2016-04-06 16:07:35 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Apr 6 13:56:19 UTC 2016 - fstrba@suse.com
|
|
|
|
|
|
|
|
|
|
- Added patch:
|
|
|
|
|
* tiff-4.0.6-CVE-2016-3186.patch
|
|
|
|
|
- fix CVE-2016-3186: buffer overflow in gif2tiff [bsc#973340]
|
|
|
|
|
|
2016-02-01 09:04:21 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Feb 1 08:01:19 UTC 2016 - fstrba@suse.com
|
|
|
|
|
|
|
|
|
|
- Added patch:
|
|
|
|
|
* tiff-4.0.6-CVE-2015-8782.patch
|
|
|
|
|
- fix CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds
|
|
|
|
|
writes for invalid images (upstream bug #2522) [bsc#964225]
|
|
|
|
|
|
2016-01-13 18:11:55 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 13 17:03:31 UTC 2016 - fstrba@suse.com
|
|
|
|
|
|
|
|
|
|
- Added patch:
|
2016-01-18 13:25:48 +01:00
|
|
|
* tiff-4.0.6-CVE-2015-7554.patch
|
|
|
|
|
- fix CVE-2015-7554: Out-of-bounds Write in the thumbnail and
|
|
|
|
|
tiffcmp tools (upsteam bug #2499) [bsc#960341]
|
2016-01-13 18:11:55 +01:00
|
|
|
|
2016-01-11 11:12:16 +01:00
|
|
|
-------------------------------------------------------------------
|
2016-01-13 18:00:35 +01:00
|
|
|
Mon Jan 11 13:53:42 UTC 2016 - kstreitova@suse.com
|
2016-01-11 11:12:16 +01:00
|
|
|
|
2016-01-13 18:11:55 +01:00
|
|
|
- Added patch:
|
|
|
|
|
* tiff-4.0.4-uninitialized_mem_NeXTDecode.patch
|
|
|
|
|
- fix uninitialized memory in NeXTDecode (upstream bug #2508)
|
|
|
|
|
[bsc#942690]
|
2016-01-11 11:12:16 +01:00
|
|
|
|
2015-12-08 18:29:05 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Dec 8 15:55:30 UTC 2015 - p.drouand@gmail.com
|
|
|
|
|
|
|
|
|
|
- Update to version 4.0.6
|
|
|
|
|
* Supports CMake 2.8.9 and later.
|
|
|
|
|
* Add missing file which wasn't being distributed, causing unit
|
|
|
|
|
tests to fail.
|
|
|
|
|
* Make shared/static library building configurable.
|
|
|
|
|
* CMake reads all version information directly from configure.ac
|
|
|
|
|
to avoid duplication of values.
|
|
|
|
|
* CMake builds are now included in 'distcheck' target.
|
|
|
|
|
* Autotools 'make distcheck' now tests the CMake-based build if
|
|
|
|
|
CMake is available.
|
|
|
|
|
* Fixes to avoid undefined behaviour of signed types (C standard
|
|
|
|
|
compliance).
|
|
|
|
|
* Fixes to avoid possible isses when casting to unsigned char.
|
|
|
|
|
* Fixes to avoid undefined behaviour with shifts.
|
|
|
|
|
* Fix generation of output with 16 bit or 32 bit integer, when
|
|
|
|
|
byte swapping is needed, in horizontal predictor (#2521).
|
|
|
|
|
* Fix decoding when there is a single pixel to decode
|
|
|
|
|
(unlikely case...) and byte swapping is involved.
|
|
|
|
|
* Add add explicit masking with 0xff before casting to uchar in
|
|
|
|
|
floating-point horizontal differencing and accumulation routines.
|
|
|
|
|
* Eliminate requirement for and use of 64-bit constant values.
|
|
|
|
|
* tiffgt : Silence glut API deprecation warnings on MacOS X.
|
|
|
|
|
* fax2ps : Detect failure to write to temporary file.
|
|
|
|
|
- Changes from version 4.0.5
|
|
|
|
|
* Support for configure/build using CMake.
|
|
|
|
|
* Support for large (> 2GB) files under Microsoft Windows.
|
|
|
|
|
* Configuration and building using CMake is now supported under
|
|
|
|
|
Microsoft Windows and on Unix-type systems.
