1 |
commit: f7f1ddc6922123c04073a0407fe42b3da07b8f3d |
2 |
Author: Christoph Junghans <ottxor <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri May 6 16:30:04 2011 +0000 |
4 |
Commit: Christoph Junghans <kleiner_otti <AT> gmx <DOT> de> |
5 |
CommitDate: Fri May 6 16:30:04 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/sci.git;a=commit;h=f7f1ddc6 |
7 |
|
8 |
Version bump to avoid conflict with tree |
9 |
|
10 |
(Portage version: 2.1.9.42/git/Linux i686, signed Manifest commit with key C2000586) |
11 |
|
12 |
--- |
13 |
media-libs/tiff/ChangeLog | 11 ++++ |
14 |
.../tiff/files/tiff-3.9.4-CVE-2011-0192.patch | 13 ++++ |
15 |
.../tiff/files/tiff-3.9.4-CVE-2011-1167.patch | 62 ++++++++++++++++++++ |
16 |
.../{tiff-3.9.4-r1.ebuild => tiff-3.9.4-r2.ebuild} | 25 ++++++-- |
17 |
4 files changed, 105 insertions(+), 6 deletions(-) |
18 |
|
19 |
diff --git a/media-libs/tiff/ChangeLog b/media-libs/tiff/ChangeLog |
20 |
new file mode 100644 |
21 |
index 0000000..432cbf7 |
22 |
--- /dev/null |
23 |
+++ b/media-libs/tiff/ChangeLog |
24 |
@@ -0,0 +1,11 @@ |
25 |
+# ChangeLog for media-libs/tiff |
26 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
27 |
+# $Header: $ |
28 |
+ |
29 |
+*tiff-3.9.4-r2 (06 May 2011) |
30 |
+ |
31 |
+ 06 May 2011; Christoph Junghans <ottxor@g.o> -tiff-3.9.4-r1.ebuild, |
32 |
+ +tiff-3.9.4-r2.ebuild, +files/tiff-3.9.4-CVE-2011-0192.patch, |
33 |
+ +files/tiff-3.9.4-CVE-2011-1167.patch: |
34 |
+ Version bump to avoid conflict with tree |
35 |
+ |
36 |
|
37 |
diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch |
38 |
new file mode 100644 |
39 |
index 0000000..dbeb882 |
40 |
--- /dev/null |
41 |
+++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch |
42 |
@@ -0,0 +1,13 @@ |
43 |
+Index: libtiff/tif_fax3.h |
44 |
+=================================================================== |
45 |
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_fax3.h,v |
46 |
+retrieving revision 1.7 |
47 |
+retrieving revision 1.9 |
48 |
+diff -r1.7 -r1.9 |
49 |
+480a481,486 |
50 |
+> if (b1 <= (int) (a0 + TabEnt->Param)) { \ |
51 |
+> if (b1 < (int) (a0 + TabEnt->Param) || pa != thisrun) { \ |
52 |
+> unexpected("VL", a0); \ |
53 |
+> goto eol2d; \ |
54 |
+> } \ |
55 |
+> } \ |
56 |
|
57 |
diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch |
58 |
new file mode 100644 |
59 |
index 0000000..5783a2b |
60 |
--- /dev/null |
61 |
+++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch |
62 |
@@ -0,0 +1,62 @@ |
63 |
+Index: ChangeLog |
64 |
+=================================================================== |
65 |
+RCS file: /cvs/maptools/cvsroot/libtiff/ChangeLog,v |
66 |
+retrieving revision 1.602.2.130 |
67 |
+diff -r1.602.2.130 ChangeLog |
68 |
+0a1,7 |
69 |
+> 2011-03-12 Frank Warmerdam <warmerdam@×××××.com> |
70 |
+> |
71 |
+> * libtiff/tif_thunder.c: Correct potential buffer overflow with |
72 |
+> thunder encoded files with wrong bitspersample set. The libtiff |
73 |
+> development team would like to thank Marin Barbella and TippingPoint's |
74 |
+> Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004). |
75 |
+> |
76 |
+Index: libtiff/tif_thunder.c |
77 |
+=================================================================== |
78 |
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_thunder.c,v |
79 |
+retrieving revision 1.5.2.1 |
80 |
