Merge branch 'testing'

# By James Meyer (1091) and others
# Via James Meyer (5) and others
* testing: (1148 commits)
  LinHES-config: during install don't kill off lirc.  This keeps the remote active all the way to the finish
  Change version numbers to 8.0  to match the release number. LinHES-conifg LinHES-system mythdb-initial runit-scripts supplemental-web
  LinHES-conifig: mv_install.py  for the last partition don't go all the way to the end.  Gotta leave room for gpt tables.
  xf86-video-ati: xorg ati driver.
  LinHES-config: timezip.py  add syncing up of parental lvl passwords and starting level with MBE.
  LinHES-system: correct the logic for breaking out of the wmctrl loop.   As written it would break out of the inner loop..but not the 60 iteration loop.
  e16_theme_settings:  remove slide-in prop for new windows.   For whatever reason this was preventing mplayer from being positioned correctly for appletrailers.
  LinHES-config, mythinstall:  change  case of hd_pvr and   serial to all lower refs #902
  zilog-firmware:   firmware for TX support of the hdpvr and pvr-150 In general I can't recommend anybody using these transmitters  but including the firmware just in case someone really wants to
  linhes-udev-rules:  added hdprv_lirc rule. All of these lirc rules are limited to exactly one device.  If more then one device is present then only the last device in init will get the symlink
  runit-scripts:  fix logging for igdeamon,   add support to remote init script so that the blaster is always the first device in the chain. added support specificly for hd_pvr
  LinHES-system:   add lh_system_restore and lh_system_backup.  These scripts are called from the mythmenu. refs #900
  iguanair: rebuild with python 2.7
  LinHES-system: msg_daemon.py fix  init and nasty bug related to timeout. In a nutshell timeout wouldn't work unless a msg without a timeout was called first.
  linhes-udev-rules:  add rules for mce,streamzap,serial  lirc devices.
  mythinstall: recompile for matching libs
  mythtv:  latest .25-fixes  and change mythbackup/restore call lh_system_$op   to replace mythbackup/mythrestore.  mythbackup no longer works correctly with the new windowmanager
  linhes-scripts: myth2mp3, myth2x264, myth2xvid: use mythutil to get cutlist
  LinHES-config, supplimental-web:  Fix proxy numbering for Ceton infiniTV
  linhes-system:  add additional stuff to the system backup and also introduced an exclude file. The exclude/include files are locate in /home/mythtv/backup_config/
  ...

8 files changed, 16 insertions, 879 deletions

diff --git a/abs/core/libtiff/CVE-2006-3459-3465.patch b/abs/core/libtiff/CVE-2006-3459-3465.patch
deleted file mode 100644
index cb55b03..0000000
--- a/abs/core/libtiff/CVE-2006-3459-3465.patch
+++ /dev/null
@@ -1,669 +0,0 @@
-diff -ru tiff-3.8.2/libtiff/tif_dir.c tiff-3.8.2-goo/libtiff/tif_dir.c
---- tiff-3.8.2/libtiff/tif_dir.c	2006-03-21 16:42:50.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_dir.c	2006-07-14 13:52:01.027562000 +0100
-@@ -122,6 +122,7 @@
- {
- 	static const char module[] = "_TIFFVSetField";
- 	
-+	const TIFFFieldInfo* fip = _TIFFFindFieldInfo(tif, tag, TIFF_ANY);
- 	TIFFDirectory* td = &tif->tif_dir;
- 	int status = 1;
- 	uint32 v32, i, v;
-@@ -195,10 +196,12 @@
- 		break;
- 	case TIFFTAG_ORIENTATION:
- 		v = va_arg(ap, uint32);
-+		const TIFFFieldInfo* fip;
- 		if (v < ORIENTATION_TOPLEFT || ORIENTATION_LEFTBOT < v) {
-+			fip = _TIFFFieldWithTag(tif, tag);
- 			TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
- 			    "Bad value %lu for \"%s\" tag ignored",
--			    v, _TIFFFieldWithTag(tif, tag)->field_name);
-+			    v, fip ? fip->field_name : "Unknown");
- 		} else
- 			td->td_orientation = (uint16) v;
- 		break;
-@@ -387,11 +390,15 @@
- 	     * happens, for example, when tiffcp is used to convert between
- 	     * compression schemes and codec-specific tags are blindly copied.
-              */
-+	    /* 
-+	     * better not dereference fip if it is NULL.
-+	     * -- taviso@google.com 15 Jun 2006
-+	     */
-             if(fip == NULL || fip->field_bit != FIELD_CUSTOM) {
- 		TIFFErrorExt(tif->tif_clientdata, module,
- 		    "%s: Invalid %stag \"%s\" (not supported by codec)",
- 		    tif->tif_name, isPseudoTag(tag) ? "pseudo-" : "",
--		    _TIFFFieldWithTag(tif, tag)->field_name);
-+		    fip ? fip->field_name : "Unknown");
- 		status = 0;
- 		break;
-             }
-@@ -468,7 +475,7 @@
- 	    if (fip->field_type == TIFF_ASCII)
- 		    _TIFFsetString((char **)&tv->value, va_arg(ap, char *));
- 	    else {
--                tv->value = _TIFFmalloc(tv_size * tv->count);
-+                tv->value = _TIFFCheckMalloc(tif, tv_size, tv->count, "Tag Value");
- 		if (!tv->value) {
- 		    status = 0;
- 		    goto end;
-@@ -563,7 +570,7 @@
-           }
- 	}
- 	if (status) {
--		TIFFSetFieldBit(tif, _TIFFFieldWithTag(tif, tag)->field_bit);
-+		TIFFSetFieldBit(tif, fip->field_bit);
- 		tif->tif_flags |= TIFF_DIRTYDIRECT;
- 	}
- 
-@@ -572,12 +579,12 @@
- 	return (status);
- badvalue:
- 	TIFFErrorExt(tif->tif_clientdata, module, "%s: Bad value %d for \"%s\"",
--		  tif->tif_name, v, _TIFFFieldWithTag(tif, tag)->field_name);
-+		  tif->tif_name, v, fip ? fip->field_name : "Unknown");
- 	va_end(ap);
- 	return (0);
- badvalue32:
- 	TIFFErrorExt(tif->tif_clientdata, module, "%s: Bad value %ld for \"%s\"",
--		   tif->tif_name, v32, _TIFFFieldWithTag(tif, tag)->field_name);
-+		   tif->tif_name, v32, fip ? fip->field_name : "Unknown");
- 	va_end(ap);
- 	return (0);
- }
-@@ -813,12 +820,16 @@
-              * If the client tries to get a tag that is not valid
-              * for the image's codec then we'll arrive here.