|
|
|
|
|
* Test for and use fseeko() if it is available. This allows supporting
|
|
|
|
|
large files on Unix-type systems with a 32-bit 'long' type and a
|
|
|
|
|
64-bit 'off_t' type.
|
|
|
|
|
* tiffiop.h: Macros added to use 64-bit equivalents for all standard
|
|
|
|
|
I/O and POSIX APIs used by libtiff and its tools which are limited
|
|
|
|
|
to 2GB in Windows builds. Note that these 64-bit equivalents were
|
|
|
|
|
introduced by the CRT provided with Visual Studio 2005 and if the
|
|
|
|
|
necessary CRT is not installed on the target computer, the program
|
|
|
|
|
will not run. The wrapper macros will not be activated unless the
|
|
|
|
|
definition _MSC_VER is at least 1400 or __MSVCRT_VERSION__ is at
|
|
|
|
|
least 0x800.
|
|
|
|
|
* tif_unix.c: Updated to support large files under Microsoft Windows.
|
|
|
|
|
This makes tif_unix.c a completely viable candidate for use under
|
|
|
|
|
Windows (in spite of its name) if the CRT is modern enough. Please
|
|
|
|
|
note that tif_win32.c already supported large files, but only
|
|
|
|
|
'tiffinfo' and 'tiffdump' made any provision to support large files
|
|
|
|
|
under Windows.
|
|
|
|
|
* _tiffReadProc() and _tiffWriteProc() are modified to chunk I/O to a
|
|
|
|
|
maximum size of 2GB for extremely large I/O requests. This surmounts
|
|
|
|
|
limitations in the Microsoft Windows read() and write() APIs (which
|
|
|
|
|
are limited to the range of a 32-bit 'int'), and may avoid poor
|
|
|
|
|
behavior with extremely large I/O requests on other systems.
|
|
|
|
|
* Updated to use I/O wrapper macros from tiffiop.h in order to
|
|
|
|
|
support large files under Microsoft Windows.
|
|
|
|
|
|
2015-08-04 11:54:51 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 4 08:17:35 UTC 2015 - kstreitova@suse.com
|
|
|
|
|
|
|
|
|
|
- use spec-cleaner
|
|
|
|
|
|
2015-07-01 09:23:45 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jul 1 07:17:13 UTC 2015 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- update to 4.0.4
|
|
|
|
|
D tiff-4.0.3-double-free.patch
|
|
|
|
|
D tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch
|
|
|
|
|
D tiff-4.0.3-CVE-2013-1961.patch
|
|
|
|
|
D erouault.2862.patch
|
|
|
|
|
D bfriesen.2805.patch
|
|
|
|
|
D tiff-4.0.3-CVE-2013-4232.patch
|
|
|
|
|
D tiff-4.0.3-CVE-2013-4244.patch
|
|
|
|
|
D erouault.2861.patch
|
|
|
|
|
D erouault.2857.patch
|
|
|
|
|
D erouault.2856.patch
|
|
|
|
|
D erouault.2859.patch
|
|
|
|
|
D tiff-4.0.3-CVE-2012-4564.patch
|
|
|
|
|
D tiff-4.0.3-tiff2pdf-colors.patch
|
|
|
|
|
D erouault.2876.patch
|
|
|
|
|
D erouault.2860.patch
|
|
|
|
|
D tiff-dither-malloc-check.patch
|
|
|
|
|
D tiff-4.0.3-CVE-2013-1960.patch
|
|
|
|
|
D erouault.2858.patch
|
|
|
|
|
D tiff-handle-TIFFTAG_PREDICTOR.patch
|
|
|
|
|
D tiff-4.0.3-CVE-2013-4231.patch
|
|
|
|
|
D tiff-4.0.3-CVE-2013-4243.patch
|
|
|
|
|
D erouault.2863.patch
|
|
|
|
|
D tiff-4.0.3-test-jpeg-turbo.patch
|
|
|
|
|
|
2015-02-26 15:02:29 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Feb 26 13:58:54 UTC 2015 - pgajdos@suse.com
|
|
|
|
|
|
2016-02-01 09:08:56 +01:00
|
|
|
- security update: CVE-2014-9655, CVE-2014-8127, CVE-2014-8128,
|
2015-02-26 15:02:29 +01:00
|
|
|
CVE-2014-8129, CVE-2014-8130, CVE-2015-1547
|
|
|
|
|
bnc#914890, bnc#916925, bnc#916927
|
|
|
|
|
+ erouault.2856.patch
|
|
|
|
|
+ erouault.2857.patch
|
|
|
|
|
+ erouault.2858.patch
|
|
