OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=107

tiff-4.0.8.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:59d7a5a8ccd92059913f246877db95a2918e6c04fb9d43fd74e5c3390dac2910
-size 2065574

tiff-4.0.9.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6e7bdeec2c310734e734d19aae3a71ebe37a4d842e0e23dbb1b8921c0026cfcd
+size 2305681

tiff.changes

@@ -1,7 +1,274 @@
+-------------------------------------------------------------------
+Wed Nov 29 09:08:42 UTC 2017 - fstrba@suse.com
+
+- Upgrade to upstream release 4.0.9
+  * Changes in the software configuration:
+    + test/Makefile.am: Add some tests for tiff2bw.
+    + .appveyor.yml, .travis.yml, build/travis-ci: apply patches
+      0001-ci-Travis-script-improvements.patch and
+      0002-ci-Invoke-helper-script-via-shell.patch by Roger Leigh
+    + .travis.yml, build/travis-ci: new files from
+      0001-ci-Add-Travis-support-for-Linux-builds-with-Autoconf.patch
+      by Roger Leigh. This patch adds support for the Travis-CI
+      service.
+    + .appveyor.yml: new file from
+      0002-ci-Add-AppVeyor-support.patch by Roger Leigh (sent to
+      mailing list on 2017-06-08) This patch adds a .appveyor.yml
+      file to the top-level. This allows one to opt in to having a
+      branch built on Windows with Cygwin, MinGW and MSVC
+      automatically when a branch is pushed to GitHub, GitLab,
+      BitBucket or any other supported git hosting service.
+    + CMakeLists.txt, test/CMakeLists.txt,
+      test/TiffTestCommon.cmake: apply patch
+      0001-cmake-Improve-Cygwin-and-MingGW-test-support.patch from
+      Roger Leigh. This patch makes the CMake build system support
+      running the tests with MinGW or  Cygwin.
+    + test/tiffcp-lzw-compat.sh, test/images/quad-lzw-compat.tiff:
+      new files to test old-style LZW decompression
+    + test/common.sh, Makefile.am, CMakeList.txt: updated with above
+    + test/Makefile.am: add missing reference to
+      images/quad-lzw-compat.tiff to fix "make distcheck". Patch by
+      Roger Leigh
+    + nmake.opt: support a DEBUG=1 option, so as to adjust OPTFLAGS
+      and use /MDd runtime in debug mode.
+  * Changes in libtiff:
+    + libtiff/tif_color.c: TIFFYCbCrToRGBInit(): stricter clamping
+      to avoid int32 overflow in TIFFYCbCrtoRGB(). Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1844
+    + libtiff/tif_getimage.c: initYCbCrConversion(): stricter
+      validation for refBlackWhite coefficients values. To avoid
+      invalid float->int32 conversion (when refBlackWhite[0] ==
+      2147483648.f) Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1907
+    + libtiff/tif_dirinfo.c, tif_dirread.c: add
+      _TIFFCheckFieldIsValidForCodec(), and use it in
+      TIFFReadDirectory() so as to ignore fields whose tag is a
+      codec-specified tag but this codec is not enabled. This avoids
+      TIFFGetField() to behave differently depending on whether the
+      codec is enabled or not, and thus can avoid stack based buffer
+      overflows in a number of TIFF utilities such as tiffsplit,
+      tiffcmp, thumbnail, etc. Patch derived from
+      0063-Handle-properly-CODEC-specific-tags.patch
+      (http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël
+      Hertzog.
+      Fixes: http://bugzilla.maptools.org/show_bug.cgi?id=2580
+      http://bugzilla.maptools.org/show_bug.cgi?id=2693
+      http://bugzilla.maptools.org/show_bug.cgi?id=2625
+      (CVE-2016-10095, bsc#1017690)
+      http://bugzilla.maptools.org/show_bug.cgi?id=2564
+      (CVE-2015-7554, bsc#960341)
+      http://bugzilla.maptools.org/show_bug.cgi?id=2561
+      (CVE-2016-5318, bsc#983436)
+      http://bugzilla.maptools.org/show_bug.cgi?id=2499
+      (CVE-2014-8128, bsc#969783)
+      http://bugzilla.maptools.org/show_bug.cgi?id=2441
+      http://bugzilla.maptools.org/show_bug.cgi?id=2433
+    + libtiff/tif_swab.c: if DISABLE_CHECK_TIFFSWABMACROS is
+      defined, do not do the #ifdef TIFFSwabXXX checks. Make it
