diff options
Diffstat (limited to 'abs/core-testing/libtiff')
-rw-r--r-- | abs/core-testing/libtiff/ChangeLog | 8 | ||||
-rw-r--r-- | abs/core-testing/libtiff/PKGBUILD | 52 | ||||
-rw-r--r-- | abs/core-testing/libtiff/tiff-3.8.2-CVE-2008-2327.patch | 64 |
3 files changed, 104 insertions, 20 deletions
diff --git a/abs/core-testing/libtiff/ChangeLog b/abs/core-testing/libtiff/ChangeLog new file mode 100644 index 0000000..1a1c85b --- /dev/null +++ b/abs/core-testing/libtiff/ChangeLog @@ -0,0 +1,8 @@ +2008-09-05 Eric Belanger <eric@archlinux.org> + + * libtiff 3.8.2-4 + * Applied patch to fix buffer underflow in LZW decoding (tiff-3.8.2-CVE-2008-2327.patch) + * Added license + * Added freeglut optdepends + * FHS man pages + * Added ChangeLog diff --git a/abs/core-testing/libtiff/PKGBUILD b/abs/core-testing/libtiff/PKGBUILD index 67cb689..51e106c 100644 --- a/abs/core-testing/libtiff/PKGBUILD +++ b/abs/core-testing/libtiff/PKGBUILD @@ -1,31 +1,43 @@ -# $Id: PKGBUILD 356 2008-04-18 22:56:27Z aaron $ -# Maintainer: dorphell <dorphell@archlinux.org> +# $Id$ +# Maintainer: Eric Belanger <eric@archlinux.org> +# Contributor: dorphell <dorphell@archlinux.org> pkgname=libtiff pkgver=3.8.2 -pkgrel=3 +pkgrel=5 pkgdesc="Library for manipulation of TIFF images" -arch=(i686 x86_64) -depends=(libjpeg zlib) -makedepends=(libgl freeglut libxmu libxi) -options=(!libtool) +arch=('i686' 'x86_64') url="http://www.libtiff.org/" -source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz - tiff2pdf-octal-printf.patch - tiffsplit-fname-overflow.patch - CVE-2006-3459-3465.patch - tiff2pdf-compression.patch) +license=('custom') +depends=('libjpeg>=7' 'zlib') +makedepends=('libgl' 'freeglut' 'libxmu' 'libxi') +optdepends=('freeglut: for using tiffgt') +options=('!libtool') +source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz \ + tiff2pdf-octal-printf.patch \ + tiffsplit-fname-overflow.patch \ + CVE-2006-3459-3465.patch \ + tiff2pdf-compression.patch \ + tiff-3.8.2-CVE-2008-2327.patch) md5sums=('fbb6f446ea4ed18955e2714934e5b698' 'd54368687d2645ffbbe6c2df384b11bf'\ '323352fd60a7bd3ffac8724c3c031669' '624d3067e6a4c0680767eb62253ea980'\ - 'b443ffca9d498bb3a88c17da0200025b') + 'b443ffca9d498bb3a88c17da0200025b' 'c2c2e22557d9c63011df5777dda6a86b') +sha1sums=('549e67b6a15b42bfcd72fe17cda7c9a198a393eb' + 'c79245249634a121bfaff6cfecb763f72fe7f8eb' + 'dc86bb68c7831ff70ff01d952d553be9f986be46' + '85dc50a60a10025757e249d869dab7eb73ba6e3c' + '508751f55131356ea8a7e7c4994ffbc9bd881769' + '1da2ec6a47c0666cad9d07fb8427c1c75ca27b10') build() { - cd ${startdir}/src/tiff-${pkgver} - patch -Np1 -i ${startdir}/src/tiff2pdf-octal-printf.patch || return 1 - patch -Np1 -i ${startdir}/src/tiffsplit-fname-overflow.patch || return 1 - patch -Np1 -i ${startdir}/src/CVE-2006-3459-3465.patch || return 1 - patch -Np1 -i ${startdir}/src/tiff2pdf-compression.patch || return 1 - ./configure --prefix=/usr --sysconfdir=/etc + cd ${srcdir}/tiff-${pkgver} + patch -Np1 -i ${srcdir}/tiff2pdf-octal-printf.patch || return 1 + patch -Np1 -i ${srcdir}/tiffsplit-fname-overflow.patch || return 1 + patch -Np1 -i ${srcdir}/CVE-2006-3459-3465.patch || return 1 + patch -Np1 -i ${srcdir}/tiff2pdf-compression.patch || return 1 + patch -Np1 -i ${srcdir}/tiff-3.8.2-CVE-2008-2327.patch || return 1 + ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man || return 1 make || return 1 - make DESTDIR=${startdir}/pkg install + make DESTDIR=${pkgdir} install || return 1 + install -D -m644 COPYRIGHT ${pkgdir}/usr/share/licenses/${pkgname}/LICENSE || return 1 } diff --git a/abs/core-testing/libtiff/tiff-3.8.2-CVE-2008-2327.patch b/abs/core-testing/libtiff/tiff-3.8.2-CVE-2008-2327.patch new file mode 100644 index 0000000..e6d74a6 --- /dev/null +++ b/abs/core-testing/libtiff/tiff-3.8.2-CVE-2008-2327.patch @@ -0,0 +1,64 @@ +Fixes security issues in libTIFF's handling of LZW-encoded +images. The use of uninitialized data could lead to a buffer +underflow and a crash or arbitrary code execution. + +CVE-ID: CVE-2008-2327 +Security bug: https://bugs.gentoo.org/show_bug.cgi?id=234080 + +Index: tiff-3.8.2/libtiff/tif_lzw.c +=================================================================== +--- tiff-3.8.2.orig/libtiff/tif_lzw.c ++++ tiff-3.8.2/libtiff/tif_lzw.c +@@ -237,6 +237,12 @@ LZWSetupDecode(TIFF* tif) + sp->dec_codetab[code].length = 1; + sp->dec_codetab[code].next = NULL; + } while (code--); ++ /* ++ * Zero-out the unused entries ++ */ ++ _TIFFmemset(&sp->dec_codetab[CODE_CLEAR], 0, ++ (CODE_FIRST-CODE_CLEAR)*sizeof (code_t)); ++ + } + return (1); + } +@@ -408,12 +414,19 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize + break; + if (code == CODE_CLEAR) { + free_entp = sp->dec_codetab + CODE_FIRST; ++ _TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t)); + nbits = BITS_MIN; + nbitsmask = MAXCODE(BITS_MIN); + maxcodep = sp->dec_codetab + nbitsmask-1; + NextCode(tif, sp, bp, code, GetNextCode); + if (code == CODE_EOI) + break; ++ if (code == CODE_CLEAR) { ++ TIFFErrorExt(tif->tif_clientdata, tif->tif_name, ++ "LZWDecode: Corrupted LZW table at scanline %d", ++ tif->tif_row); ++ return (0); ++ } + *op++ = (char)code, occ--; + oldcodep = sp->dec_codetab + code; + continue; +@@ -604,12 +617,19 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0, + break; + if (code == CODE_CLEAR) { + free_entp = sp->dec_codetab + CODE_FIRST; ++ _TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t)); + nbits = BITS_MIN; + nbitsmask = MAXCODE(BITS_MIN); + maxcodep = sp->dec_codetab + nbitsmask; + NextCode(tif, sp, bp, code, GetNextCodeCompat); + if (code == CODE_EOI) + break; ++ if (code == CODE_CLEAR) { ++ TIFFErrorExt(tif->tif_clientdata, tif->tif_name, ++ "LZWDecode: Corrupted LZW table at scanline %d", ++ tif->tif_row); ++ return (0); ++ } + *op++ = code, occ--; + oldcodep = sp->dec_codetab + code; + continue; |