|
|
|
+ erouault.2859.patch
|
|
|
|
|
+ erouault.2860.patch
|
|
|
|
|
+ erouault.2861.patch
|
|
|
|
|
+ erouault.2862.patch
|
|
|
|
|
+ erouault.2863.patch
|
|
|
|
|
+ erouault.2876.patch
|
|
|
|
|
+ bfriesen.2805.patch
|
|
|
|
|
+ tiff-handle-TIFFTAG_CONSECUTIVEBADFAXLINES.patch
|
|
|
|
|
+ tiff-handle-TIFFTAG_PREDICTOR.patch
|
|
|
|
|
+ tiff-dither-malloc-check.patch
|
|
|
|
|
|
2014-12-23 16:18:37 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Dec 22 19:58:43 UTC 2014 - meissner@suse.com
|
|
|
|
|
|
|
|
|
|
- build with PIE
|
|
|
|
|
|
2013-08-21 15:42:57 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Aug 21 12:57:57 UTC 2013 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- security update
|
|
|
|
|
* CVE-2013-4232.patch [bnc#834477]
|
|
|
|
|
* CVE-2013-4231.patch [bnc#834477]
|
|
|
|
|
* CVE-2013-4244.patch [bnc#834788]
|
|
|
|
|
* CVE-2013-4243.patch [bnc#834779]
|
|
|
|
|
|
2013-06-26 13:20:47 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jun 26 10:48:50 UTC 2013 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- tiff2pdf: introduced warning when the compression isn't lzw or
|
|
|
|
|
none [bnc#819142]
|
|
|
|
|
- tiff2pdf: fixed crash [bnc#821872]
|
|
|
|
|
|
2013-04-05 12:41:57 +02:00
|
|
|
-------------------------------------------------------------------
|
2013-05-02 14:06:57 +02:00
|
|
|
Tue Apr 30 13:20:50 UTC 2013 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- security update
|
|
|
|
|
* CVE-2013-1961.patch [bnc#818117]
|
|
|
|
|
* CVE-2013-1960.patch [bnc#817573]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2013-04-05 12:41:57 +02:00
|
|
|
Fri Apr 5 10:23:51 UTC 2013 - idonmez@suse.com
|
|
|
|
|
|
|
|
|
|
- Add Source URL, see https://en.opensuse.org/SourceUrls
|
|
|
|
|
|
2012-11-05 14:22:09 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Nov 5 09:27:59 UTC 2012 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- updated to 4.0.3:
|
|
|
|
|
* Add some TIFF/FX support in libtiff.
|
|
|
|
|
* Fix bug rewriting image tiles in a compressed file.
|
|
|
|
|
* Fix read past end of data buffer.
|
|
|
|
|
* etc., see ChangeLog
|
|
|
|
|
- removed upstreamed patches:
|
|
|
|
|
* bigendian.patch
|
|
|
|
|
* dont-fancy-upsampling.patch
|
|
|
|
|
* CVE-2012-3401.patch
|
|
|
|
|
- new patch:
|
|
|
|
|
* test-jpeg-turbo.patch
|
|
|
|
|
* CVE-2012-4564.patch [bnc#787892]
|
|
|
|
|
|
2012-07-23 11:53:22 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jul 23 09:52:50 UTC 2012 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- fixed CVE-2012-3401 [bnc#770816]
|
|
|
|
|
|
2012-06-20 11:32:03 +02:00
|
|
|
-------------------------------------------------------------------
|
2012-06-29 01:06:28 +02:00
|
|
|
Thu Jun 28 10:16:29 UTC 2012 - meissner@suse.com
|
|
|
|
|
|
|
|
|
|
- RGBA is packed in host order, use the right macros to unpack
|
|
|
|
|
and verify in raw_decode test.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2012-06-20 11:32:03 +02:00
|
|
|
Wed Jun 20 09:29:37 UTC 2012 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- updated to 4.0.2: [bnc#767852] [bnc#767854]
|
|
|
|
|
tif_getimage.c: added support for _SEPARATED CMYK images.
|
|
|
|
|
tif_getimage.c: Added support for greyscale + alpha.
|
|
|
|
|
Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory() functions.
|
|
|
|
|
tif_print.c: Lots of fixes around printing corrupt or hostile input.