-              */
-+	    /*
-+	     * dont dereference fip if it's NULL.
-+	     * -- taviso@google.com 15 Jun 2006
-+	     */
-             if( fip == NULL || fip->field_bit != FIELD_CUSTOM )
-             {
- 				TIFFErrorExt(tif->tif_clientdata, "_TIFFVGetField",
-                           "%s: Invalid %stag \"%s\" (not supported by codec)",
-                           tif->tif_name, isPseudoTag(tag) ? "pseudo-" : "",
--                          _TIFFFieldWithTag(tif, tag)->field_name);
-+                          fip ? fip->field_name : "Unknown");
-                 ret_val = 0;
-                 break;
-             }
-diff -ru tiff-3.8.2/libtiff/tif_dirinfo.c tiff-3.8.2-goo/libtiff/tif_dirinfo.c
---- tiff-3.8.2/libtiff/tif_dirinfo.c	2006-02-07 13:51:03.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_dirinfo.c	2006-07-14 13:52:00.953558000 +0100
-@@ -775,7 +775,8 @@
- 		TIFFErrorExt(tif->tif_clientdata, "TIFFFieldWithTag",
- 			  "Internal error, unknown tag 0x%x",
-                           (unsigned int) tag);
--		assert(fip != NULL);
-+		/* assert(fip != NULL); */
-+
- 		/*NOTREACHED*/
- 	}
- 	return (fip);
-@@ -789,7 +790,8 @@
- 	if (!fip) {
- 		TIFFErrorExt(tif->tif_clientdata, "TIFFFieldWithName",
- 			  "Internal error, unknown tag %s", field_name);
--		assert(fip != NULL);
-+		/* assert(fip != NULL); */
-+		
- 		/*NOTREACHED*/
- 	}
- 	return (fip);
-diff -ru tiff-3.8.2/libtiff/tif_dirread.c tiff-3.8.2-goo/libtiff/tif_dirread.c
---- tiff-3.8.2/libtiff/tif_dirread.c	2006-03-21 16:42:50.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_dirread.c	2006-07-14 13:52:00.842557000 +0100
-@@ -29,6 +29,9 @@
-  *
-  * Directory Read Support Routines.
-  */
-+
-+#include <limits.h>
-+
- #include "tiffiop.h"
- 
- #define	IGNORE	0		/* tag placeholder used below */
-@@ -81,6 +84,7 @@
- 	uint16 dircount;
- 	toff_t nextdiroff;
- 	int diroutoforderwarning = 0;
-+	int compressionknown = 0;
- 	toff_t* new_dirlist;
- 
- 	tif->tif_diroff = tif->tif_nextdiroff;
-@@ -147,13 +151,20 @@
- 	} else {
- 		toff_t off = tif->tif_diroff;
- 
--		if (off + sizeof (uint16) > tif->tif_size) {
--			TIFFErrorExt(tif->tif_clientdata, module,
--			    "%s: Can not read TIFF directory count",
--                            tif->tif_name);
--			return (0);
-+		/*
-+		 * Check for integer overflow when validating the dir_off, otherwise
-+		 * a very high offset may cause an OOB read and crash the client.
-+		 * -- taviso@google.com, 14 Jun 2006.
-+		 */
-+		if (off + sizeof (uint16) > tif->tif_size || 
-+			off > (UINT_MAX - sizeof(uint16))) {
-+				TIFFErrorExt(tif->tif_clientdata, module,
-+				    "%s: Can not read TIFF directory count",
-+				    tif->tif_name);
-+				return (0);
- 		} else
--			_TIFFmemcpy(&dircount, tif->tif_base + off, sizeof (uint16));
-+			_TIFFmemcpy(&dircount, tif->tif_base + off,
-+					sizeof (uint16));
- 		off += sizeof (uint16);
- 		if (tif->tif_flags & TIFF_SWAB)
- 			TIFFSwabShort(&dircount);
-@@ -254,6 +265,7 @@
- 		while (fix < tif->tif_nfields &&
- 		       tif->tif_fieldinfo[fix]->field_tag < dp->tdir_tag)
- 			fix++;
-+
- 		if (fix >= tif->tif_nfields ||
- 		    tif->tif_fieldinfo[fix]->field_tag != dp->tdir_tag) {
- 
-@@ -264,17 +276,23 @@
- 						       dp->tdir_tag,
- 						       dp->tdir_tag,
- 						       dp->tdir_type);
--
--                    TIFFMergeFieldInfo(tif,
--                                       _TIFFCreateAnonFieldInfo(tif,
--						dp->tdir_tag,
--						(TIFFDataType) dp->tdir_type),
--				       1 );
-+					/*
-+					 * creating anonymous fields prior to knowing the compression
-+					 * algorithm (ie, when the field info has been merged) could cause
-+					 * crashes with pathological directories.
