summaryrefslogtreecommitdiff
path: root/extra/libtiff
diff options
context:
space:
mode:
authorParabola <dev@list.parabolagnulinux.org>2011-04-05 14:26:38 +0000
committerParabola <dev@list.parabolagnulinux.org>2011-04-05 14:26:38 +0000
commit415856bdd4f48ab4f2732996f0bae58595092bbe (patch)
treeede2018b591f6dfb477fe9341ba17b9bc000fab9 /extra/libtiff
Tue Apr 5 14:26:38 UTC 2011
Diffstat (limited to 'extra/libtiff')
-rw-r--r--extra/libtiff/ChangeLog35
-rw-r--r--extra/libtiff/PKGBUILD32
-rw-r--r--extra/libtiff/libtiff-CVE-2009-2285.patch22
3 files changed, 89 insertions, 0 deletions
diff --git a/extra/libtiff/ChangeLog b/extra/libtiff/ChangeLog
new file mode 100644
index 000000000..88edcc7fc
--- /dev/null
+++ b/extra/libtiff/ChangeLog
@@ -0,0 +1,35 @@
+2010-06-20 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.4-1
+ * Upstream update
+
+2009-11-05 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.2-1
+ * Upstream update
+
+2009-08-28 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.1-1
+ * Upstream update
+
+2009-08-26 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.0-1
+ * Upstream update
+ * Updated url
+ * Updated patches
+
+2009-08-14 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.8.2-6
+ * Added security fixes (close FS#15931)
+
+2008-09-05 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.8.2-4
+ * Applied patch to fix buffer underflow in LZW decoding (tiff-3.8.2-CVE-2008-2327.patch)
+ * Added license
+ * Added freeglut optdepends
+ * FHS man pages
+ * Added ChangeLog
diff --git a/extra/libtiff/PKGBUILD b/extra/libtiff/PKGBUILD
new file mode 100644
index 000000000..ed80a2bae
--- /dev/null
+++ b/extra/libtiff/PKGBUILD
@@ -0,0 +1,32 @@
+# $Id: PKGBUILD 83314 2010-06-20 21:43:27Z eric $
+# Maintainer: Eric Belanger <eric@archlinux.org>
+# Contributor: dorphell <dorphell@archlinux.org>
+
+pkgname=libtiff
+pkgver=3.9.4
+pkgrel=1
+pkgdesc="Library for manipulation of TIFF images"
+arch=('i686' 'x86_64')
+url="http://www.remotesensing.org/libtiff/"
+license=('custom')
+depends=('libjpeg' 'zlib')
+makedepends=('libgl' 'freeglut' 'libxmu' 'libxi')
+optdepends=('freeglut: for using tiffgt')
+options=('!libtool')
+source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz \
+ libtiff-CVE-2009-2285.patch)
+md5sums=('2006c1bdd12644dbf02956955175afd6' 'ff61077408727a82281f77a94f555e2a')
+sha1sums=('a4e32d55afbbcabd0391a9c89995e8e8a19961de' 'eadce8c8bd72ea9c74f35300bf299131813b0c8b')
+
+build() {
+ cd "${srcdir}/tiff-${pkgver}"
+ patch -p1 < ../libtiff-CVE-2009-2285.patch || return 1
+ ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man || return 1
+ make || return 1
+}
+
+package() {
+ cd "${srcdir}/tiff-${pkgver}"
+ make DESTDIR="${pkgdir}" install || return 1
+ install -D -m644 COPYRIGHT "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" || return 1
+}
diff --git a/extra/libtiff/libtiff-CVE-2009-2285.patch b/extra/libtiff/libtiff-CVE-2009-2285.patch
new file mode 100644
index 000000000..435a84b53
--- /dev/null
+++ b/extra/libtiff/libtiff-CVE-2009-2285.patch
@@ -0,0 +1,22 @@
+Index: tiff-3.8.2/libtiff/tif_lzw.c
+===================================================================
+--- tiff-3.8.2.orig/libtiff/tif_lzw.c
++++ tiff-3.8.2/libtiff/tif_lzw.c
+@@ -421,7 +421,7 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
+ NextCode(tif, sp, bp, code, GetNextCode);
+ if (code == CODE_EOI)
+ break;
+- if (code == CODE_CLEAR) {
++ if (code >= CODE_CLEAR) {
+ TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
+ "LZWDecode: Corrupted LZW table at scanline %d",
+ tif->tif_row);
+@@ -624,7 +624,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
+ NextCode(tif, sp, bp, code, GetNextCodeCompat);
+ if (code == CODE_EOI)
+ break;
+- if (code == CODE_CLEAR) {
++ if (code >= CODE_CLEAR) {
+ TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
+ "LZWDecode: Corrupted LZW table at scanline %d",
+ tif->tif_row);