|
|
|
|
|
Improve handling of corrupt ycbcrsubsampling values.
|
|
|
|
|
tif_unix.c: use strerror to get meaningful error messages.
|
|
|
|
|
tif_jpeg.c: fix serious bugs in JPEGDecodeRaw().
|
|
|
|
|
tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173).
|
|
|
|
|
tiff2pdf: Defend against integer overflows while calculating required
|
|
|
|
|
buffer sizes (CVE-2012-2113).
|
|
|
|
|
|
2012-05-29 18:32:59 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Apr 10 17:37:25 UTC 2012 - brian@aljex.com
|
|
|
|
|
|
|
|
|
|
- Fix building on older targets from SUSE 10.0 to current.
|
|
|
|
|
- Add jbig support
|
|
|
|
|
|
2012-03-29 11:52:36 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Mar 29 09:51:49 UTC 2012 - idonmez@suse.com
|
|
|
|
|
|
|
|
|
|
- Add lzma support
|
|
|
|
|
- Implement %check
|
|
|
|
|
- Drop visibility patch because it breaks compilation
|
|
|
|
|
|
2012-03-29 11:41:00 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Mar 28 18:06:34 UTC 2012 - i@marguerite.su
|
|
|
|
|
|
|
|
|
|
- change package name libtiff4 to libtiff5.
|
|
|
|
|
library number is 5 actually.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Mar 28 17:29:16 UTC 2012 - i@marguerite.su
|
|
|
|
|
|
|
|
|
|
- Update to 4.0.1
|
|
|
|
|
* configure.ac
|
|
|
|
|
- Add libtiff private dependency on -llzma for pkg-config
|
|
|
|
|
- Add support for using library symbol versioning on
|
|
|
|
|
ELF systems with the GNU linker.
|
|
|
|
|
* libtiff/tif_win32.c: Eliminate some minor 64-bit warnings in
|
|
|
|
|
tif_win32.c
|
|
|
|
|
* libtiff/tif_jpeg.c: Extra caution for case where sp is NULL.
|
|
|
|
|
* libtiff/tif_dir.c, libtiff/tif_dirread.c: Extra caution around
|
|
|
|
|
assumption tag fetching is always successful.
|
|
|
|
|
* libtiff/tiffio.h: Use double-underbar syntax in GCC printf
|
|
|
|
|
attribute specification to lessen the risk of accidental macro
|
|
|
|
|
substitution.
|
|
|
|
|
* Update automake used to 1.11.3.
|
|
|
|
|
|
2012-03-28 14:15:28 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Mar 28 12:12:23 UTC 2012 - cfarrell@suse.com
|
|
|
|
|
|
|
|
|
|
- license update: HPND
|
|
|
|
|
tiff license most akin to spdx recognised
|
|
|
|
|
http://www.spdx.org/licenses/HPND
|
|
|
|
|
|
2012-01-10 05:08:48 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 10 01:21:45 UTC 2012 - crrodriguez@opensuse.org
|
|
|
|
|
|
|
|
|
|
- remove libjpeg-devel and zlib-devel from libtiff-devel
|
|
|
|
|
requires as they are _not_ required to use the library.
|
|
|
|
|
Now, this _will_ break packages with wrong buildrequires
|
|
|
|
|
for good.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 10 00:55:53 UTC 2012 - crrodriguez@opensuse.org
|
|
|
|
|
|
|
|
|
|
- Hide private symbols using gcc visibility, this has been
|
|
|
|
|
applied only to functions that the source code clearly states
|
|
|
|
|
that are internal to the library.
|
|
|
|
|
- Run spec cleaner
|
|
|
|
|
|
2011-11-23 10:34:52 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Nov 23 09:31:16 UTC 2011 - coolo@suse.com
|
|
|
|
|
|
|
|
|
|
- add libtool as buildrequire to avoid implicit dependency
|
|
|
|
|
|
2011-08-05 23:38:28 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Aug 5 21:09:33 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
|
|
|
|
|
|
- Do not use -fno-strict-aliasing, no longer needed
|
|
|
|
|
and will probably slow down the code.
