insertions, 95 deletions
diff --git a/user/tiff/APKBUILD b/user/tiff/APKBUILD index c3f0590f9..602597842 100644 --- a/user/tiff/APKBUILD +++ b/user/tiff/APKBUILD @@ -2,8 +2,8 @@ # Contributor: Leonardo Arena <rnalrd@alpinelinux.org> # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=tiff -pkgver=4.0.10 -pkgrel=1 +pkgver=4.1.0 +pkgrel=0 pkgdesc="Library to read, create, and manipulate TIFF image files" url="http://www.libtiff.org/" arch="all" @@ -12,10 +12,8 @@ depends= depends_dev="zlib-dev libjpeg-turbo-dev" makedepends="libtool autoconf automake $depends_dev" subpackages="$pkgname-doc $pkgname-dev $pkgname-tools" -source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz - CVE-2019-6128.patch - CVE-2019-7663.patch - " +source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz" + # secfixes: libtiff # 4.0.10-r1: # - CVE-2019-6128 @@ -69,6 +67,4 @@ tools() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -sha512sums="d213e5db09fd56b8977b187c5a756f60d6e3e998be172550c2892dbdb4b2a8e8c750202bc863fe27d0d1c577ab9de1710d15e9f6ed665aadbfd857525a81eea8 tiff-4.0.10.tar.gz -8dc336e6c863524e3622f61ec6583eebe13fde55649cd8c812e3f6752242a23ff72cfb680dfcbe47d1503a058f5f9001415ae112220729e4ab50fe81190e327e CVE-2019-6128.patch -6fb7e9aa0afbae96fd6e78c2401262e496f5d62980ea02712bc43f8749341d030df3625f10413f5ed3e130e88d609c2374ae69807a1f9e54ed91cbd8411aab62 CVE-2019-7663.patch" +sha512sums="fd541dcb11e3d5afaa1ec2f073c9497099727a52f626b338ef87dc93ca2e23ca5f47634015a4beac616d4e8f05acf7b7cd5797fb218758cc2ad31b390491c5a6 tiff-4.1.0.tar.gz" diff --git a/user/tiff/CVE-2019-6128.patch b/user/tiff/CVE-2019-6128.patch deleted file mode 100644 index 1b15b6f01..000000000 --- a/user/tiff/CVE-2019-6128.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 0c74a9f49b8d7a36b17b54a7428b3526d20f88a8 Mon Sep 17 00:00:00 2001 -From: Scott Gayou <github.scott@gmail.com> -Date: Wed, 23 Jan 2019 15:03:53 -0500 -Subject: [PATCH] Fix for simple memory leak that was assigned CVE-2019-6128. - -pal2rgb failed to free memory on a few errors. This was reported -here: http://bugzilla.maptools.org/show_bug.cgi?id=2836. ---- - tools/pal2rgb.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c -index 01d8502e..9492f1cf 100644 ---- a/tools/pal2rgb.c -+++ b/tools/pal2rgb.c -@@ -118,12 +118,14 @@ main(int argc, char* argv[]) - shortv != PHOTOMETRIC_PALETTE) { - fprintf(stderr, "%s: Expecting a palette image.\n", - argv[optind]); -+ (void) TIFFClose(in); - return (-1); - } - if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) { - fprintf(stderr, - "%s: No colormap (not a valid palette image).\n", - argv[optind]); -+ (void) TIFFClose(in); - return (-1); - } - bitspersample = 0; -@@ -131,11 +133,14 @@ main(int argc, char* argv[]) - if (bitspersample != 8) { - fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n", - argv[optind]); -+ (void) TIFFClose(in); - return (-1); - } - out = TIFFOpen(argv[optind+1], "w"); -- if (out == NULL) -+ if (out == NULL) { -+ (void) TIFFClose(in); - return (-2); -+ } - cpTags(in, out); - TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth); - TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength); --- -2.21.0 - diff --git a/user/tiff/CVE-2019-7663.patch b/user/tiff/CVE-2019-7663.patch deleted file mode 100644 index 8049566c6..000000000 --- a/user/tiff/CVE-2019-7663.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 802d3cbf3043be5dce5317e140ccb1c17a6a2d39 Mon Sep 17 00:00:00 2001 -From: Thomas Bernard <miniupnp@free.fr> -Date: Tue, 29 Jan 2019 11:21:47 +0100 -Subject: [PATCH] TIFFWriteDirectoryTagTransferfunction() : fix NULL - dereferencing - -http://bugzilla.maptools.org/show_bug.cgi?id=2833 - -we must check the pointer is not NULL before memcmp() the memory ---- - libtiff/tif_dirwrite.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c -index c15a28db..ef30c869 100644 ---- a/libtiff/tif_dirwrite.c -+++ b/libtiff/tif_dirwrite.c -@@ -1893,12 +1893,14 @@ TIFFWriteDirectoryTagTransferfunction(TIFF* tif, uint32* ndir, TIFFDirEntry* dir - n=3; - if (n==3) - { -- if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16))) -+ if (tif->tif_dir.td_transferfunction[2] == NULL || -+ !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16))) - n=2; - } - if (n==2) - { -- if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16))) -+ if (tif->tif_dir.td_transferfunction[1] == NULL || -+ !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16))) - n=1; - } - if (n==0) --- -2.21.0 - |