-+					 * -- taviso@google.com 15 Jun 2006
-+					 */
-+					if (compressionknown)
-+			                    TIFFMergeFieldInfo(tif, _TIFFCreateAnonFieldInfo(tif, dp->tdir_tag, 
-+						(TIFFDataType) dp->tdir_type), 1 );
-+					else goto ignore;
-+		    
-                     fix = 0;
-                     while (fix < tif->tif_nfields &&
-                            tif->tif_fieldinfo[fix]->field_tag < dp->tdir_tag)
- 			fix++;
- 		}
-+		
- 		/*
- 		 * Null out old tags that we ignore.
- 		 */
-@@ -326,6 +344,7 @@
- 				    dp->tdir_type, dp->tdir_offset);
- 				if (!TIFFSetField(tif, dp->tdir_tag, (uint16)v))
- 					goto bad;
-+				else compressionknown++;
- 				break;
- 			/* XXX: workaround for broken TIFFs */
- 			} else if (dp->tdir_type == TIFF_LONG) {
-@@ -540,6 +559,7 @@
- 	 * Attempt to deal with a missing StripByteCounts tag.
- 	 */
- 	if (!TIFFFieldSet(tif, FIELD_STRIPBYTECOUNTS)) {
-+		const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, TIFFTAG_STRIPBYTECOUNTS);
- 		/*
- 		 * Some manufacturers violate the spec by not giving
- 		 * the size of the strips.  In this case, assume there
-@@ -556,7 +576,7 @@
- 			"%s: TIFF directory is missing required "
- 			"\"%s\" field, calculating from imagelength",
- 			tif->tif_name,
--		        _TIFFFieldWithTag(tif,TIFFTAG_STRIPBYTECOUNTS)->field_name);
-+		        fip ? fip->field_name : "Unknown");
- 		if (EstimateStripByteCounts(tif, dir, dircount) < 0)
- 		    goto bad;
- /* 
-@@ -580,6 +600,7 @@
- 	} else if (td->td_nstrips == 1 
-                    && td->td_stripoffset[0] != 0 
-                    && BYTECOUNTLOOKSBAD) {
-+		const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, TIFFTAG_STRIPBYTECOUNTS);
- 		/*
- 		 * XXX: Plexus (and others) sometimes give a value of zero for
- 		 * a tag when they don't know what the correct value is!  Try
-@@ -589,13 +610,14 @@
- 		TIFFWarningExt(tif->tif_clientdata, module,
- 	"%s: Bogus \"%s\" field, ignoring and calculating from imagelength",
-                             tif->tif_name,
--		            _TIFFFieldWithTag(tif,TIFFTAG_STRIPBYTECOUNTS)->field_name);
-+		            fip ? fip->field_name : "Unknown");
- 		if(EstimateStripByteCounts(tif, dir, dircount) < 0)
- 		    goto bad;
- 	} else if (td->td_planarconfig == PLANARCONFIG_CONTIG
- 		   && td->td_nstrips > 2
- 		   && td->td_compression == COMPRESSION_NONE
- 		   && td->td_stripbytecount[0] != td->td_stripbytecount[1]) {
-+		const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, TIFFTAG_STRIPBYTECOUNTS);
- 		/*
- 		 * XXX: Some vendors fill StripByteCount array with absolutely
- 		 * wrong values (it can be equal to StripOffset array, for
-@@ -604,7 +626,7 @@
- 		TIFFWarningExt(tif->tif_clientdata, module,
- 	"%s: Wrong \"%s\" field, ignoring and calculating from imagelength",
-                             tif->tif_name,
--		            _TIFFFieldWithTag(tif,TIFFTAG_STRIPBYTECOUNTS)->field_name);
-+		            fip ? fip->field_name : "Unknown");
- 		if (EstimateStripByteCounts(tif, dir, dircount) < 0)
- 		    goto bad;
- 	}
-@@ -870,7 +892,13 @@
- 
- 	register TIFFDirEntry *dp;
- 	register TIFFDirectory *td = &tif->tif_dir;
--	uint16 i;
-+	
-+	/* i is used to iterate over td->td_nstrips, so must be
-+	 * at least the same width.
-+	 * -- taviso@google.com 15 Jun 2006
-+	 */
-+
-+	uint32 i;
- 
- 	if (td->td_stripbytecount)
- 		_TIFFfree(td->td_stripbytecount);
-@@ -947,16 +975,18 @@
- static int
- CheckDirCount(TIFF* tif, TIFFDirEntry* dir, uint32 count)
- {
-+	const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
-+
- 	if (count > dir->tdir_count) {
- 		TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
- 	"incorrect count for field \"%s\" (%lu, expecting %lu); tag ignored",
--		    _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name,
-+		    fip ? fip->field_name : "Unknown",
- 		    dir->tdir_count, count);
- 		return (0);
- 	} else if (count < dir->tdir_count) {
- 		TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
- 	"incorrect count for field \"%s\" (%lu, expecting %lu); tag trimmed",
--		    _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name,
-+		    fip ? fip->field_name : "Unknown",
- 		    dir->tdir_count, count);
- 		return (1);
- 	}
-@@ -970,6 +1000,7 @@
- TIFFFetchData(TIFF* tif, TIFFDirEntry* dir, char* cp)
- {
- 	int w = TIFFDataWidth((TIFFDataType) dir->tdir_type);
-+	const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
- 	tsize_t cc = dir->tdir_count * w;
- 
- 	/* Check for overflow. */
-@@ -1013,7 +1044,7 @@
- bad:
- 	TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
- 		     "Error fetching data for field \"%s\"",
--		     _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name);
-+		     fip ? fip->field_name : "Unknown");
- 	return (tsize_t) 0;
- }
- 
-@@ -1039,10 +1070,12 @@
- static int
- cvtRational(TIFF* tif, TIFFDirEntry* dir, uint32 num, uint32 denom, float* rv)
- {
-+	const TIFFFieldInfo* fip;
- 	if (denom == 0) {
-+		fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
- 		TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
- 		    "%s: Rational with zero denominator (num = %lu)",
--		    _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name, num);
-+		    fip ? fip->field_name : "Unknown", num);
- 		return (0);
- 	} else {
- 		if (dir->tdir_type == TIFF_RATIONAL)
-@@ -1159,6 +1192,20 @@
- static int
- TIFFFetchShortPair(TIFF* tif, TIFFDirEntry* dir)
- {
-+	/*
-+	 * Prevent overflowing the v stack arrays below by performing a sanity
-+	 * check on tdir_count, this should never be greater than two.
