diff options
author | Christoph Junghans <ottxor@gentoo.org> | 2011-05-06 18:30:04 +0200 |
---|---|---|
committer | Christoph Junghans <ottxor@gentoo.org> | 2011-05-06 18:30:04 +0200 |
commit | f7f1ddc6922123c04073a0407fe42b3da07b8f3d (patch) | |
tree | 01523715485f4f8ef57c63f0934b98423cc28212 /media-libs | |
parent | sci-biology/Gambit: BAM file viewer (diff) | |
download | sci-f7f1ddc6922123c04073a0407fe42b3da07b8f3d.tar.gz sci-f7f1ddc6922123c04073a0407fe42b3da07b8f3d.tar.bz2 sci-f7f1ddc6922123c04073a0407fe42b3da07b8f3d.zip |
Version bump to avoid conflict with tree
(Portage version: 2.1.9.42/git/Linux i686, signed Manifest commit with key C2000586)
Diffstat (limited to 'media-libs')
-rw-r--r-- | media-libs/tiff/ChangeLog | 11 | ||||
-rw-r--r-- | media-libs/tiff/Manifest | 29 | ||||
-rw-r--r-- | media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch | 13 | ||||
-rw-r--r-- | media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch | 62 | ||||
-rw-r--r-- | media-libs/tiff/tiff-3.9.4-r2.ebuild (renamed from media-libs/tiff/tiff-3.9.4-r1.ebuild) | 25 |
5 files changed, 118 insertions, 22 deletions
diff --git a/media-libs/tiff/ChangeLog b/media-libs/tiff/ChangeLog new file mode 100644 index 000000000..432cbf7ce --- /dev/null +++ b/media-libs/tiff/ChangeLog @@ -0,0 +1,11 @@ +# ChangeLog for media-libs/tiff +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: $ + +*tiff-3.9.4-r2 (06 May 2011) + + 06 May 2011; Christoph Junghans <ottxor@gentoo.org> -tiff-3.9.4-r1.ebuild, + +tiff-3.9.4-r2.ebuild, +files/tiff-3.9.4-CVE-2011-0192.patch, + +files/tiff-3.9.4-CVE-2011-1167.patch: + Version bump to avoid conflict with tree + diff --git a/media-libs/tiff/Manifest b/media-libs/tiff/Manifest index 9156f8ede..eac54f8b7 100644 --- a/media-libs/tiff/Manifest +++ b/media-libs/tiff/Manifest @@ -1,23 +1,20 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 +Hash: SHA1 +AUX tiff-3.9.4-CVE-2011-0192.patch 439 RMD160 8d57853f8b9a3312b6d4ec9dbef5058372b4cb41 SHA1 062f1dc95ec4f844aaf49930041016995ceef686 SHA256 10e4cbc100538f43dde12cd2378af20e51ab954c6508d5e5aea6ed3075940bbc +AUX tiff-3.9.4-CVE-2011-1167.patch 1924 RMD160 b5cc360a86f986728e6834c3a79ac9ace31c85de SHA1 494977ffe25a2374ca2b4f378454f88d5b3a6f0c SHA256 7198ae383a617cfae8034eccaf63ff7de897f8217aa6aa77c67f95443ac6deb1 DIST tiff-3.9.4.tar.gz 1436968 RMD160 3e0a74b6294297c16fb983ad68056a1dfbbdb1de SHA1 a4e32d55afbbcabd0391a9c89995e8e8a19961de SHA256 67b76d075fb74f7cb32e7e4b217701674755fe6cee0f463b259a753fce691da6 -EBUILD tiff-3.9.4-r1.ebuild 1369 RMD160 201de06197f6868cea1a971d6204eed2b6ab2131 SHA1 1307e92e2a560d68b98801c5c2f218223bbcef4a SHA256 7bf2e7ebba22102529c6f2f87166d20d79a72fa8ce1292cb3e0d88c742ca792c +EBUILD tiff-3.9.4-r2.ebuild 1791 RMD160 