LinHES 6.01.00

3 files changed, 104 insertions, 20 deletions

diff --git a/abs/core/libtiff/ChangeLog b/abs/core/libtiff/ChangeLog
new file mode 100644
index 0000000..1a1c85b
--- /dev/null
+++ b/abs/core/libtiff/ChangeLog
@@ -0,0 +1,8 @@
+2008-09-05  Eric Belanger  <eric@archlinux.org>
+
+	* libtiff 3.8.2-4
+	* Applied patch to fix buffer underflow in LZW decoding	(tiff-3.8.2-CVE-2008-2327.patch)
+	* Added license
+	* Added freeglut optdepends
+	* FHS man pages
+	* Added ChangeLog
diff --git a/abs/core/libtiff/PKGBUILD b/abs/core/libtiff/PKGBUILD
index 67cb689..51e106c 100644
--- a/abs/core/libtiff/PKGBUILD
+++ b/abs/core/libtiff/PKGBUILD
@@ -1,31 +1,43 @@
-# $Id: PKGBUILD 356 2008-04-18 22:56:27Z aaron $
-# Maintainer: dorphell <dorphell@archlinux.org>
+# $Id$
+# Maintainer: Eric Belanger <eric@archlinux.org>
+# Contributor: dorphell <dorphell@archlinux.org>
 
 pkgname=libtiff
 pkgver=3.8.2
-pkgrel=3
+pkgrel=5
 pkgdesc="Library for manipulation of TIFF images"
-arch=(i686 x86_64)
-depends=(libjpeg zlib)
-makedepends=(libgl freeglut libxmu libxi)
-options=(!libtool)
+arch=('i686' 'x86_64')
 url="http://www.libtiff.org/"
-source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz
-	tiff2pdf-octal-printf.patch
-       	tiffsplit-fname-overflow.patch
-	CVE-2006-3459-3465.patch
-	tiff2pdf-compression.patch)
+license=('custom')
+depends=('libjpeg>=7' 'zlib')
+makedepends=('libgl' 'freeglut' 'libxmu' 'libxi')
+optdepends=('freeglut: for using tiffgt')
+options=('!libtool')
+source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz \
+	tiff2pdf-octal-printf.patch \
+       	tiffsplit-fname-overflow.patch \
+	CVE-2006-3459-3465.patch \
+	tiff2pdf-compression.patch \
+        tiff-3.8.2-CVE-2008-2327.patch)
 md5sums=('fbb6f446ea4ed18955e2714934e5b698' 'd54368687d2645ffbbe6c2df384b11bf'\
          '323352fd60a7bd3ffac8724c3c031669' '624d3067e6a4c0680767eb62253ea980'\
-         'b443ffca9d498bb3a88c17da0200025b')
+         'b443ffca9d498bb3a88c17da0200025b' 'c2c2e22557d9c63011df5777dda6a86b')
+sha1sums=('549e67b6a15b42bfcd72fe17cda7c9a198a393eb'
+          'c79245249634a121bfaff6cfecb763f72fe7f8eb'
+          'dc86bb68c7831ff70ff01d952d553be9f986be46'
+          '85dc50a60a10025757e249d869dab7eb73ba6e3c'
+          '508751f55131356ea8a7e7c4994ffbc9bd881769'
+          '1da2ec6a47c0666cad9d07fb8427c1c75ca27b10')
 