-+	 * -- taviso@google.com 14 Jun 2006.
-+	 */
-+	if (dir->tdir_count > 2) {
-+		const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
-+		TIFFWarningExt(tif->tif_clientdata, tif->tif_name,
-+				"unexpected count for field \"%s\", %lu, expected 2; ignored.",
-+				fip ? fip->field_name : "Unknown",
-+				dir->tdir_count);
-+		return 0;
-+	}
-+
- 	switch (dir->tdir_type) {
- 		case TIFF_BYTE:
- 		case TIFF_SBYTE:
-@@ -1329,14 +1376,15 @@
- 	case TIFF_DOUBLE:
- 		return (TIFFFetchDoubleArray(tif, dir, (double*) v));
- 	default:
-+		{ const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
- 		/* TIFF_NOTYPE */
- 		/* TIFF_ASCII */
- 		/* TIFF_UNDEFINED */
- 		TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
- 			     "cannot read TIFF_ANY type %d for field \"%s\"",
- 			     dir->tdir_type,
--			     _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name);
--		return (0);
-+			     fip ? fip->field_name : "Unknown");
-+		return (0); }
- 	}
- 	return (1);
- }
-@@ -1351,6 +1399,9 @@
- 	int ok = 0;
- 	const TIFFFieldInfo* fip = _TIFFFieldWithTag(tif, dp->tdir_tag);
- 
-+	if (fip == NULL) {
-+		return (0);
-+	}
- 	if (dp->tdir_count > 1) {		/* array of values */
- 		char* cp = NULL;
- 
-@@ -1493,6 +1544,7 @@
- TIFFFetchPerSampleShorts(TIFF* tif, TIFFDirEntry* dir, uint16* pl)
- {
-     uint16 samples = tif->tif_dir.td_samplesperpixel;
-+    const TIFFFieldInfo* fip;
-     int status = 0;
- 
-     if (CheckDirCount(tif, dir, (uint32) samples)) {
-@@ -1510,9 +1562,10 @@
- 
-             for (i = 1; i < check_count; i++)
-                 if (v[i] != v[0]) {
-+				fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
- 					TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
-                               "Cannot handle different per-sample values for field \"%s\"",
--                              _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name);
-+                              fip ? fip->field_name : "Unknown");
-                     goto bad;
-                 }
-             *pl = v[0];
-@@ -1534,6 +1587,7 @@
- TIFFFetchPerSampleLongs(TIFF* tif, TIFFDirEntry* dir, uint32* pl)
- {
-     uint16 samples = tif->tif_dir.td_samplesperpixel;
-+    const TIFFFieldInfo* fip;
-     int status = 0;
- 
-     if (CheckDirCount(tif, dir, (uint32) samples)) {
-@@ -1551,9 +1605,10 @@
-                 check_count = samples;
-             for (i = 1; i < check_count; i++)
-                 if (v[i] != v[0]) {
-+				fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
- 					TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
-                               "Cannot handle different per-sample values for field \"%s\"",
--                              _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name);
-+                              fip ? fip->field_name : "Unknown");
-                     goto bad;
-                 }
-             *pl = v[0];
-@@ -1574,6 +1629,7 @@
- TIFFFetchPerSampleAnys(TIFF* tif, TIFFDirEntry* dir, double* pl)
- {
-     uint16 samples = tif->tif_dir.td_samplesperpixel;
-+    const TIFFFieldInfo* fip;
-     int status = 0;
- 
-     if (CheckDirCount(tif, dir, (uint32) samples)) {
-@@ -1591,9 +1647,10 @@
- 
-             for (i = 1; i < check_count; i++)
-                 if (v[i] != v[0]) {
-+		    fip = _TIFFFieldWithTag(tif, dir->tdir_tag);
-                     TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
-                               "Cannot handle different per-sample values for field \"%s\"",
--                              _TIFFFieldWithTag(tif, dir->tdir_tag)->field_name);
-+                              fip ? fip->field_name : "Unknown");
-                     goto bad;
-                 }
-             *pl = v[0];
-diff -ru tiff-3.8.2/libtiff/tif_fax3.c tiff-3.8.2-goo/libtiff/tif_fax3.c
---- tiff-3.8.2/libtiff/tif_fax3.c	2006-03-21 16:42:50.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_fax3.c	2006-07-14 13:52:00.669557000 +0100
-@@ -1136,6 +1136,7 @@
- Fax3VSetField(TIFF* tif, ttag_t tag, va_list ap)
- {
- 	Fax3BaseState* sp = Fax3State(tif);
-+	const TIFFFieldInfo* fip;
- 
- 	assert(sp != 0);
- 	assert(sp->vsetparent != 0);
-@@ -1181,7 +1182,13 @@
- 	default:
- 		return (*sp->vsetparent)(tif, tag, ap);
- 	}
--	TIFFSetFieldBit(tif, _TIFFFieldWithTag(tif, tag)->field_bit);
-+	
-+	if ((fip = _TIFFFieldWithTag(tif, tag))) {
-+		TIFFSetFieldBit(tif, fip->field_bit);
-+	} else {
-+		return (0);
-+	}
-+
- 	tif->tif_flags |= TIFF_DIRTYDIRECT;
- 	return (1);
- }
-diff -ru tiff-3.8.2/libtiff/tif_jpeg.c tiff-3.8.2-goo/libtiff/tif_jpeg.c
---- tiff-3.8.2/libtiff/tif_jpeg.c	2006-03-21 16:42:50.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_jpeg.c	2006-07-14 13:52:00.655560000 +0100
-@@ -722,15 +722,31 @@
- 		segment_width = TIFFhowmany(segment_width, sp->h_sampling);
- 		segment_height = TIFFhowmany(segment_height, sp->v_sampling);
- 	}
--	if (sp->cinfo.d.image_width != segment_width ||
--	    sp->cinfo.d.image_height != segment_height) {
-+	if (sp->cinfo.d.image_width < segment_width ||
-+	    sp->cinfo.d.image_height < segment_height) {
- 		TIFFWarningExt(tif->tif_clientdata, module,
-                  "Improper JPEG strip/tile size, expected %dx%d, got %dx%d",
-                           segment_width, 
-                           segment_height,
-                           sp->cinfo.d.image_width, 
-                           sp->cinfo.d.image_height);
-+	} 
-+	
-+	if (sp->cinfo.d.image_width > segment_width ||
-+			sp->cinfo.d.image_height > segment_height) {
-+		/*
-+		 * This case could be dangerous, if the strip or tile size has been
-+		 * reported as less than the amount of data jpeg will return, some
-+		 * potential security issues arise. Catch this case and error out.