+diff -r1.5.2.1 tif_thunder.c |
81 |
+27a28 |
82 |
+> #include <assert.h> |
83 |
+58,62c59,65 |
84 |
+< #define SETPIXEL(op, v) { \ |
85 |
+< lastpixel = (v) & 0xf; \ |
86 |
+< if (npixels++ & 1) \ |
87 |
+< *op++ |= lastpixel; \ |
88 |
+< else \ |
89 |
+--- |
90 |
+> #define SETPIXEL(op, v) { \ |
91 |
+> lastpixel = (v) & 0xf; \ |
92 |
+> if ( npixels < maxpixels ) \ |
93 |
+> { \ |
94 |
+> if (npixels++ & 1) \ |
95 |
+> *op++ |= lastpixel; \ |
96 |
+> else \ |
97 |
+63a67,84 |
98 |
+> } \ |
99 |
+> } |
100 |
+> |
101 |
+> static int |
102 |
+> ThunderSetupDecode(TIFF* tif) |
103 |
+> { |
104 |
+> static const char module[] = "ThunderSetupDecode"; |
105 |
+> |
106 |
+> if( tif->tif_dir.td_bitspersample != 4 ) |
107 |
+> { |
108 |
+> TIFFErrorExt(tif->tif_clientdata, module, |
109 |
+> "Wrong bitspersample value (%d), Thunder decoder only supports 4bits per sample.", |
110 |
+> (int) tif->tif_dir.td_bitspersample ); |
111 |
+> return 0; |
112 |
+> } |
113 |
+> |
114 |
+> |
115 |
+> return (1); |
116 |
+145c166,167 |
117 |
+< return (1); |
118 |
+--- |
119 |
+> |
120 |
+> return (1); |
121 |
+153a176 |
122 |
+> tif->tif_setupdecode = ThunderSetupDecode; |
123 |
+165a189 |
124 |
+> |
125 |
|
126 |
diff --git a/media-libs/tiff/tiff-3.9.4-r1.ebuild b/media-libs/tiff/tiff-3.9.4-r2.ebuild |
127 |
similarity index 64% |
128 |
rename from media-libs/tiff/tiff-3.9.4-r1.ebuild |
129 |
rename to media-libs/tiff/tiff-3.9.4-r2.ebuild |
130 |
index 79e2a7b..1087aa6 100644 |
131 |
--- a/media-libs/tiff/tiff-3.9.4-r1.ebuild |
132 |
+++ b/media-libs/tiff/tiff-3.9.4-r2.ebuild |
133 |
@@ -1,9 +1,9 @@ |
134 |
-# Copyright 1999-2010 Gentoo Foundation |
135 |
+# Copyright 1999-2011 Gentoo Foundation |
136 |
# Distributed under the terms of the GNU General Public License v2 |
137 |
-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4.ebuild,v 1.10 2010/07/23 20:43:04 ssuominen Exp $ |
138 |
+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4-r1.ebuild,v 1.2 2011/04/23 16:38:13 nerdboy Exp $ |
139 |
|
140 |
EAPI=3 |
141 |
-inherit libtool |
142 |
+inherit eutils libtool |
143 |
|
144 |
# This is ebuild for libtiff.so.3 only for SONAME binary compatibility |
145 |
|
146 |
@@ -16,14 +16,16 @@ SLOT="3" |
147 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris" |
148 |
IUSE="+cxx jbig jpeg static-libs zlib" |
149 |
|
150 |
-DEPEND=" |
151 |
+RDEPEND="jpeg? ( virtual/jpeg ) |
152 |
!=media-libs/tiff-3* |
153 |
- jpeg? ( virtual/jpeg ) |
154 |
jbig? ( media-libs/jbigkit ) |
155 |
zlib? ( sys-libs/zlib )" |
156 |
-RDEPEND="${DEPEND}" |
157 |
+ |
158 |
+DEPEND="${RDEPEND}" |
159 |
|
160 |
src_prepare() { |
161 |
+ epatch "${FILESDIR}"/${P}-CVE-2011-0192.patch |
162 |
+ epatch "${FILESDIR}"/${P}-CVE-2011-1167.patch |
163 |
elibtoolize |
164 |
} |
165 |
|
166 |
@@ -44,3 +46,14 @@ src_install() { |
167 |
doexe libtiff/.libs/libtiff.so.3 || die |
168 |
doexe libtiff/.libs/libtiffxx.so.3 || die |
169 |
} |
170 |
+ |
171 |
+pkg_postinst() { |
172 |
+ if use jbig; then |
173 |
+ echo |
174 |
+ elog "JBIG support is intended for Hylafax fax compression, so we" |
175 |
+ elog "really need more feedback in other areas (most testing has" |
176 |
+ elog "been done with fax). Be sure to recompile anything linked" |
177 |
+ elog "against tiff if you rebuild it with jbig support." |
178 |
+ echo |
179 |
+ fi |
180 |
+} |