 build() {
-  cd ${startdir}/src/tiff-${pkgver}
-  patch -Np1 -i ${startdir}/src/tiff2pdf-octal-printf.patch || return 1
-  patch -Np1 -i ${startdir}/src/tiffsplit-fname-overflow.patch || return 1
-  patch -Np1 -i ${startdir}/src/CVE-2006-3459-3465.patch || return 1
-  patch -Np1 -i ${startdir}/src/tiff2pdf-compression.patch || return 1
-  ./configure --prefix=/usr --sysconfdir=/etc
+  cd ${srcdir}/tiff-${pkgver}
+  patch -Np1 -i ${srcdir}/tiff2pdf-octal-printf.patch || return 1
+  patch -Np1 -i ${srcdir}/tiffsplit-fname-overflow.patch || return 1
+  patch -Np1 -i ${srcdir}/CVE-2006-3459-3465.patch || return 1
+  patch -Np1 -i ${srcdir}/tiff2pdf-compression.patch || return 1
+  patch -Np1 -i ${srcdir}/tiff-3.8.2-CVE-2008-2327.patch || return 1
+  ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man || return 1
   make || return 1
-  make DESTDIR=${startdir}/pkg install
+  make DESTDIR=${pkgdir} install || return 1
+  install -D -m644 COPYRIGHT ${pkgdir}/usr/share/licenses/${pkgname}/LICENSE || return 1
 }
diff --git a/abs/core/libtiff/tiff-3.8.2-CVE-2008-2327.patch b/abs/core/libtiff/tiff-3.8.2-CVE-2008-2327.patch
new file mode 100644
index 0000000..e6d74a6
--- /dev/null
+++ b/abs/core/libtiff/tiff-3.8.2-CVE-2008-2327.patch
@@ -0,0 +1,64 @@
+Fixes security issues in libTIFF's handling of LZW-encoded
+images.  The use of uninitialized data could lead to a buffer
+underflow and a crash or arbitrary code execution.
+
+CVE-ID: CVE-2008-2327
+Security bug: https://bugs.gentoo.org/show_bug.cgi?id=234080
+
+Index: tiff-3.8.2/libtiff/tif_lzw.c
+===================================================================
+--- tiff-3.8.2.orig/libtiff/tif_lzw.c
++++ tiff-3.8.2/libtiff/tif_lzw.c
+@@ -237,6 +237,12 @@ LZWSetupDecode(TIFF* tif)
+                     sp->dec_codetab[code].length = 1;
+                     sp->dec_codetab[code].next = NULL;
+                 } while (code--);
++		/*
++		* Zero-out the unused entries
++		*/
++		_TIFFmemset(&sp->dec_codetab[CODE_CLEAR], 0,
++		(CODE_FIRST-CODE_CLEAR)*sizeof (code_t));
++
+ 	}
+ 	return (1);
+ }
+@@ -408,12 +414,19 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
+ 			break;
+ 		if (code == CODE_CLEAR) {
+ 			free_entp = sp->dec_codetab + CODE_FIRST;
++			_TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t));
+ 			nbits = BITS_MIN;
+ 			nbitsmask = MAXCODE(BITS_MIN);
+ 			maxcodep = sp->dec_codetab + nbitsmask-1;
+ 			NextCode(tif, sp, bp, code, GetNextCode);
+ 			if (code == CODE_EOI)
+ 				break;
++			if (code == CODE_CLEAR) {
++				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
++				"LZWDecode: Corrupted LZW table at scanline %d",
++				tif->tif_row);
++				return (0);
++			}
+ 			*op++ = (char)code, occ--;
+ 			oldcodep = sp->dec_codetab + code;
+ 			continue;
+@@ -604,12 +617,19 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
+ 			break;
+ 		if (code == CODE_CLEAR) {
+ 			free_entp = sp->dec_codetab + CODE_FIRST;
++			_TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t));
+ 			nbits = BITS_MIN;
+ 			nbitsmask = MAXCODE(BITS_MIN);
+ 			maxcodep = sp->dec_codetab + nbitsmask;
+ 			NextCode(tif, sp, bp, code, GetNextCodeCompat);
+ 			if (code == CODE_EOI)
+ 				break;
++			if (code == CODE_CLEAR) {
++				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
++				"LZWDecode: Corrupted LZW table at scanline %d",
++				tif->tif_row);
++				return (0);
++			}
+ 			*op++ = code, occ--;
+ 			oldcodep = sp->dec_codetab + code;
+ 			continue;