|
|
|
|
|
- Fix self-obsoletion warning
|
|
|
|
|
|
2011-04-14 14:19:38 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Apr 14 14:02:12 CEST 2011 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.9.5:
|
|
|
|
|
* fixed integer overflow CVE-2010-4665
|
|
|
|
|
* fixed buffer overflow in ojpeg decoder
|
|
|
|
|
* upstreamed:
|
|
|
|
|
- oob-read.patch
|
|
|
|
|
- CVE-2011-0192.patch
|
|
|
|
|
- getimage-64bit.patch
|
|
|
|
|
- CVE-2011-1167.patch
|
|
|
|
|
- scanlinesize.patch
|
|
|
|
|
|
2011-03-31 23:13:45 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Mar 31 21:49:49 CEST 2011 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed regression caused by previous update [bnc#682871]
|
|
|
|
|
* modified CVE-2011-0192.patch
|
|
|
|
|
- fixed buffer overflow in thunder decoder [bnc#683337]
|
|
|
|
|
* added CVE-2011-1167.patch
|
|
|
|
|
|
2011-03-03 09:30:27 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Feb 17 15:40:54 CET 2011 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed buffer overflow [bnc#672510]
|
|
|
|
|
* CVE-2011-0192.patch
|
|
|
|
|
|
2010-09-06 15:07:10 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Sep 6 14:56:09 CEST 2010 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed "Possibly exploitable memory corruption issue in libtiff"
|
|
|
|
|
(see http://bugzilla.maptools.org/show_bug.cgi?id=2228)
|
|
|
|
|
[bnc#624215]
|
|
|
|
|
* scanlinesize.patch
|
|
|
|
|
- fixed crash while using libjpeg7 and higher
|
|
|
|
|
* dont-fancy-upsampling.patch
|
|
|
|
|
|
2010-04-28 22:33:34 +02:00
|
|
|
-------------------------------------------------------------------
|
2010-07-12 16:40:09 +02:00
|
|
|
Mon Jul 12 16:36:48 CEST 2010 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.9.4: fixes CVE-2010-2065 -- obsoletes
|
|
|
|
|
* integer-overflow.patch
|
|
|
|
|
* NULL-deref.patch
|
|
|
|
|
- fixes CVE-2010-2067
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jun 23 10:32:01 CEST 2010 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed CVE-2010-2065
|
|
|
|
|
* integer-overflow.patch
|
|
|
|
|
* NULL-deref.patch
|
|
|
|
|
- fixed out of bounds read
|
|
|
|
|
* oob-read.patch
|
|
|
|
|
- fixed CVE-2010-2233
|
|
|
|
|
* getimage-64bit.patch
|
|
|
|
|
- [bnc#612879]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2010-04-28 22:33:34 +02:00
|
|
|
Mon Apr 26 15:07:09 CEST 2010 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed tiff2pdf output [bnc#599475]
|
|
|
|
|
|
2010-03-26 09:50:15 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Mar 26 08:49:41 UTC 2010 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed typo
|
|
|
|
|
|
2010-03-16 14:09:34 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Mar 16 13:37:23 CET 2010 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.9.2: fixed many CVE's and obsoletes almost all
|
|
|
|
|
our patches (see ChangeLog for details)
|
|
|
|
|
|
2010-02-19 16:34:57 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Dec 15 19:38:18 CET 2009 - jengelh@medozas.de
|
|
|
|
|
|
|
|
|
|
- add baselibs.conf as a source
|
|
|
|
|
- enable parallel building
|
|
|
|
|
|
2009-10-02 23:28:01 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Aug 6 14:02:07 CEST 2009 - pgajdos@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed integer overflows [bnc#519796]
|
|
|
|
|
* CVE-2009-2347.patch
|
|
|
|
|
|
2009-02-12 23:04:23 +01:00
|
|
|
-------------------------------------------------------------------
|
2009-07-03 17:02:46 +02:00
|
|
|
Thu Jul 2 16:33:02 CEST 2009 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed lzw overflow CVE-2009-2285 [bnc#518698]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2009-02-12 23:04:23 +01:00
|
|
|
Wed Feb 4 15:49:04 CET 2009 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed an endless loop on invalid images
|
|
|
|
|
(bnc#444079) CVE-2008-1586
|
|
|
|
|
|
2009-01-14 18:00:19 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 13 16:19:37 CET 2009 - olh@suse.de
|
|
|
|
|
|
|
|
|
|
- obsolete old libtiff-64bit on ppc64 (bnc#437293)
|
|
|
|
|
|
2009-01-09 02:04:57 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 7 12:34:56 CET 2009 - olh@suse.de
|
|
|
|
|
|
|
|
|
|
- obsolete old -XXbit packages (bnc#437293)
|
|
|
|
|
|
2008-09-08 01:39:20 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Sep 7 11:24:56 CEST 2008 - schwab@suse.de
|
|
|
|
|
|
|
|
|
|
- Fix conflicting options.