+      easier for GDAL to rename the symbols of its internal libtiff
+      copy.
+    + libtiff/tif_dirread.c: fix regression of libtiff 4.0.8 in
+      ChopUpSingleUncompressedStrip() regarding update of newly
+      single-strip uncompressed files whose bytecount is 0. Before
+      the change of 2016-12-03, the condition bytecount==0 used to
+      trigger an early exit/disabling of strip chop. Re-introduce
+      that in update mode. Otherwise this cause later incorrect
+      setting for the value of StripByCounts/StripOffsets.
+      (https://trac.osgeo.org/gdal/ticket/6924)
+    + libtiff/tif_dirread.c: TIFFFetchStripThing(): limit the
+      number of items read in StripOffsets/StripByteCounts tags to
+      the number of strips to avoid excessive memory allocation.
+      Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2215
+    + libtiff/tif_getimage.c: avoid many (harmless) unsigned int
+      overflows.
+    + libtiff/tif_fax3.c: avoid unsigned int overflow in
+      Fax3Encode2DRow(). Could potentially be a bug with huge rows.
+    + libtiff/tif_jpeg.c: avoid (harmless) unsigned int overflow on
+      tiled images.
+    + libtiff/tif_dirread.c: avoid unsigned int overflow in
+      EstimateStripByteCounts() and BYTECOUNTLOOKSBAD when file is
+      too short.
+    + libtiff/tif_predict.c: decorate legitimate functions where
+      unsigned int overflow occur with
+      TIFF_NOSANITIZE_UNSIGNED_INT_OVERFLOW
+    + libtiff/tif_dirread.c: avoid unsigned int overflow in
+      EstimateStripByteCounts()
+    + libtiff/tiffiop.h: add TIFF_NOSANITIZE_UNSIGNED_INT_OVERFLOW
+      macro to disable CLang warnings raised by
+       -fsanitize=undefined,unsigned-integer-overflow
+    + libtiff/tif_jpeg.c: add anti-denial of service measure to
+      avoid excessive CPU consumption on progressive JPEGs with a
+      huge number of scans. See
+      http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf
+      Note: only affects libtiff since 2014-12-29 where support of
+      non-baseline JPEG was added.
+    + libtiff/tif_jpeg.c: error out at decoding time if anticipated
+      libjpeg memory allocation is above 100 MB. libjpeg in case of
+      multiple scans, which is allowed even in baseline JPEG, if
+      components are spread over several scans and not
+      interleavedin a single one, needs to allocate memory (or
+      backing store) for the whole strip/tile. See
+      http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf
+      This limitation may be overriden by setting the
+      LIBTIFF_ALLOW_LARGE_LIBJPEG_MEM_ALLOC environment variable, or
+      recompiling libtiff with a custom value of
+      TIFF_LIBJPEG_LARGEST_MEM_ALLOC macro.
+    + libtiff/tif_jbig.c: fix memory leak in error code path of
+      JBIGDecode()
+      Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2706
+      (CVE-2017-9936, bsc#1046073)
+    + libtiff/tif_dirread.c: in TIFFReadDirEntryFloat(), check that
+      a double value can fit in a float before casting.
+    + libtiff/tiffiop.h, libtiff/tif_jpeg.c, libtiff/tif_jpeg_12.c,
+      libtiff/tif_read.c: make TIFFReadScanline() works in
+      CHUNKY_STRIP_READ_SUPPORT mode with JPEG stream with multiple
+      scans. Also make configurable through a
+      LIBTIFF_JPEG_MAX_ALLOWED_SCAN_NUMBER environment variable the
+      maximum number of scans allowed. Defaults to 100.
+    + libtiff/tif_read.c: TIFFFillTile(): add limitation to the
+      number of bytes read in case td_stripbytecount[strip] is
+      bigger than reasonable, so as to avoid excessive memory
+      allocation (similarly to what was done for TIFFFileStrip() on
+      2017-05-10)
+    + libtiff/tif_getimage.c: use
+      _TIFFReadEncodedStripAndAllocBuffer(). Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2708 and
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2433
+    + libtiff/tif_read.c, tiffiop.h: add a
+      _TIFFReadEncodedStripAndAllocBuffer() function, variant of
+      TIFFReadEncodedStrip() that allocates the decoded buffer only
