diff options
-rw-r--r-- | groups/231.native_packages_etc.group | 7 | ||||
-rw-r--r-- | patches/tiff/CVE-2018-12900.patch | 29 |
2 files changed, 4 insertions, 32 deletions
diff --git a/groups/231.native_packages_etc.group b/groups/231.native_packages_etc.group index bad68ede..c3ae8140 100644 --- a/groups/231.native_packages_etc.group +++ b/groups/231.native_packages_etc.group @@ -464,9 +464,10 @@ tcl_cv_strtod_unbroken=true"}; : ${PKG_TEXINFO_SHA256SUM:=988403c1542d15ad044600b909997ba3079b10e03224c61188117f3676b02caa}; : ${PKG_TEXINFO_VERSION:=6.7}; : ${PKG_TEXINFO_URL:=https://ftp.gnu.org/gnu/texinfo/texinfo-${PKG_TEXINFO_VERSION}.tar.xz}; -: ${PKG_TIFF_SHA256SUM:=917223b37538959aca3b790d2d73aa6e626b688e02dcda272aec24c2f498abed}; -: ${PKG_TIFF_VERSION:=4.4.0}; -: ${PKG_TIFF_URL:=https://ftp.osuosl.org/pub/blfs/conglomeration/tiff/tiff-${PKG_TIFF_VERSION}.tar.gz}; +: ${PKG_TIFF_DEPENDS:="libjpeg_turbo libz xz zstd"}; +: ${PKG_TIFF_SHA256SUM:=dafac979c5e7b6c650025569c5a4e720995ba5f17bc17e6276d1f12427be267c}; +: ${PKG_TIFF_VERSION:=4.5.0}; +: ${PKG_TIFF_URL:=http://download.osgeo.org/libtiff/tiff-${PKG_TIFF_VERSION}.tar.xz}; : ${PKG_TIFF_CONFIGURE_ARGS_EXTRA:=--disable-cxx}; : ${PKG_TMUX_DEPENDS:="libevent ncurses"}; : ${PKG_TMUX_SHA256SUM:=55313e132f0f42de7e020bf6323a1939ee02ab79c48634aa07475db41573852b}; diff --git a/patches/tiff/CVE-2018-12900.patch b/patches/tiff/CVE-2018-12900.patch deleted file mode 100644 index f95cd06a..00000000 --- a/patches/tiff/CVE-2018-12900.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001 -From: pgajdos <pgajdos@suse.cz> -Date: Tue, 13 Nov 2018 09:03:31 +0100 -Subject: [PATCH] prevent integer overflow - ---- - tools/tiffcp.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/tools/tiffcp.c b/tools/tiffcp.c -index 2f406e2d..ece7ba13 100644 ---- a/tools/tiffcp.c -+++ b/tools/tiffcp.c -@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) - status = 0; - goto done; - } -+ if (0xFFFFFFFF / tilew < spp) -+ { -+ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps); -+ status = 0; -+ goto done; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { --- -2.18.1 - |