|
|
|
|
|
|
2008-09-05 20:56:16 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 19 17:45:10 CEST 2008 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed buffer overflows in LZW code (CVE-2008-2327) [bnc#414946]
|
|
|
|
|
|
2008-04-10 15:35:22 +02:00
|
|
|
-------------------------------------------------------------------
|
2008-05-22 05:01:08 +02:00
|
|
|
Sun May 18 10:37:18 CEST 2008 - coolo@suse.de
|
|
|
|
|
|
|
|
|
|
- fix rename of xxbit packages
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2008-04-10 15:35:22 +02:00
|
|
|
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- added baselibs.conf file to build xxbit packages
|
|
|
|
|
for multilib support
|
|
|
|
|
|
2007-07-27 15:59:33 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jul 27 15:58:49 CEST 2007 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- add provides and obsoletes for libtiff to libtiff3 package
|
|
|
|
|
|
2007-07-23 21:30:20 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Jul 19 15:01:40 CEST 2007 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- renamed libtiff to libtiff3
|
|
|
|
|
- do not package static libraries
|
|
|
|
|
- added zlib-devel to BuildRequires
|
|
|
|
|
|
2006-12-19 00:18:03 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jun 12 13:40:43 CEST 2006 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed a typo in the previous change [#179051]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jun 2 17:17:55 CEST 2006 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed buffer overflow in tiffsplit (CVE-2006-2656) [#179051]
|
|
|
|
|
- fixed buffer overflow in tiff2pdf [#179587]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Apr 12 11:01:27 CEST 2006 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.8.2 [#165237]
|
|
|
|
|
* bugfix release
|
|
|
|
|
* fixed several segfaults caused by incorrect tiff data
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Feb 7 15:09:45 CET 2006 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed crash on certain tiff images CVE-2006-0405 [#145757]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 25 21:31:02 CET 2006 - mls@suse.de
|
|
|
|
|
|
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Jan 12 16:32:23 CET 2006 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- compile with -fstack-protector
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 3 15:01:35 CET 2006 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.8.0:
|
|
|
|
|
* Read-only support for custom directories (e.g. EXIF directory)
|
|
|
|
|
* Preliminary support for MS MDI format
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Oct 10 15:13:48 CEST 2005 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- built with -fno-strict-aliasing
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jul 15 15:35:41 CEST 2005 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.7.3
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 24 17:13:51 CEST 2005 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.7.2
|
|
|
|
|
- fixed 64bit bug in ppm2tiff [#85440]
|
|
|
|
|
- fixed buffer overflow in BitsPerSample [#82787]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Feb 17 13:38:57 CET 2005 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed reading of alpha channel
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Jan 16 20:05:53 CET 2005 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- added c++ to neededforbuild
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jan 7 15:41:40 CET 2005 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- use typedef int int32 on all architectures
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 05 15:42:09 CET 2005 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- disabled c++ API as it would add a dependency on c++ libraries
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jan 03 17:50:47 CET 2005 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.7.1: bugfix release
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Dec 15 21:04:47 CET 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- added README.SUSE pointing to the documentation [#48601]
|
|
|
|
|
- moved man3 to devel subpackage
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Oct 22 18:38:53 CEST 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.7.0 - security fixes are included in mainstream
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Oct 20 09:59:41 CEST 2004 - meissner@suse.de
|
|
|
|
|
|
|
|
|
|
- Initialize ycbcrsubsampling to be not 0 in case
|
|
|
|
|
of bad tiffs to avoid denial of service by divison/0.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 12 15:20:16 CEST 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- do not call TIFFTileSize with uninitialized values [#44635]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Oct 07 18:44:29 CEST 2004 - pmladek@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed much more buffer overflows (the older tiff-alt-bound-CheckMalloc.patch
|
|
|
|
|
is included in the new libtiff-3.6.1-alt-bound.patch now) [#44635]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Sep 30 18:33:05 CEST 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed more buffer overflows [#44635]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Sep 21 17:47:00 CEST 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed multiple buffer overflows - CAN-2004-0803 [#44635]
|
|
|
|
|
- disabled old jpeg support because of security problems [#45116]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 31 16:23:04 CEST 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- added LZW support
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Aug 25 13:39:39 CEST 2004 - kukuk@suse.de
|
|
|
|
|
|
|
|
|
|
- Create -devel subpackage
|
|
|
|
|
- Add libjpeg-devel to neededforbuild
|
|
|
|
|
- Avoid /bin/sh in PreRequires
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jul 2 16:10:10 CEST 2004 - max@suse.de
|
|
|
|
|
|
|
|
|
|
- port.h is needed as well.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu May 6 17:08:54 CEST 2004 - max@suse.de
|
|
|
|
|
|
|
|
|
|
- Install private headers (tif_dir.h, tiffiop.h).