+      after a first successful TIFFFillStrip(). This avoids
+      excessive memory allocation on corrupted files.
+    + libtiff/tif_dirwrite.c: in TIFFWriteDirectoryTagCheckedXXXX()
+      functions associated with LONG8/SLONG8 data type, replace
+      assertion that the file is BigTIFF, by a non-fatal error.
+      Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2712
+    + libtiff/tif_read.c: TIFFStartTile(): set tif_rawcc to
+      tif_rawdataloaded when it is set. Similarly to
+      TIFFStartStrip(). This issue was revealed by the change of
+      2017-06-30 in TIFFFileTile(), limiting the number of bytes
+      read. But it could probably have been hit too in
+      CHUNKY_STRIP_READ_SUPPORT mode previously. Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2454
+    + libtiff/tif_error.c, tif_warning.c: correctly use va_list
+      when both an old-style and new-style warning/error handlers
+      are installed. Patch by Paavo Helde (sent on the mailing list)
+    + libtiff/tif_getimage.c: use _TIFFReadTileAndAllocBuffer().
+      Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2470
+    + libtiff/tif_read.c, tiffiop.h: add a
+      _TIFFReadEncodedTileAndAllocBuffer() and
+      _TIFFReadTileAndAllocBuffer() variants of
+      TIFFReadEncodedTile() and TIFFReadTile() that allocates the
+      decoded buffer only after a first successful TIFFFillTile().
+      This avoids excessive memory allocation on corrupted files.
+    + libtiff/tif_pixarlog.c: avoid excessive memory allocation on
+      decoding when RowsPerStrip tag is not defined (and thus
+      td_rowsperstrip == UINT_MAX) Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2554
+    + libtiff/tif_lzw.c: fix 4.0.8 regression in the decoding of
+      old-style LZW compressed files.
+    + libtiff/tif_lzw.c: fix potential out-of-buffer read on 1-byte
+      LZW strips. Crashing issue only on memory mapped files, where
+      the strip offset is the last byte of the file, and the file
+      size is a multiple of one page size on the CPU architecture
+      (typically 4096)
+    + libtiff/tif_dir.c: avoid potential null pointer dereference
+      in _TIFFVGetField() on corrupted TIFFTAG_NUMBEROFINKS tag
+      instance.
+      Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2713
+    + tools/tiff2pdf.c: prevent heap buffer overflow write in "Raw"
+      mode on PlanarConfig=Contig input images. Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2715
+    + libtiff/tif_read.c: TIFFFillStrip() / TIFFFillTile().
+      Complementary fix for
+      http://bugzilla.maptools.org/show_bug.cgi?id=2708 in the
+      isMapped() case, so as to avoid excessive memory allocation
+      when we need a temporary buffer but the file is truncated.
+    + libtiff/tif_read.c: in TIFFFetchStripThing(), only grow the
+      arrays that hold StripOffsets/StripByteCounts, when they are
+      smaller than the expected number of striles, up to 1 million
+      striles, and error out beyond. Can be tweaked by setting the
+      environment variable LIBTIFF_STRILE_ARRAY_MAX_RESIZE_COUNT.
+      This partially goes against a change added on 2002-12-17 to
+      accept those arrays of wrong sizes, but is needed to avoid
+      denial of services. Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2350
+    + libtiff/tif_read.c: add protection against excessive memory
+      allocation attempts in TIFFReadDirEntryArray() on short files.
+      Effective for mmap'ed case. And non-mmap'ed case, but
+      restricted to 64bit builds. Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2675
+    + libtiff/tif_luv.c: LogLuvInitState(): avoid excessive memory
+      allocation when RowsPerStrip tag is missing. Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2683
+    + libtiff/tif_getimage.c: gtTileContig() and gtTileSeparate():
+      properly break from loops on error when stoponerr is set,
+      instead of going on iterating on row based loop.
+    + libtiff/tif_getimage.c: fix fromskew computation when
