From dbffe56f58d40a9a456baeba5d488c9f968a352a Mon Sep 17 00:00:00 2001 From: root Date: Fri, 23 Aug 2013 02:07:26 -0700 Subject: Fri Aug 23 02:06:53 PDT 2013 --- extra/libtiff/PKGBUILD | 15 +++++++++++---- extra/libtiff/tiff-4.0.3-CVE-2013-4231.patch | 18 ++++++++++++++++++ extra/libtiff/tiff-4.0.3-CVE-2013-4232.patch | 15 +++++++++++++++ 3 files changed, 44 insertions(+), 4 deletions(-) create mode 100644 extra/libtiff/tiff-4.0.3-CVE-2013-4231.patch create mode 100644 extra/libtiff/tiff-4.0.3-CVE-2013-4232.patch (limited to 'extra/libtiff') diff --git a/extra/libtiff/PKGBUILD b/extra/libtiff/PKGBUILD index fc3a2745d..2a76d717c 100644 --- a/extra/libtiff/PKGBUILD +++ b/extra/libtiff/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 186503 2013-05-28 01:47:37Z eric $ +# $Id: PKGBUILD 193540 2013-08-22 21:13:54Z eric $ # Maintainer: Eric BĂ©langer pkgname=libtiff pkgver=4.0.3 -pkgrel=2 +pkgrel=3 pkgdesc="Library for manipulation of TIFF images" arch=('i686' 'x86_64') url="http://www.remotesensing.org/libtiff/" @@ -18,14 +18,18 @@ source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz tiff-4.0.3-CVE-2013-1960.patch tiff-4.0.3-CVE-2013-1961.patch tiff-4.0.3-libjpeg-turbo.patch - tiff-4.0.3-tiff2pdf-colors.patch) + tiff-4.0.3-tiff2pdf-colors.patch + tiff-4.0.3-CVE-2013-4231.patch + tiff-4.0.3-CVE-2013-4232.patch) sha1sums=('652e97b78f1444237a82cbcfe014310e776eb6f0' '41be661638282dae0d07bd2788414cb6650f8981' '6cb3d480908132335c05c769b5a51f951413725d' '5903355afdd0bb27ea3746339e2196720f9fac9d' '29a91870cca5d4cd9ca1c464f8074088eddc3fb8' '02d57835df50d3f84587571ec52b36f5af838de2' - '23443ad0bc130d70860b6cc6d19b69584ae7a6cc') + '23443ad0bc130d70860b6cc6d19b69584ae7a6cc' + '969f588e9da5991e7f17dddf69ae59424b05fa16' + '2a23c55d081bed74ac8dd99541a93d312cc72b64') prepare() { cd tiff-${pkgver} @@ -35,6 +39,9 @@ prepare() { patch -p1 -i "${srcdir}/tiff-4.0.3-CVE-2013-1960.patch" patch -p1 -i "${srcdir}/tiff-4.0.3-CVE-2013-1961.patch" patch -p1 -i "${srcdir}/tiff-4.0.3-libjpeg-turbo.patch" + cd tools + patch -p0 -i "${srcdir}/tiff-4.0.3-CVE-2013-4231.patch" + patch -p0 -i "${srcdir}/tiff-4.0.3-CVE-2013-4232.patch" } build() { diff --git a/extra/libtiff/tiff-4.0.3-CVE-2013-4231.patch b/extra/libtiff/tiff-4.0.3-CVE-2013-4231.patch new file mode 100644 index 000000000..3c2171829 --- /dev/null +++ b/extra/libtiff/tiff-4.0.3-CVE-2013-4231.patch @@ -0,0 +1,18 @@ +Index: gif2tiff.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/gif2tiff.c,v +retrieving revision 1.12 +diff -u -r1.12 gif2tiff.c +--- gif2tiff.c 15 Dec 2010 00:22:44 -0000 1.12 ++++ gif2tiff.c 13 Aug 2013 08:25:38 -0000 +@@ -333,6 +333,10 @@ + int status = 1; + + datasize = getc(infile); ++ ++ if (datasize > 12) ++ return 0; ++ + clear = 1 << datasize; + eoi = clear + 1; + avail = clear + 2; diff --git a/extra/libtiff/tiff-4.0.3-CVE-2013-4232.patch b/extra/libtiff/tiff-4.0.3-CVE-2013-4232.patch new file mode 100644 index 000000000..87673d91b --- /dev/null +++ b/extra/libtiff/tiff-4.0.3-CVE-2013-4232.patch @@ -0,0 +1,15 @@ +Index: tiff2pdf.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v +retrieving revision 1.71 +diff -u -r1.71 tiff2pdf.c +--- tiff2pdf.c 2 May 2013 14:54:08 -0000 1.71 ++++ tiff2pdf.c 13 Aug 2013 04:45:40 -0000 +@@ -2462,6 +2462,7 @@ + TIFFFileName(input)); + t2p->t2p_error = T2P_ERR_ERROR; + _TIFFfree(buffer); ++ return(0); + } else { + buffer=samplebuffer; + t2p->tiff_datasize *= t2p->tiff_samplesperpixel; -- cgit v1.2.3-54-g00ecf