a0dcfc2f0b0be5c3bfb461281281432a021967ef SHA1 b73a267f6079b9491617b83c5a49328e9753f76e SHA256 8636130ff778f9627153ea29177cb3f09515d4c6c14feb814719c479e0d8fac2 +MISC ChangeLog 372 RMD160 59ec65fa02bae584b857b0294cd2f67c8e7eba39 SHA1 204c932edb1a31a0f35e20c1a0351aea77f4de5a SHA256 e883182c8c4d85100ca217410a5cd16da80cd517067e0bd59e52cc7ce4f6e9ad MISC metadata.xml 448 RMD160 0419f91f1f20efdc94d3894f6a4fc6471f22d0a1 SHA1 d743d16f4afb124bbe57a45b217b92f71b515f20 SHA256 61b04082cf0ccec1f58146fab271f88e56009277edee28b3f297eafb0562f4c9 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.16 (GNU/Linux) +Version: GnuPG v2.0.17 (GNU/Linux) -iQIcBAEBCAAGBQJNCSiwAAoJEOf+E+/4L5LmNREP/1HwS5+xw2YBx/oVF4QG9+HP -39HxqbnjO84Wq53lwKVQ5rp9O/eKm2OdaEIfxsFODBt2MKfLzPzX/1wQ0Bz0jhP4 -SnFhW1N2oQfBBUiny8cppzq7Bnt5XQixvrXlXBU9SR25qzBL+Uw6UxEB91T4FaNo -R5wlWgsOpQXG0jy7TYFKX24M2GYAUBuaQFr72n9AMdnfgBaWbe0lk47A7ziluMtL -2V1inajj4/rVMaFUzPmh+v2RwBQxsEYuUCeIMczD1sEzrHxGI/cMq+xA+sudVumr -pomz11+jvCzEX5rKcHenNFkPklOoVCDmWkZiLEJ/1iy60ezLg5Z/FzyclDabW59r -9YCKqR12MBgHxSj0xbfrhenoS3rCEOd2NO4G2TGP9mvTkoMqhcS3MoRHwePl+HpO -b7rS2pdslJbx7ZPu5ow4ZSCNzjeO2a5iQFzkmnGMDJUm/Heq0Aw9mWzhfCXSNPNp -DWqnMC8Zbr9e5tCceX5FZzUNOIigpyGzOstABAiBd/aGNhgC8WaK6lUlQFgqbe6q -3uhuxi+xQ9PV34yARgq6+xt1rtxjUjEjl1bfElLj2BJyes5kSBTISABL6u0Nz0vM -8ZjsPtsuNgPbZmVDQV/xeFqEwwrST869kDmzyfD0dIzbZBTpAomOsQudV1ZP9fWH -8n4X61S+I6KS1ZhPWJGm -=0C69 +iQEcBAEBAgAGBQJNxCIMAAoJEOeBhlrCAAWGy0AH+wWF2niaSRV0e9dQxzpvkE+F +S2jLS4eeJFHV9padNgGa6RqIUKI2s6OoCgVwxasmS9cQJsi+cInmPDbo1FbiWdKp +xhn+icX4WsZ1cKQKWlvKwrjv2XM8QPxY1KkRFLgcAIhnpUI+ciQNyNZ6Y7FkEsq6 +phfZrGd1Z3F0SVkiY8ggqzlhmx/6JYr8+F2lDw+PtPTumStkH8N7MFUJVhVlgmH9 ++KLDetbELG0X7Bp46HafWjcTHrAkYs0S2bPvJnevLS9lBGSfgstdIEBkCvRkhMex +jY6nv0qPKav7mZ2VrfEeEO2QuqIwSys90L1wNqROXJDwnITpGXLBWfhKuzi/Xb8= +=4JJx -----END PGP SIGNATURE----- diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch new file mode 100644 index 000000000..dbeb8825d --- /dev/null +++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch @@ -0,0 +1,13 @@ +Index: libtiff/tif_fax3.h +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_fax3.h,v +retrieving revision 1.7 +retrieving revision 1.9 +diff -r1.7 -r1.9 +480a481,486 +> if (b1 <= (int) (a0 + TabEnt->Param)) { \ +> if (b1 < (int) (a0 + TabEnt->Param) || pa != thisrun) { \ +> unexpected("VL", a0); \ +> goto eol2d; \ +> } \ +> } \ diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch new file mode 100644 index 000000000..5783a2b23 --- /dev/null +++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch @@ -0,0 +1,62 @@ +Index: ChangeLog +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/ChangeLog,v +retrieving revision 1.602.2.130 +diff -r1.602.2.130 ChangeLog +0a1,7 +> 2011-03-12 Frank Warmerdam <warmerdam@pobox.com> +> +> * libtiff/tif_thunder.c: Correct potential buffer overflow with +> thunder encoded files with wrong bitspersample set. The libtiff +> development team would like to thank Marin Barbella and TippingPoint's +> Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004). +> +Index: libtiff/tif_thunder.