-+		 * -- taviso@google.com 14 Jun 2006
-+		 */
-+		TIFFErrorExt(tif->tif_clientdata, module, 
-+			"JPEG strip/tile size exceeds expected dimensions,"
-+			"expected %dx%d, got %dx%d", segment_width, segment_height,
-+			sp->cinfo.d.image_width, sp->cinfo.d.image_height);
-+		return (0);
- 	}
-+
- 	if (sp->cinfo.d.num_components !=
- 	    (td->td_planarconfig == PLANARCONFIG_CONTIG ?
- 	     td->td_samplesperpixel : 1)) {
-@@ -761,6 +777,22 @@
-                                     sp->cinfo.d.comp_info[0].v_samp_factor,
-                                     sp->h_sampling, sp->v_sampling);
- 
-+				/*
-+				 * There are potential security issues here for decoders that
-+				 * have already allocated buffers based on the expected sampling
-+				 * factors. Lets check the sampling factors dont exceed what
-+				 * we were expecting.
-+				 * -- taviso@google.com 14 June 2006
-+				 */
-+				if (sp->cinfo.d.comp_info[0].h_samp_factor > sp->h_sampling ||
-+					sp->cinfo.d.comp_info[0].v_samp_factor > sp->v_sampling) {
-+						TIFFErrorExt(tif->tif_clientdata, module,
-+							"Cannot honour JPEG sampling factors that"
-+							" exceed those specified.");
-+						return (0);
-+				}
-+
-+
- 			    /*
- 			     * XXX: Files written by the Intergraph software
- 			     * has different sampling factors stored in the
-@@ -1521,15 +1553,18 @@
- {
- 	JPEGState *sp = JState(tif);
- 	
--	assert(sp != 0);
-+	/* assert(sp != 0); */
- 
- 	tif->tif_tagmethods.vgetfield = sp->vgetparent;
- 	tif->tif_tagmethods.vsetfield = sp->vsetparent;
- 
--	if( sp->cinfo_initialized )
--	    TIFFjpeg_destroy(sp);	/* release libjpeg resources */
--	if (sp->jpegtables)		/* tag value */
--		_TIFFfree(sp->jpegtables);
-+	if (sp != NULL) {
-+		if( sp->cinfo_initialized )
-+		    TIFFjpeg_destroy(sp);	/* release libjpeg resources */
-+		if (sp->jpegtables)		/* tag value */
-+			_TIFFfree(sp->jpegtables);
-+	}
-+
- 	_TIFFfree(tif->tif_data);	/* release local state */
- 	tif->tif_data = NULL;
- 
-@@ -1541,6 +1576,7 @@
- {
- 	JPEGState* sp = JState(tif);
- 	TIFFDirectory* td = &tif->tif_dir;
-+	const TIFFFieldInfo* fip;
- 	uint32 v32;
- 
- 	assert(sp != NULL);
-@@ -1606,7 +1642,13 @@
- 	default:
- 		return (*sp->vsetparent)(tif, tag, ap);
- 	}
--	TIFFSetFieldBit(tif, _TIFFFieldWithTag(tif, tag)->field_bit);
-+
-+	if ((fip = _TIFFFieldWithTag(tif, tag))) {
-+		TIFFSetFieldBit(tif, fip->field_bit);
-+	} else {
-+		return (0);
-+	}
-+
- 	tif->tif_flags |= TIFF_DIRTYDIRECT;
- 	return (1);
- }
-@@ -1726,7 +1768,11 @@
- {
- 	JPEGState* sp = JState(tif);
- 
--	assert(sp != NULL);
-+	/* assert(sp != NULL); */
-+	if (sp == NULL) {
-+		TIFFWarningExt(tif->tif_clientdata, "JPEGPrintDir", "Unknown JPEGState");
-+		return;
-+	}
- 
- 	(void) flags;
- 	if (TIFFFieldSet(tif,FIELD_JPEGTABLES))
-diff -ru tiff-3.8.2/libtiff/tif_next.c tiff-3.8.2-goo/libtiff/tif_next.c
---- tiff-3.8.2/libtiff/tif_next.c	2005-12-21 12:33:56.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_next.c	2006-07-14 13:52:00.556567000 +0100
-@@ -105,11 +105,16 @@
- 			 * as codes of the form <color><npixels>
- 			 * until we've filled the scanline.
- 			 */
-+			/*
-+			 * Ensure the run does not exceed the scanline
-+			 * bounds, potentially resulting in a security issue.
