[gentoo-commits] proj/sci:master commit in: media-libs/tiff/files/, media-libs/tiff/ - gentoo-commits

From:	Christoph Junghans <kleiner_otti@×××.de>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/sci:master commit in: media-libs/tiff/files/, media-libs/tiff/
Date:	Fri, 06 May 2011 16:32:20
Message-Id:	`f7f1ddc6922123c04073a0407fe42b3da07b8f3d.kleiner_otti@gentoo`

1

commit:     f7f1ddc6922123c04073a0407fe42b3da07b8f3d

2

Author:     Christoph Junghans <ottxor <AT> gentoo <DOT> org>

3

AuthorDate: Fri May  6 16:30:04 2011 +0000

4

Commit:     Christoph Junghans <kleiner_otti <AT> gmx <DOT> de>

5

CommitDate: Fri May  6 16:30:04 2011 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sci.git;a=commit;h=f7f1ddc6

7

8

Version bump to avoid conflict with tree

9

10

(Portage version: 2.1.9.42/git/Linux i686, signed Manifest commit with key C2000586)

11

12

---

13

 media-libs/tiff/ChangeLog                          |   11 ++++

14

 .../tiff/files/tiff-3.9.4-CVE-2011-0192.patch      |   13 ++++

15

 .../tiff/files/tiff-3.9.4-CVE-2011-1167.patch      |   62 ++++++++++++++++++++

16

 .../{tiff-3.9.4-r1.ebuild => tiff-3.9.4-r2.ebuild} |   25 ++++++--

17

 4 files changed, 105 insertions(+), 6 deletions(-)

18

19

diff --git a/media-libs/tiff/ChangeLog b/media-libs/tiff/ChangeLog

20

new file mode 100644

21

index 0000000..432cbf7

22

--- /dev/null

23

+++ b/media-libs/tiff/ChangeLog

24

@@ -0,0 +1,11 @@

25

+# ChangeLog for media-libs/tiff

26

+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2

27

+# $Header: $

28

+

29

+*tiff-3.9.4-r2 (06 May 2011)

30

+

31

+  06 May 2011; Christoph Junghans <ottxor@g.o> -tiff-3.9.4-r1.ebuild,

32

+  +tiff-3.9.4-r2.ebuild, +files/tiff-3.9.4-CVE-2011-0192.patch,

33

+  +files/tiff-3.9.4-CVE-2011-1167.patch:

34

+  Version bump to avoid conflict with tree

35

+

36

37

diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch

38

new file mode 100644

39

index 0000000..dbeb882

40

--- /dev/null

41

+++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch

42

@@ -0,0 +1,13 @@

43

+Index: libtiff/tif_fax3.h

44

+===================================================================

45

+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_fax3.h,v

46

+retrieving revision 1.7

47

+retrieving revision 1.9

48

+diff -r1.7 -r1.9

49

+480a481,486

50

+> 	    if (b1 <= (int) (a0 + TabEnt->Param)) {			\

51

+> 		if (b1 < (int) (a0 + TabEnt->Param) || pa != thisrun) {	\

52

+> 		    unexpected("VL", a0);				\

53

+> 		    goto eol2d;						\

54

+> 		}							\

55

+> 	    }								\

56

57

diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch

58

new file mode 100644

59

index 0000000..5783a2b

60

--- /dev/null

61

+++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch

62

@@ -0,0 +1,62 @@

63

+Index: ChangeLog

64

+===================================================================

65

+RCS file: /cvs/maptools/cvsroot/libtiff/ChangeLog,v

66

+retrieving revision 1.602.2.130

67

+diff -r1.602.2.130 ChangeLog

68

+0a1,7

69

+> 2011-03-12  Frank Warmerdam  <warmerdam@×××××.com>

70

+>

71

+> 	* libtiff/tif_thunder.c: Correct potential buffer overflow with 

72

+> 	thunder encoded files with wrong bitspersample set.  The libtiff 

73

+> 	development team would like to thank Marin Barbella and TippingPoint's

74

+> 	Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004).

