From c2d8a1e536dd0820041baa03da35a4eb1c79e768 Mon Sep 17 00:00:00 2001
From: Cecil Hugh Watson <knoppmyth@gmail.com>
Date: Sat, 4 Sep 2010 16:47:21 -0700
Subject: libtiff:Bumped/Updated for LinHES 7.

---
 abs/core-testing/libtiff/ChangeLog                 | 27 ++++++++++++++
 abs/core-testing/libtiff/PKGBUILD                  | 43 ++++++++--------------
 .../libtiff/libtiff-CVE-2009-2285.patch            | 22 +++++++++++
 3 files changed, 65 insertions(+), 27 deletions(-)
 create mode 100644 abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch

diff --git a/abs/core-testing/libtiff/ChangeLog b/abs/core-testing/libtiff/ChangeLog
index 1a1c85b..88edcc7 100644
--- a/abs/core-testing/libtiff/ChangeLog
+++ b/abs/core-testing/libtiff/ChangeLog
@@ -1,3 +1,30 @@
+2010-06-20  Eric Belanger  <eric@archlinux.org>
+
+	* libtiff 3.9.4-1
+	* Upstream update
+
+2009-11-05  Eric Belanger  <eric@archlinux.org>
+
+	* libtiff 3.9.2-1
+	* Upstream update
+
+2009-08-28  Eric Belanger  <eric@archlinux.org>
+
+	* libtiff 3.9.1-1
+	* Upstream update
+
+2009-08-26  Eric Belanger  <eric@archlinux.org>
+
+	* libtiff 3.9.0-1
+	* Upstream update
+	* Updated url
+	* Updated patches
+
+2009-08-14  Eric Belanger  <eric@archlinux.org>
+
+	* libtiff 3.8.2-6
+	* Added security fixes (close FS#15931)
+
 2008-09-05  Eric Belanger  <eric@archlinux.org>
 
 	* libtiff 3.8.2-4
diff --git a/abs/core-testing/libtiff/PKGBUILD b/abs/core-testing/libtiff/PKGBUILD
index 51e106c..ed80a2b 100644
--- a/abs/core-testing/libtiff/PKGBUILD
+++ b/abs/core-testing/libtiff/PKGBUILD
@@ -1,43 +1,32 @@
-# $Id$
+# $Id: PKGBUILD 83314 2010-06-20 21:43:27Z eric $
 # Maintainer: Eric Belanger <eric@archlinux.org>
 # Contributor: dorphell <dorphell@archlinux.org>
 
 pkgname=libtiff
-pkgver=3.8.2
-pkgrel=5
+pkgver=3.9.4
+pkgrel=1
 pkgdesc="Library for manipulation of TIFF images"
 arch=('i686' 'x86_64')
-url="http://www.libtiff.org/"
+url="http://www.remotesensing.org/libtiff/"
 license=('custom')
-depends=('libjpeg>=7' 'zlib')
+depends=('libjpeg' 'zlib')
 makedepends=('libgl' 'freeglut' 'libxmu' 'libxi')
 optdepends=('freeglut: for using tiffgt')
 options=('!libtool')
 source=(ftp://ftp.remotesensing.org/pub/libtiff/tiff-${pkgver}.tar.gz \
-	tiff2pdf-octal-printf.patch \
-       	tiffsplit-fname-overflow.patch \
-	CVE-2006-3459-3465.patch \
-	tiff2pdf-compression.patch \
-        tiff-3.8.2-CVE-2008-2327.patch)
-md5sums=('fbb6f446ea4ed18955e2714934e5b698' 'd54368687d2645ffbbe6c2df384b11bf'\
-         '323352fd60a7bd3ffac8724c3c031669' '624d3067e6a4c0680767eb62253ea980'\
-         'b443ffca9d498bb3a88c17da0200025b' 'c2c2e22557d9c63011df5777dda6a86b')
-sha1sums=('549e67b6a15b42bfcd72fe17cda7c9a198a393eb'
-          'c79245249634a121bfaff6cfecb763f72fe7f8eb'
-          'dc86bb68c7831ff70ff01d952d553be9f986be46'
-          '85dc50a60a10025757e249d869dab7eb73ba6e3c'
-          '508751f55131356ea8a7e7c4994ffbc9bd881769'
-          '1da2ec6a47c0666cad9d07fb8427c1c75ca27b10')
+        libtiff-CVE-2009-2285.patch)
+md5sums=('2006c1bdd12644dbf02956955175afd6' 'ff61077408727a82281f77a94f555e2a')
+sha1sums=('a4e32d55afbbcabd0391a9c89995e8e8a19961de' 'eadce8c8bd72ea9c74f35300bf299131813b0c8b')
 
 build() {
-  cd ${srcdir}/tiff-${pkgver}
-  patch -Np1 -i ${srcdir}/tiff2pdf-octal-printf.patch || return 1
-  patch -Np1 -i ${srcdir}/tiffsplit-fname-overflow.patch || return 1
-  patch -Np1 -i ${srcdir}/CVE-2006-3459-3465.patch || return 1
-  patch -Np1 -i ${srcdir}/tiff2pdf-compression.patch || return 1
-  patch -Np1 -i ${srcdir}/tiff-3.8.2-CVE-2008-2327.patch || return 1
+  cd "${srcdir}/tiff-${pkgver}"
+  patch -p1 < ../libtiff-CVE-2009-2285.patch || return 1
   ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man || return 1
   make || return 1
-  make DESTDIR=${pkgdir} install || return 1
-  install -D -m644 COPYRIGHT ${pkgdir}/usr/share/licenses/${pkgname}/LICENSE || return 1
+}
+
+package() {
+  cd "${srcdir}/tiff-${pkgver}"
+  make DESTDIR="${pkgdir}" install || return 1
+  install -D -m644 COPYRIGHT "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" || return 1
 }
diff --git a/abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch b/abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch
new file mode 100644
index 0000000..435a84b
--- /dev/null
+++ b/abs/core-testing/libtiff/libtiff-CVE-2009-2285.patch
@@ -0,0 +1,22 @@
+Index: tiff-3.8.2/libtiff/tif_lzw.c
+===================================================================
+--- tiff-3.8.2.orig/libtiff/tif_lzw.c
++++ tiff-3.8.2/libtiff/tif_lzw.c
+@@ -421,7 +421,7 @@ LZWDecode(TIFF* tif, tidata_t op0, tsize
+ 			NextCode(tif, sp, bp, code, GetNextCode);
+ 			if (code == CODE_EOI)
+ 				break;
+-			if (code == CODE_CLEAR) {
++			if (code >= CODE_CLEAR) {
+ 				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
+ 				"LZWDecode: Corrupted LZW table at scanline %d",
+ 				tif->tif_row);
+@@ -624,7 +624,7 @@ LZWDecodeCompat(TIFF* tif, tidata_t op0,
+ 			NextCode(tif, sp, bp, code, GetNextCodeCompat);
+ 			if (code == CODE_EOI)
+ 				break;
+-			if (code == CODE_CLEAR) {
++			if (code >= CODE_CLEAR) {
+ 				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
+ 				"LZWDecode: Corrupted LZW table at scanline %d",
+ 				tif->tif_row);
-- 
cgit v0.12