-+			 * -- taviso@google.com 14 Jun 2006.
-+			 */
- 			op = row;
- 			for (;;) {
- 				grey = (n>>6) & 0x3;
- 				n &= 0x3f;
--				while (n-- > 0)
-+				while (n-- > 0 && npixels < imagewidth)
- 					SETPIXEL(op, grey);
- 				if (npixels >= (int) imagewidth)
- 					break;
-diff -ru tiff-3.8.2/libtiff/tif_pixarlog.c tiff-3.8.2-goo/libtiff/tif_pixarlog.c
---- tiff-3.8.2/libtiff/tif_pixarlog.c	2006-03-21 16:42:50.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_pixarlog.c	2006-07-14 13:52:00.483557000 +0100
-@@ -768,7 +768,19 @@
- 	if (tif->tif_flags & TIFF_SWAB)
- 		TIFFSwabArrayOfShort(up, nsamples);
- 
--	for (i = 0; i < nsamples; i += llen, up += llen) {
-+	/* 
-+	 * if llen is not an exact multiple of nsamples, the decode operation
-+	 * may overflow the output buffer, so truncate it enough to prevent that
-+	 * but still salvage as much data as possible.
-+	 * -- taviso@google.com 14th June 2006
-+	 */
-+	if (nsamples % llen) 
-+		TIFFWarningExt(tif->tif_clientdata, module,
-+				"%s: stride %lu is not a multiple of sample count, "
-+				"%lu, data truncated.", tif->tif_name, llen, nsamples);
-+				
-+	
-+	for (i = 0; i < nsamples - (nsamples % llen); i += llen, up += llen) {
- 		switch (sp->user_datafmt)  {
- 		case PIXARLOGDATAFMT_FLOAT:
- 			horizontalAccumulateF(up, llen, sp->stride,
-diff -ru tiff-3.8.2/libtiff/tif_read.c tiff-3.8.2-goo/libtiff/tif_read.c
---- tiff-3.8.2/libtiff/tif_read.c	2005-12-21 12:33:56.000000000 +0000
-+++ tiff-3.8.2-goo/libtiff/tif_read.c	2006-07-14 13:52:00.467568000 +0100
-@@ -31,6 +31,8 @@
- #include "tiffiop.h"
- #include <stdio.h>
- 
-+#include <limits.h>
-+
- 	int TIFFFillStrip(TIFF*, tstrip_t);
- 	int TIFFFillTile(TIFF*, ttile_t);
- static	int TIFFStartStrip(TIFF*, tstrip_t);
-@@ -272,7 +274,13 @@
- 		if ((tif->tif_flags & TIFF_MYBUFFER) && tif->tif_rawdata)
- 			_TIFFfree(tif->tif_rawdata);
- 		tif->tif_flags &= ~TIFF_MYBUFFER;
--		if ( td->td_stripoffset[strip] + bytecount > tif->tif_size) {
-+		/*
-+		 * This sanity check could potentially overflow, causing an OOB read.
-+		 * verify that offset + bytecount is > offset.
-+		 * -- taviso@google.com 14 Jun 2006
-+		 */
-+		if ( td->td_stripoffset[strip] + bytecount > tif->tif_size ||
-+			bytecount > (UINT_MAX - td->td_stripoffset[strip])) {
- 			/*
- 			 * This error message might seem strange, but it's
- 			 * what would happen if a read were done instead.
-@@ -470,7 +478,13 @@
- 		if ((tif->tif_flags & TIFF_MYBUFFER) && tif->tif_rawdata)
- 			_TIFFfree(tif->tif_rawdata);
- 		tif->tif_flags &= ~TIFF_MYBUFFER;
--		if ( td->td_stripoffset[tile] + bytecount > tif->tif_size) {
-+		/*
-+		 * We must check this calculation doesnt overflow, potentially
-+		 * causing an OOB read.
-+		 * -- taviso@google.com 15 Jun 2006
-+		 */
-+		if (td->td_stripoffset[tile] + bytecount > tif->tif_size ||
-+			bytecount > (UINT_MAX - td->td_stripoffset[tile])) {
- 			tif->tif_curtile = NOTILE;
- 			return (0);
- 		}
diff --git a/abs/core/libtiff/ChangeLog b/abs/core/libtiff/ChangeLog
deleted file mode 100644
index 88edcc7..0000000
--- a/abs/core/libtiff/ChangeLog
+++ /dev/null
@@ -1,35 +0,0 @@
-2010-06-20  Eric Belanger  <eric@archlinux.org>
-
-	* libtiff 3.9.4-1
-	* Upstream update
-
-2009-11-05  Eric Belanger  <eric@archlinux.org>
-
-	* libtiff 3.9.2-1
-	* Upstream update
-
-2009-08-28  Eric Belanger  <eric@archlinux.org>
-
-	* libtiff 3.9.1-1
-	* Upstream update
-
-2009-08-26  Eric Belanger  <eric@archlinux.org>
-
-	* libtiff 3.9.0-1
-	* Upstream update
-	* Updated url
-	* Updated patches
-
-2009-08-14  Eric Belanger  <eric@archlinux.org>
-
-	* libtiff 3.8.2-6
-	* Added security fixes (close FS#15931)
-
-2008-09-05  Eric Belanger  <eric@archlinux.org>
-
-	* libtiff 3.8.2-4
-	* Applied patch to fix buffer underflow in LZW decoding	(tiff-3.8.2-CVE-2008-2327.patch)
-	* Added license
-	* Added freeglut optdepends
-	* FHS man pages
-	* Added ChangeLog
diff --git a/abs/core/libtiff/PKGBUILD b/abs/core/libtiff/PKGBUILD
index ed80a2b..2606aa1 100644
--- a/abs/core/libtiff/PKGBUILD
+++ b/abs/core/libtiff/PKGBUILD
@@ -1,32 +1,33 @@
-# $Id: PKGBUILD 83314 2010-06-20 21:43:27Z eric $
-# Maintainer: Eric Belanger <eric@archlinux.org>
-# Contributor: dorphell <dorphell@archlinux.org>
+# $Id: PKGBUILD 162307 2012-06-24 20:44:52Z eric $
+# Maintainer: Eric Bélanger <eric@archlinux.org>
 
 pkgname=libtiff
-pkgver=3.9.4
+pkgver=4.0.2
 pkgrel=1