75

+>

76

+Index: libtiff/tif_thunder.c

77

+===================================================================

78

+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_thunder.c,v

79

+retrieving revision 1.5.2.1

80

+diff -r1.5.2.1 tif_thunder.c

81

+27a28

82

+> #include <assert.h>

83

+58,62c59,65

84

+< #define	SETPIXEL(op, v) { \

85

+< 	lastpixel = (v) & 0xf; \

86

+< 	if (npixels++ & 1) \

87

+< 	    *op++ |= lastpixel; \

88

+< 	else \

89

+---

90

+> #define	SETPIXEL(op, v) {                     \

91

+> 	lastpixel = (v) & 0xf;                \

92

+>         if ( npixels < maxpixels )         \

93

+>         {                                     \

94

+> 	  if (npixels++ & 1)                  \

95

+> 	    *op++ |= lastpixel;               \

96

+> 	  else                                \

97

+63a67,84

98

+>         }                                     \

99

+> }

100

+>

101

+> static int

102

+> ThunderSetupDecode(TIFF* tif)

103

+> {

104

+> 	static const char module[] = "ThunderSetupDecode";

105

+>

106

+>         if( tif->tif_dir.td_bitspersample != 4 )

107

+>         {

108

+>                 TIFFErrorExt(tif->tif_clientdata, module,

109

+>                              "Wrong bitspersample value (%d), Thunder decoder only supports 4bits per sample.",

110

+>                              (int) tif->tif_dir.td_bitspersample );

111

+>                 return 0;

112

+>         }

113

+>

114

+>

115

+> 	return (1);

116

+145c166,167

117

+< 	return (1);

118

+---

119

+>

120

+>         return (1);

121

+153a176

122

+>         tif->tif_setupdecode = ThunderSetupDecode;

123

+165a189

124

+>

125

126

diff --git a/media-libs/tiff/tiff-3.9.4-r1.ebuild b/media-libs/tiff/tiff-3.9.4-r2.ebuild

127

similarity index 64%

128

rename from media-libs/tiff/tiff-3.9.4-r1.ebuild

129

rename to media-libs/tiff/tiff-3.9.4-r2.ebuild

130

index 79e2a7b..1087aa6 100644

131

--- a/media-libs/tiff/tiff-3.9.4-r1.ebuild

132

+++ b/media-libs/tiff/tiff-3.9.4-r2.ebuild

133

@@ -1,9 +1,9 @@

134

-# Copyright 1999-2010 Gentoo Foundation

135

+# Copyright 1999-2011 Gentoo Foundation

136

 # Distributed under the terms of the GNU General Public License v2

137

-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4.ebuild,v 1.10 2010/07/23 20:43:04 ssuominen Exp $

138

+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4-r1.ebuild,v 1.2 2011/04/23 16:38:13 nerdboy Exp $

139

140

 EAPI=3

141

-inherit libtool

142

+inherit eutils libtool

143

144

 # This is ebuild for libtiff.so.3 only for SONAME binary compatibility

145

146

@@ -16,14 +16,16 @@ SLOT="3"

147

 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"

148

 IUSE="+cxx jbig jpeg static-libs zlib"

149

150

-DEPEND="

151

+RDEPEND="jpeg? ( virtual/jpeg )

152

 	!=media-libs/tiff-3*

153

-	jpeg? ( virtual/jpeg )

154

 	jbig? ( media-libs/jbigkit )

155

 	zlib? ( sys-libs/zlib )"

156

-RDEPEND="${DEPEND}"

157

+

158

+DEPEND="${RDEPEND}"

159

160

 src_prepare() {

161

+	epatch "${FILESDIR}"/${P}-CVE-2011-0192.patch

162

+	epatch "${FILESDIR}"/${P}-CVE-2011-1167.patch

163

 	elibtoolize

164

}

165

166

@@ -44,3 +46,14 @@ src_install() {

167

 	doexe libtiff/.libs/libtiff.so.3 || die

168

 	doexe libtiff/.libs/libtiffxx.so.3 || die

169

}

170

+

171

+pkg_postinst() {

172

+	if use jbig; then

173

+		echo

174

+		elog "JBIG support is intended for Hylafax fax compression, so we"

175

+		elog "really need more feedback in other areas (most testing has"

176

+		elog "been done with fax).  Be sure to recompile anything linked"

177

+		elog "against tiff if you rebuild it with jbig support."

