From d1d2a2e0891f2b11aa1f5f146ba76894c918a9ef Mon Sep 17 00:00:00 2001
From: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
Date: Tue, 19 Nov 2019 18:47:57 -0500
Subject: user/tiff: upgrade to 4.1.0

---
 user/tiff/APKBUILD            | 14 +++++--------
 user/tiff/CVE-2019-6128.patch | 49 -------------------------------------------
 user/tiff/CVE-2019-7663.patch | 37 --------------------------------
 3 files changed, 5 insertions(+), 95 deletions(-)
 delete mode 100644 user/tiff/CVE-2019-6128.patch
 delete mode 100644 user/tiff/CVE-2019-7663.patch

diff --git a/user/tiff/APKBUILD b/user/tiff/APKBUILD
index c3f0590f9..602597842 100644
--- a/user/tiff/APKBUILD
+++ b/user/tiff/APKBUILD
@@ -2,8 +2,8 @@
 # Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=tiff
-pkgver=4.0.10
-pkgrel=1
+pkgver=4.1.0
+pkgrel=0
 pkgdesc="Library to read, create, and manipulate TIFF image files"
 url="http://www.libtiff.org/"
 arch="all"
@@ -12,10 +12,8 @@ depends=
 depends_dev="zlib-dev libjpeg-turbo-dev"
 makedepends="libtool autoconf automake $depends_dev"
 subpackages="$pkgname-doc $pkgname-dev $pkgname-tools"
-source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz
-	CVE-2019-6128.patch
-	CVE-2019-7663.patch
-	"
+source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz"
+
 # secfixes: libtiff
 #   4.0.10-r1:
 #     - CVE-2019-6128
@@ -69,6 +67,4 @@ tools() {
 	mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
 }
 
-sha512sums="d213e5db09fd56b8977b187c5a756f60d6e3e998be172550c2892dbdb4b2a8e8c750202bc863fe27d0d1c577ab9de1710d15e9f6ed665aadbfd857525a81eea8  tiff-4.0.10.tar.gz
-8dc336e6c863524e3622f61ec6583eebe13fde55649cd8c812e3f6752242a23ff72cfb680dfcbe47d1503a058f5f9001415ae112220729e4ab50fe81190e327e  CVE-2019-6128.patch
-6fb7e9aa0afbae96fd6e78c2401262e496f5d62980ea02712bc43f8749341d030df3625f10413f5ed3e130e88d609c2374ae69807a1f9e54ed91cbd8411aab62  CVE-2019-7663.patch"
+sha512sums="fd541dcb11e3d5afaa1ec2f073c9497099727a52f626b338ef87dc93ca2e23ca5f47634015a4beac616d4e8f05acf7b7cd5797fb218758cc2ad31b390491c5a6  tiff-4.1.0.tar.gz"
diff --git a/user/tiff/CVE-2019-6128.patch b/user/tiff/CVE-2019-6128.patch
deleted file mode 100644
index 1b15b6f01..000000000
--- a/user/tiff/CVE-2019-6128.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 0c74a9f49b8d7a36b17b54a7428b3526d20f88a8 Mon Sep 17 00:00:00 2001
-From: Scott Gayou <github.scott@gmail.com>
-Date: Wed, 23 Jan 2019 15:03:53 -0500
-Subject: [PATCH] Fix for simple memory leak that was assigned CVE-2019-6128.
-
-pal2rgb failed to free memory on a few errors. This was reported
-here: http://bugzilla.maptools.org/show_bug.cgi?id=2836.
----
- tools/pal2rgb.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
-index 01d8502e..9492f1cf 100644
---- a/tools/pal2rgb.c
-+++ b/tools/pal2rgb.c
-@@ -118,12 +118,14 @@ main(int argc, char* argv[])
- 	    shortv != PHOTOMETRIC_PALETTE) {
- 		fprintf(stderr, "%s: Expecting a palette image.\n",
- 		    argv[optind]);
-+		(void) TIFFClose(in);
- 		return (-1);
- 	}
- 	if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) {
- 		fprintf(stderr,
- 		    "%s: No colormap (not a valid palette image).\n",
- 		    argv[optind]);
-+		(void) TIFFClose(in);
- 		return (-1);
- 	}
- 	bitspersample = 0;
-@@ -131,11 +133,14 @@ main(int argc, char* argv[])
- 	if (bitspersample != 8) {
- 		fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n",
- 		    argv[optind]);
-+		(void) TIFFClose(in);
- 		return (-1);
- 	}
- 	out = TIFFOpen(argv[optind+1], "w");
--	if (out == NULL)
-+	if (out == NULL) {
-+		(void) TIFFClose(in);
- 		return (-2);
-+	}
- 	cpTags(in, out);
- 	TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth);
- 	TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength);
--- 
-2.21.0
-
diff --git a/user/tiff/CVE-2019-7663.patch b/user/tiff/CVE-2019-7663.patch
deleted file mode 100644
index 8049566c6..000000000
--- a/user/tiff/CVE-2019-7663.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 802d3cbf3043be5dce5317e140ccb1c17a6a2d39 Mon Sep 17 00:00:00 2001
-From: Thomas Bernard <miniupnp@free.fr>
-Date: Tue, 29 Jan 2019 11:21:47 +0100
-Subject: [PATCH] TIFFWriteDirectoryTagTransferfunction() : fix NULL
- dereferencing
-
-http://bugzilla.maptools.org/show_bug.cgi?id=2833
-
-we must check the pointer is not NULL before memcmp() the memory
----
- libtiff/tif_dirwrite.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
-index c15a28db..ef30c869 100644
---- a/libtiff/tif_dirwrite.c
-+++ b/libtiff/tif_dirwrite.c
-@@ -1893,12 +1893,14 @@ TIFFWriteDirectoryTagTransferfunction(TIFF* tif, uint32* ndir, TIFFDirEntry* dir
- 		n=3;
- 	if (n==3)
- 	{
--		if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16)))
-+		if (tif->tif_dir.td_transferfunction[2] == NULL ||
-+		    !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[2],m*sizeof(uint16)))
- 			n=2;
- 	}
- 	if (n==2)
- 	{
--		if (!_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16)))
-+		if (tif->tif_dir.td_transferfunction[1] == NULL ||
-+		    !_TIFFmemcmp(tif->tif_dir.td_transferfunction[0],tif->tif_dir.td_transferfunction[1],m*sizeof(uint16)))
- 			n=1;
- 	}
- 	if (n==0)
--- 
-2.21.0
-
-- 
cgit v1.2.3-60-g2f50