 pkgdesc="Library for manipulation of TIFF images"
 arch=('i686' 'x86_64')
 url="http://www.remotesensing.org/libtiff/"
 license=('custom')
-depends=('libjpeg' 'zlib')
-makedepends=('libgl' 'freeglut' 'libxmu' 'libxi')
+depends=('libjpeg' 'zlib' 'xz')
+makedepends=('freeglut')
 optdepends=('freeglut: for using tiffgt')
 options=('!libtool')
-source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz \
-        libtiff-CVE-2009-2285.patch)
-md5sums=('2006c1bdd12644dbf02956955175afd6' 'ff61077408727a82281f77a94f555e2a')
-sha1sums=('a4e32d55afbbcabd0391a9c89995e8e8a19961de' 'eadce8c8bd72ea9c74f35300bf299131813b0c8b')
+source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz)
+sha1sums=('d84b7b33a6cfb3d15ca386c8c16b05047f8b5352')
 
 build() {
   cd "${srcdir}/tiff-${pkgver}"
-  patch -p1 < ../libtiff-CVE-2009-2285.patch || return 1
-  ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man || return 1
-  make || return 1
+  ./configure --prefix=/usr
+  make
+}
+
+check() {
+  cd "${srcdir}/tiff-${pkgver}"
+  make check
 }
 
 package() {
   cd "${srcdir}/tiff-${pkgver}"
-  make DESTDIR="${pkgdir}" install || return 1
-  install -D -m644 COPYRIGHT "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" || return 1
+  make DESTDIR="${pkgdir}" install
+  install -D -m644 COPYRIGHT "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
 }
diff --git a/abs/core/libtiff/libtiff-CVE-2009-2285.patch b/abs/core/libtiff/libtiff-CVE-2009-2285.patch
deleted file mode 100644
index 435a84b..0000000
--- a/abs/core/libtiff/libtiff-CVE-2009-2285.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Index: tiff-3.8.2/libtiff/tif_lzw.c
-===================================================================
---- tiff-3.8.2.orig/libtiff/tif_lzw.c
-+++ tiff-3.8.2/libtiff/tif_lzw.c
-@@ -421,7 +421,7 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
- 			NextCode(tif, sp, bp, code, GetNextCode);
- 			if (code == CODE_EOI)
- 				break;
--			if (code == CODE_CLEAR) {
-+			if (code >= CODE_CLEAR) {
- 				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
- 				"LZWDecode: Corrupted LZW table at scanline %d",
- 				tif->tif_row);
-@@ -624,7 +624,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
- 			NextCode(tif, sp, bp, code, GetNextCodeCompat);
- 			if (code == CODE_EOI)
- 				break;
--			if (code == CODE_CLEAR) {
-+			if (code >= CODE_CLEAR) {
- 				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
- 				"LZWDecode: Corrupted LZW table at scanline %d",
- 				tif->tif_row);
diff --git a/abs/core/libtiff/tiff-3.8.2-CVE-2008-2327.patch b/abs/core/libtiff/tiff-3.8.2-CVE-2008-2327.patch
deleted file mode 100644
index e6d74a6..0000000
--- a/abs/core/libtiff/tiff-3.8.2-CVE-2008-2327.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-Fixes security issues in libTIFF's handling of LZW-encoded
-images.  The use of uninitialized data could lead to a buffer
-underflow and a crash or arbitrary code execution.
-
-CVE-ID: CVE-2008-2327
-Security bug: https://bugs.gentoo.org/show_bug.cgi?id=234080
-
-Index: tiff-3.8.2/libtiff/tif_lzw.c
-===================================================================
---- tiff-3.8.2.orig/libtiff/tif_lzw.c
-+++ tiff-3.8.2/libtiff/tif_lzw.c
-@@ -237,6 +237,12 @@ LZWSetupDecode(TIFF* tif)
-                     sp->dec_codetab[code].length = 1;
-                     sp->dec_codetab[code].next = NULL;
-                 } while (code--);
-+		/*
-+		* Zero-out the unused entries
-+		*/
-+		_TIFFmemset(&sp->dec_codetab[CODE_CLEAR], 0,
-+		(CODE_FIRST-CODE_CLEAR)*sizeof (code_t));
-+
- 	}
- 	return (1);
- }
-@@ -408,12 +414,19 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
- 			break;
- 		if (code == CODE_CLEAR) {
- 			free_entp = sp->dec_codetab + CODE_FIRST;
-+			_TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t));
- 			nbits = BITS_MIN;
- 			nbitsmask = MAXCODE(BITS_MIN);
- 			maxcodep = sp->dec_codetab + nbitsmask-1;
- 			NextCode(tif, sp, bp, code, GetNextCode);
- 			if (code == CODE_EOI)
- 				break;
-+			if (code == CODE_CLEAR) {
-+				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
-+				"LZWDecode: Corrupted LZW table at scanline %d",
-+				tif->tif_row);
-+				return (0);
-+			}
- 			*op++ = (char)code, occ--;
- 			oldcodep = sp->dec_codetab + code;
- 			continue;
-@@ -604,12 +617,19 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
- 			break;
- 		if (code == CODE_CLEAR) {
- 			free_entp = sp->dec_codetab + CODE_FIRST;