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Apr 27 16:42:03 CEST 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed tif_fax3 from cvs [#39515]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Feb 09 12:27:05 CET 2004 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.6.1
|
|
|
|
|
- fixed dangerous compiler warnings
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Jan 10 20:14:17 CET 2004 - adrian@suse.de
|
|
|
|
|
|
|
|
|
|
- add %defattr and %run_ldconfig
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed May 21 01:06:35 CEST 2003 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- remove cvs subdirs
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Jul 27 14:15:49 CEST 2002 - kukuk@suse.de
|
|
|
|
|
|
|
|
|
|
- Provide libtiff-devel in libtiff [Bug #17260]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jul 26 21:37:50 CEST 2002 - adrian@suse.de
|
|
|
|
|
|
|
|
|
|
- fix neededforbuild
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jul 3 13:41:23 CEST 2002 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- fixed segfault in fax2tiff [bug #16818]
|
|
|
|
|
- fixed size of int32 on 64bit architectures
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jun 26 01:25:38 CEST 2002 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- fixed directory permissions
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jun 19 12:35:20 CEST 2002 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- compiled with OJPEG_SUPPORT [bug #16408]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Apr 18 23:05:34 CEST 2002 - kukuk@suse.de
|
|
|
|
|
|
|
|
|
|
- Fix to compile on lib64 architectures
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Feb 6 14:48:39 CET 2002 - coolo@suse.de
|
|
|
|
|
|
|
|
|
|
- use %_libdir
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Jan 24 11:53:02 CET 2002 - okir@suse.de
|
|
|
|
|
|
|
|
|
|
- Fixed a tempfile race in fax2ps
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Dec 11 12:24:47 CET 2001 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- updated to 3.5.7: bugfix release
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed May 9 22:09:18 CEST 2001 - mfabian@suse.de
|
|
|
|
|
|
|
|
|
|
- bzip2 sources
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Mar 15 19:11:58 CET 2001 - schwab@suse.de
|
|
|
|
|
|
|
|
|
|
- Fix for ia64.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri May 26 16:16:59 CEST 2000 - bubnikv@suse.cz
|
|
|
|
|
|
|
|
|
|
- sorted
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu May 25 10:55:25 CEST 2000 - schwab@suse.de
|
|
|
|
|
|
|
|
|
|
- Fix dso configure check for ia64.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu May 11 09:41:12 CEST 2000 - nadvornik@suse.cz
|
|
|
|
|
|
|
|
|
|
- update to 3.5.5
|
|
|
|
|
- added BuildRoot
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 25 17:12:06 CET 2000 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- manpages to /usr/share using macro
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jan 3 15:10:55 CET 2000 - schwab@suse.de
|
|
|
|
|
|
|
|
|
|
- Update to 3.5.4 (Y2K fix)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de
|
|
|
|
|
|
|
|
|
|
- ran old prepare_spec on spec file to switch to new prepare_spec.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 13 18:07:04 MET 1999 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- respect systems where libc is libc.so.6.1 (alpha)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Nov 25 17:56:05 MET 1998 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- update to 3.4 (final) named 3.4.final for rpm
|
|
|
|
|
- moved from /usr/X11R6 to /usr
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jul 29 19:01:00 MEST 1998 - werner@suse.de
|
|
|
|
|
|
|
|
|
|
- Link shared libs explicit with -lc
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 12 18:22:27 MEST 1998 - ro@suse.de
|
|
|
|
|
|
|
|
|
|
- extracted package from libgr / build from own sources
|
|
|
|
|
|