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_thunder.c,v +retrieving revision 1.5.2.1 +diff -r1.5.2.1 tif_thunder.c +27a28 +> #include <assert.h> +58,62c59,65 +< #define SETPIXEL(op, v) { \ +< lastpixel = (v) & 0xf; \ +< if (npixels++ & 1) \ +< *op++ |= lastpixel; \ +< else \ +--- +> #define SETPIXEL(op, v) { \ +> lastpixel = (v) & 0xf; \ +> if ( npixels < maxpixels ) \ +> { \ +> if (npixels++ & 1) \ +> *op++ |= lastpixel; \ +> else \ +63a67,84 +> } \ +> } +> +> static int +> ThunderSetupDecode(TIFF* tif) +> { +> static const char module[] = "ThunderSetupDecode"; +> +> if( tif->tif_dir.td_bitspersample != 4 ) +> { +> TIFFErrorExt(tif->tif_clientdata, module, +> "Wrong bitspersample value (%d), Thunder decoder only supports 4bits per sample.", +> (int) tif->tif_dir.td_bitspersample ); +> return 0; +> } +> +> +> return (1); +145c166,167 +< return (1); +--- +> +> return (1); +153a176 +> tif->tif_setupdecode = ThunderSetupDecode; +165a189 +> diff --git a/media-libs/tiff/tiff-3.9.4-r1.ebuild b/media-libs/tiff/tiff-3.9.4-r2.ebuild index 79e2a7ba0..1087aa678 100644 --- a/media-libs/tiff/tiff-3.9.4-r1.ebuild +++ b/media-libs/tiff/tiff-3.9.4-r2.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2010 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4.ebuild,v 1.10 2010/07/23 20:43:04 ssuominen Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4-r1.ebuild,v 1.2 2011/04/23 16:38:13 nerdboy Exp $ EAPI=3 -inherit libtool +inherit eutils libtool # This is ebuild for libtiff.so.3 only for SONAME binary compatibility @@ -16,14 +16,16 @@ SLOT="3" KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris" IUSE="+cxx jbig jpeg static-libs zlib" -DEPEND=" +RDEPEND="jpeg? ( virtual/jpeg ) !=media-libs/tiff-3* - jpeg? ( virtual/jpeg ) jbig? ( media-libs/jbigkit ) zlib? ( sys-libs/zlib )" -RDEPEND="${DEPEND}" + +DEPEND="${RDEPEND}" src_prepare() { + epatch "${FILESDIR}"/${P}-CVE-2011-0192.patch + epatch "${FILESDIR}"/${P}-CVE-2011-1167.patch elibtoolize } @@ -44,3 +46,14 @@ src_install() { doexe libtiff/.libs/libtiff.so.3 || die doexe libtiff/.libs/libtiffxx.so.3 || die } + +pkg_postinst() { + if use jbig; then + echo + elog "JBIG support is intended for Hylafax fax compression, so we" + elog "really need more feedback in other areas (most testing has" + elog "been done with fax). Be sure to recompile anything linked" + elog "against tiff if you rebuild it with jbig support." + echo + fi +} |