-+			_TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t));
- 			nbits = BITS_MIN;
- 			nbitsmask = MAXCODE(BITS_MIN);
- 			maxcodep = sp->dec_codetab + nbitsmask;
- 			NextCode(tif, sp, bp, code, GetNextCodeCompat);
- 			if (code == CODE_EOI)
- 				break;
-+			if (code == CODE_CLEAR) {
-+				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
-+				"LZWDecode: Corrupted LZW table at scanline %d",
-+				tif->tif_row);
-+				return (0);
-+			}
- 			*op++ = code, occ--;
- 			oldcodep = sp->dec_codetab + code;
- 			continue;
diff --git a/abs/core/libtiff/tiff2pdf-compression.patch b/abs/core/libtiff/tiff2pdf-compression.patch
deleted file mode 100644
index 2dae2dc..0000000
--- a/abs/core/libtiff/tiff2pdf-compression.patch
+++ /dev/null
@@ -1,44 +0,0 @@
---- tiff-3.8.2/tools/tiff2pdf.c	8 Jun 2006 11:27:11 -0000	1.35
-+++ tiff-3.8.2/tools/tiff2pdf.c	19 Jun 2006 20:12:08 -0000	1.36
-@@ -937,7 +937,7 @@
- 
- #ifdef JPEG_SUPPORT
- 	if(t2p->pdf_defaultcompression==T2P_COMPRESS_JPEG){
--		if(t2p->pdf_defaultcompressionquality<100 ||
-+		if(t2p->pdf_defaultcompressionquality>100 ||
- 			t2p->pdf_defaultcompressionquality<1){
- 			t2p->pdf_defaultcompressionquality=0;
- 		}
-@@ -945,25 +945,17 @@
- #endif
- #ifdef ZIP_SUPPORT
- 	if(t2p->pdf_defaultcompression==T2P_COMPRESS_ZIP){
--		switch (t2p->pdf_defaultcompressionquality){
--			case 1: case 10: case 11: case 12: case 13: case 14: case 15:
--			case 101: case 110: case 111: case 112: case 113: case 114: case 115:
--			case 201: case 210: case 211: case 212: case 213: case 214: case 215:
--			case 301: case 310: case 311: case 312: case 313: case 314: case 315:
--			case 401: case 410: case 411: case 412: case 413: case 414: case 415:
--			case 501: case 510: case 511: case 512: case 513: case 514: case 515:
--			case 601: case 610: case 611: case 612: case 613: case 614: case 615:
--			case 701: case 710: case 711: case 712: case 713: case 714: case 715:
--			case 801: case 810: case 811: case 812: case 813: case 814: case 815:
--			case 901: case 910: case 911: case 912: case 913: case 914: case 915:
--				break;
--			default:
--				t2p->pdf_defaultcompressionquality=0;
-+ 		uint16 m=t2p->pdf_defaultcompressionquality%100;
-+ 		if(t2p->pdf_defaultcompressionquality/100 > 9 ||
-+ 			(m>1 && m<10) || m>15){
-+ 			t2p->pdf_defaultcompressionquality=0;
- 		}
- 		if(t2p->pdf_defaultcompressionquality%100 !=0){
-+ 			t2p->pdf_defaultcompressionquality/=100;
-+ 			t2p->pdf_defaultcompressionquality*=100;
- 			TIFFError(
- 				TIFF2PDF_MODULE, 
--				"PNG Group predictor differencing not implemented, assuming compresion quality %u", 
-+				"PNG Group predictor differencing not implemented, assuming compression quality %u", 
- 				t2p->pdf_defaultcompressionquality);
- 		}
- 		t2p->pdf_defaultcompressionquality%=100;
diff --git a/abs/core/libtiff/tiff2pdf-octal-printf.patch b/abs/core/libtiff/tiff2pdf-octal-printf.patch
deleted file mode 100644
index f35b072..0000000
--- a/abs/core/libtiff/tiff2pdf-octal-printf.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- tiff-3.8.2/tools/tiff2pdf.c.orig	2006-03-21 11:42:51.000000000 -0500
-+++ tiff-3.8.2/tools/tiff2pdf.c	2006-06-07 17:54:01.027637232 -0400
-@@ -3668,7 +3668,7 @@
- 	written += TIFFWriteFile(output, (tdata_t) "(", 1);
- 	for (i=0;i<len;i++){
- 		if((pdfstr[i]&0x80) || (pdfstr[i]==127) || (pdfstr[i]<32)){
--			sprintf(buffer, "\\%.3o", pdfstr[i]);
-+			sprintf(buffer, "\\%.3hho", pdfstr[i]);
- 			written += TIFFWriteFile(output, (tdata_t) buffer, 4);
- 		} else {
- 			switch (pdfstr[i]){
diff --git a/abs/core/libtiff/tiffsplit-fname-overflow.patch b/abs/core/libtiff/tiffsplit-fname-overflow.patch
deleted file mode 100644
index cc22589..0000000
--- a/abs/core/libtiff/tiffsplit-fname-overflow.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- tiff-3.8.2/tools/tiffsplit.c.orig	2005-12-07 04:48:33.000000000 -0500
-+++ tiff-3.8.2/tools/tiffsplit.c	2006-06-01 21:20:25.039944864 -0400
-@@ -61,14 +61,13 @@
- 		return (-3);
- 	}
- 	if (argc > 2)
--		strcpy(fname, argv[2]);
-+		snprintf(fname, sizeof(fname), "%s", argv[2]);
- 	in = TIFFOpen(argv[1], "r");
- 	if (in != NULL) {
- 		do {
- 			char path[1024+1];
- 			newfilename();
--			strcpy(path, fname);
--			strcat(path, ".tif");
-+			snprintf(path, sizeof(path), "%s.tif", fname);
- 			out = TIFFOpen(path, TIFFIsBigEndian(in)?"wb":"wl");
- 			if (out == NULL)
- 				return (-2);