summaryrefslogtreecommitdiffstats
path: root/abs/core-testing/libtiff
diff options
context:
space:
mode:
Diffstat (limited to 'abs/core-testing/libtiff')
-rw-r--r--abs/core-testing/libtiff/ChangeLog27
-rw-r--r--abs/core-testing/libtiff/PKGBUILD43
-rw-r--r--abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch22
3 files changed, 65 insertions, 27 deletions
diff --git a/abs/core-testing/libtiff/ChangeLog b/abs/core-testing/libtiff/ChangeLog
index 1a1c85b..88edcc7 100644
--- a/abs/core-testing/libtiff/ChangeLog
+++ b/abs/core-testing/libtiff/ChangeLog
@@ -1,3 +1,30 @@
+2010-06-20 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.4-1
+ * Upstream update
+
+2009-11-05 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.2-1
+ * Upstream update
+
+2009-08-28 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.1-1
+ * Upstream update
+
+2009-08-26 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.9.0-1
+ * Upstream update
+ * Updated url
+ * Updated patches
+
+2009-08-14 Eric Belanger <eric@archlinux.org>
+
+ * libtiff 3.8.2-6
+ * Added security fixes (close FS#15931)
+
2008-09-05 Eric Belanger <eric@archlinux.org>
* libtiff 3.8.2-4
diff --git a/abs/core-testing/libtiff/PKGBUILD b/abs/core-testing/libtiff/PKGBUILD
index 51e106c..ed80a2b 100644
--- a/abs/core-testing/libtiff/PKGBUILD
+++ b/abs/core-testing/libtiff/PKGBUILD
@@ -1,43 +1,32 @@
-# $Id$
+# $Id: PKGBUILD 83314 2010-06-20 21:43:27Z eric $
# Maintainer: Eric Belanger <eric@archlinux.org>
# Contributor: dorphell <dorphell@archlinux.org>
pkgname=libtiff
-pkgver=3.8.2
-pkgrel=5
+pkgver=3.9.4
+pkgrel=1
pkgdesc="Library for manipulation of TIFF images"
arch=('i686' 'x86_64')
-url="http://www.libtiff.org/"
+url="http://www.remotesensing.org/libtiff/"
license=('custom')
-depends=('libjpeg>=7' 'zlib')
+depends=('libjpeg' 'zlib')
makedepends=('libgl' 'freeglut' 'libxmu' 'libxi')
optdepends=('freeglut: for using tiffgt')
options=('!libtool')
source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz \
- tiff2pdf-octal-printf.patch \
- tiffsplit-fname-overflow.patch \
- CVE-2006-3459-3465.patch \
- tiff2pdf-compression.patch \
- tiff-3.8.2-CVE-2008-2327.patch)
-md5sums=('fbb6f446ea4ed18955e2714934e5b698' 'd54368687d2645ffbbe6c2df384b11bf'\
- '323352fd60a7bd3ffac8724c3c031669' '624d3067e6a4c0680767eb62253ea980'\
- 'b443ffca9d498bb3a88c17da0200025b' 'c2c2e22557d9c63011df5777dda6a86b')
-sha1sums=('549e67b6a15b42bfcd72fe17cda7c9a198a393eb'
- 'c79245249634a121bfaff6cfecb763f72fe7f8eb'
- 'dc86bb68c7831ff70ff01d952d553be9f986be46'
- '85dc50a60a10025757e249d869dab7eb73ba6e3c'
- '508751f55131356ea8a7e7c4994ffbc9bd881769'
- '1da2ec6a47c0666cad9d07fb8427c1c75ca27b10')
+ libtiff-CVE-2009-2285.patch)
+md5sums=('2006c1bdd12644dbf02956955175afd6' 'ff61077408727a82281f77a94f555e2a')
+sha1sums=('a4e32d55afbbcabd0391a9c89995e8e8a19961de' 'eadce8c8bd72ea9c74f35300bf299131813b0c8b')
build() {
- cd ${srcdir}/tiff-${pkgver}
- patch -Np1 -i ${srcdir}/tiff2pdf-octal-printf.patch || return 1
- patch -Np1 -i ${srcdir}/tiffsplit-fname-overflow.patch || return 1
- patch -Np1 -i ${srcdir}/CVE-2006-3459-3465.patch || return 1
- patch -Np1 -i ${srcdir}/tiff2pdf-compression.patch || return 1
- patch -Np1 -i ${srcdir}/tiff-3.8.2-CVE-2008-2327.patch || return 1
+ cd "${srcdir}/tiff-${pkgver}"
+ patch -p1 < ../libtiff-CVE-2009-2285.patch || return 1
./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man || return 1
make || return 1
- make DESTDIR=${pkgdir} install || return 1
- install -D -m644 COPYRIGHT ${pkgdir}/usr/share/licenses/${pkgname}/LICENSE || return 1
+}
+
+package() {
+ cd "${srcdir}/tiff-${pkgver}"
+ make DESTDIR="${pkgdir}" install || return 1
+ install -D -m644 COPYRIGHT "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" || return 1
}
diff --git a/abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch b/abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch
new file mode 100644
index 0000000..435a84b
--- /dev/null
+++ b/abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch
@@ -0,0 +1,22 @@
+Index: tiff-3.8.2/libtiff/tif_lzw.c
+===================================================================
+--- tiff-3.8.2.orig/libtiff/tif_lzw.c
++++ tiff-3.8.2/libtiff/tif_lzw.c
+@@ -421,7 +421,7 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
+ NextCode(tif, sp, bp, code, GetNextCode);
+ if (code == CODE_EOI)
+ break;
+- if (code == CODE_CLEAR) {
++ if (code >= CODE_CLEAR) {
+ TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
+ "LZWDecode: Corrupted LZW table at scanline %d",
+ tif->tif_row);
+@@ -624,7 +624,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
+ NextCode(tif, sp, bp, code, GetNextCodeCompat);
+ if (code == CODE_EOI)
+ break;
+- if (code == CODE_CLEAR) {
++ if (code >= CODE_CLEAR) {
+ TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
+ "LZWDecode: Corrupted LZW table at scanline %d",
+ tif->tif_row);