+      to-be-skipped pixel number is not a multiple of the horizontal
+      subsampling, and also in some other cases. Impact
+      putcontig8bitYCbCr44tile, putcontig8bitYCbCr42tile,
+      putcontig8bitYCbCr41tile, putcontig8bitYCbCr21tile and
+      putcontig8bitYCbCr12tile Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2637 and
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2691
+    + libtiff/tif_luv.c: further reduce memory requirements for
+      temporary buffer when RowsPerStrip >= image_length in
+      LogLuvInitState() and LogL16InitState(). Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2700
+    + libtiff/tif_dirwrite.c: replace assertion related to not
+      finding the SubIFD tag by runtime check (in
+      TIFFWriteDirectorySec()) Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2727
+    + libtiff/tif_dirwrite.c: replace assertion to tag value not
+      fitting on uint32 when selecting the value of SubIFD tag by
+      runtime check (in TIFFWriteDirectoryTagSubifd()). Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2728
+    + libtiff/tif_jpeg.c: accept reading the last strip of a JPEG
+      compressed file if the codestream height is larger than the
+      truncated height of the strip. Emit a warning in this
+      situation since this is non compliant.
+    + libtiff/tiffiop.h, tif_aux.c: redirect SeekOK() macro to a
+      _TIFFSeekoK() function that checks if the offset is not
+      bigger than INT64_MAX, so as to avoid a -1 error return code
+      of TIFFSeekFile() to match a required seek to UINT64_MAX/-1.
+      Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2726
+    + libtiff/tif_dirread.c: add NULL check to avoid likely false
+      positive null-pointer dereference warning by CLang Static
+      Analyzer.
+    + libtiff/libtiff.def: add TIFFReadRGBAStripExt and
+      TIFFReadRGBATileExt Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2735
+    + libtiff/tif_jpeg.c: add compatibility with libjpeg-turbo
+      1.5.2 that honours max_memory_to_use > 0. Cf
+      https://github.com/libjpeg-turbo/libjpeg-turbo/issues/162
+    + libtiff/tif_getimage.c: avoid floating point division by zero
+      in initCIELabConversion() Fixes
+      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3733
+  * Changes in the tools:
+    + tools/tiff2pdf.c: prevent heap buffer overflow write in "Raw"
+      mode on PlanarConfig=Contig input images. Fixes
+      http://bugzilla.maptools.org/show_bug.cgi?id=2715
+    + tools/tiffset.c: fix setting a single value for the
+      ExtraSamples tag (and other tags with variable number of
+      values). So 'tiffset -s ExtraSamples 1 X'. This only worked
+      when setting 2 or more values, but not just one.
+    + tools/fax2tiff.c (_FAX_Client_Data): Pass FAX_Client_Data as
+      the client data. This client data is not used at all at the
+      moment, but it makes the most sense. Issue that the value of
+      client_data.fd was passed where a pointer is expected.
+    + tools/tiff2pdf.c (t2p_sample_realize_palette): Fix possible
+      arithmetic overflow in bounds checking code and eliminate
+      comparison between signed and unsigned type.
+    + tools/tiff2bw.c (main): Free memory allocated in the tiff2bw
+      program. This is in response to the report associated with
+      CVE-2017-16232, bsc#1069213 but does not solve the extremely
+      high memory usage with the associated POC file.
+
 -------------------------------------------------------------------
 Tue Jun 20 08:15:57 UTC 2017 - fstrba@suse.com
 
-- Upgrade to upstream relaase 4.0.8
+- Upgrade to upstream release 4.0.8
   * libtiff/tif_getimage.c, libtiff/tif_open.c
     + add parenthesis to fix cppcheck clarifyCalculation warnings
   * libtiff/tif_predict.c, libtiff/tif_print.c

tiff.spec

@@ -17,7 +17,7 @@
 
 
 Name:           tiff
-Version:        4.0.8
+Version:        4.0.9
 Release:        0
 Summary:        Tools for Converting from and to the Tagged Image File Format
 License:        HPND