178

+		echo

179

+	fi

180

+}

1	commit: f7f1ddc6922123c04073a0407fe42b3da07b8f3d
2	Author: Christoph Junghans <ottxor <AT> gentoo <DOT> org>
3	AuthorDate: Fri May 6 16:30:04 2011 +0000
4	Commit: Christoph Junghans <kleiner_otti <AT> gmx <DOT> de>
5	CommitDate: Fri May 6 16:30:04 2011 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=proj/sci.git;a=commit;h=f7f1ddc6
7
8	Version bump to avoid conflict with tree
9
10	(Portage version: 2.1.9.42/git/Linux i686, signed Manifest commit with key C2000586)
11
12	---
13	media-libs/tiff/ChangeLog \| 11 ++++
14	.../tiff/files/tiff-3.9.4-CVE-2011-0192.patch \| 13 ++++
15	.../tiff/files/tiff-3.9.4-CVE-2011-1167.patch \| 62 ++++++++++++++++++++
16	.../{tiff-3.9.4-r1.ebuild => tiff-3.9.4-r2.ebuild} \| 25 ++++++--
17	4 files changed, 105 insertions(+), 6 deletions(-)
18
19	diff --git a/media-libs/tiff/ChangeLog b/media-libs/tiff/ChangeLog
20	new file mode 100644
21	index 0000000..432cbf7
22	--- /dev/null
23	+++ b/media-libs/tiff/ChangeLog
24	@@ -0,0 +1,11 @@
25	+# ChangeLog for media-libs/tiff
26	+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
27	+# $Header: $
28	+
29	+*tiff-3.9.4-r2 (06 May 2011)
30	+
31	+ 06 May 2011; Christoph Junghans <ottxor@g.o> -tiff-3.9.4-r1.ebuild,
32	+ +tiff-3.9.4-r2.ebuild, +files/tiff-3.9.4-CVE-2011-0192.patch,
33	+ +files/tiff-3.9.4-CVE-2011-1167.patch:
34	+ Version bump to avoid conflict with tree
35	+
36
37	diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch
38	new file mode 100644
39	index 0000000..dbeb882
40	--- /dev/null
41	+++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-0192.patch
42	@@ -0,0 +1,13 @@
43	+Index: libtiff/tif_fax3.h
44	+===================================================================
45	+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_fax3.h,v
46	+retrieving revision 1.7
47	+retrieving revision 1.9
48	+diff -r1.7 -r1.9
49	+480a481,486
50	+> if (b1 <= (int) (a0 + TabEnt->Param)) { \
51	+> if (b1 < (int) (a0 + TabEnt->Param) \|\| pa != thisrun) { \
52	+> unexpected("VL", a0); \
53	+> goto eol2d; \
54	+> } \
55	+> } \
56
57	diff --git a/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch
58	new file mode 100644
59	index 0000000..5783a2b
60	--- /dev/null
61	+++ b/media-libs/tiff/files/tiff-3.9.4-CVE-2011-1167.patch
62	@@ -0,0 +1,62 @@
63	+Index: ChangeLog
64	+===================================================================
65	+RCS file: /cvs/maptools/cvsroot/libtiff/ChangeLog,v
66	+retrieving revision 1.602.2.130
67	+diff -r1.602.2.130 ChangeLog
68	+0a1,7
69	+> 2011-03-12 Frank Warmerdam <warmerdam@×××××.com>
70	+>
71	+> * libtiff/tif_thunder.c: Correct potential buffer overflow with
72	+> thunder encoded files with wrong bitspersample set. The libtiff
73	+> development team would like to thank Marin Barbella and TippingPoint's
74	+> Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004).
75	+>
76	+Index: libtiff/tif_thunder.c
77	+===================================================================
78	+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_thunder.c,v
79	+retrieving revision 1.5.2.1
80	+diff -r1.5.2.1 tif_thunder.c
81	+27a28
82	+> #include <assert.h>
83	+58,62c59,65
84	+< #define SETPIXEL(op, v) { \
85	+< lastpixel = (v) & 0xf; \
86	+< if (npixels++ & 1) \
87	+< *op++ \|= lastpixel; \
88	+< else \
89	+---
90	+> #define SETPIXEL(op, v) { \
91	+> lastpixel = (v) & 0xf; \
92	+> if ( npixels < maxpixels ) \
93	+> { \
94	+> if (npixels++ & 1) \
95	+> *op++ \|= lastpixel; \
96	+> else \
97	+63a67,84
98	+> } \
99	+> }
100	+>
101	+> static int
102	+> ThunderSetupDecode(TIFF* tif)
103	+> {
104	+> static const char module[] = "ThunderSetupDecode";
105	+>
106	+> if( tif->tif_dir.td_bitspersample != 4 )
107	+> {
108	+> TIFFErrorExt(tif->tif_clientdata, module,
109	+> "Wrong bitspersample value (%d), Thunder decoder only supports 4bits per sample.",
110	+> (int) tif->tif_dir.td_bitspersample );
111	+> return 0;
112	+> }
113	+>
114	+>
115	+> return (1);
116	+145c166,167
117	+< return (1);
118	+---
119	+>
120	+> return (1);
121	+153a176
122	+> tif->tif_setupdecode = ThunderSetupDecode;
123	+165a189
124	+>
125
126	diff --git a/media-libs/tiff/tiff-3.9.4-r1.ebuild b/media-libs/tiff/tiff-3.9.4-r2.ebuild
127	similarity index 64%
128	rename from media-libs/tiff/tiff-3.9.4-r1.ebuild
129	rename to media-libs/tiff/tiff-3.9.4-r2.ebuild
130	index 79e2a7b..1087aa6 100644
131	--- a/media-libs/tiff/tiff-3.9.4-r1.ebuild
132	+++ b/media-libs/tiff/tiff-3.9.4-r2.ebuild
133	@@ -1,9 +1,9 @@
134	-# Copyright 1999-2010 Gentoo Foundation
135	+# Copyright 1999-2011 Gentoo Foundation
136	# Distributed under the terms of the GNU General Public License v2
137	-# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4.ebuild,v 1.10 2010/07/23 20:43:04 ssuominen Exp $
138	+# $Header: /var/cvsroot/gentoo-x86/media-libs/tiff/tiff-3.9.4-r1.ebuild,v 1.2 2011/04/23 16:38:13 nerdboy Exp $
139
140	EAPI=3
141	-inherit libtool
142	+inherit eutils libtool
143
144	# This is ebuild for libtiff.so.3 only for SONAME binary compatibility
145
146	@@ -16,14 +16,16 @@ SLOT="3"
147	KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
148	IUSE="+cxx jbig jpeg static-libs zlib"
149
150	-DEPEND="
151	+RDEPEND="jpeg? ( virtual/jpeg )
152	!=media-libs/tiff-3*
153	- jpeg? ( virtual/jpeg )
154	jbig? ( media-libs/jbigkit )
155	zlib? ( sys-libs/zlib )"
156	-RDEPEND="${DEPEND}"
157	+
158	+DEPEND="${RDEPEND}"
159
160	src_prepare() {
161	+ epatch "${FILESDIR}"/${P}-CVE-2011-0192.patch
162	+ epatch "${FILESDIR}"/${P}-CVE-2011-1167.patch
163	elibtoolize
164	}
165
166	@@ -44,3 +46,14 @@ src_install() {
167	doexe libtiff/.libs/libtiff.so.3 \|\| die
168	doexe libtiff/.libs/libtiffxx.so.3 \|\| die
169	}
170	+
171	+pkg_postinst() {
172	+ if use jbig; then
173	+ echo
174	+ elog "JBIG support is intended for Hylafax fax compression, so we"
175	+ elog "really need more feedback in other areas (most testing has"
176	+ elog "been done with fax). Be sure to recompile anything linked"
177	+ elog "against tiff if you rebuild it with jbig support."
178	+ echo
179	+ fi
180	+}

Gentoo Archives: gentoo-commits