From 16b046bbc2a8918b363a39ac9dda9497748ca8b4dbf348eaab7ebad5f10fad8a Mon Sep 17 00:00:00 2001 From: Fridrich Strba Date: Wed, 21 Jun 2017 09:11:42 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=104 --- tiff.changes | 96 ++++++++++++++++++++++++++-------------------------- tiff.spec | 10 +++--- 2 files changed, 53 insertions(+), 53 deletions(-) diff --git a/tiff.changes b/tiff.changes index 6395aa8..09d8749 100644 --- a/tiff.changes +++ b/tiff.changes @@ -225,7 +225,7 @@ Tue Jun 20 08:15:57 UTC 2017 - fstrba@suse.com + initYCbCrConversion(): stricter validation for refBlackWhite coefficients values. To avoid invalid float->int32 conversion. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1718 - Credit to OSS Fuzz + Credit to OSS Fuzz * tools/fax2tiff.c (main) + Applied patch by Joerg Ahrens to fix passing client data for Win32 builds using tif_win32.c (USE_WIN32_FILEIO defined) for @@ -391,7 +391,7 @@ Mon Dec 19 10:09:38 UTC 2016 - jengelh@inai.de ------------------------------------------------------------------- Mon Dec 19 10:03:58 UTC 2016 - idonmez@suse.com -- Update homepage +- Update homepage ------------------------------------------------------------------- Tue Nov 29 08:45:11 UTC 2016 - fstrba@suse.com @@ -427,7 +427,7 @@ Tue Nov 29 08:45:11 UTC 2016 - fstrba@suse.com + In TIFFFetchNormalTag(), make sure that values of tags with TIFF_SETGET_C16_ASCII/TIFF_SETGET_C32_ASCII access are null terminated, to avoid potential read outside buffer in - _TIFFPrintField(). Fixes + _TIFFPrintField(). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 (CVE-2016-9297, bsc#1010161) + Initialize doubledata at line 3693 to NULL to please MSVC 2013 @@ -535,7 +535,7 @@ Tue Nov 29 08:45:11 UTC 2016 - fstrba@suse.com + TIFFWriteEncodedStrip() and TIFFWriteEncodedTile() should return -1 in case of failure of tif_encodestrip() as documented * tools/fax2tiff.D c - + Fix segfault when specifying -r without argument. Fixes + + Fix segfault when specifying -r without argument. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2572 * tools/Makefile.am + The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, @@ -708,56 +708,56 @@ Tue Dec 8 15:55:30 UTC 2015 - p.drouand@gmail.com - Update to version 4.0.6 * Supports CMake 2.8.9 and later. - * Add missing file which wasn't being distributed, causing unit + * Add missing file which wasn't being distributed, causing unit tests to fail. * Make shared/static library building configurable. - * CMake reads all version information directly from configure.ac + * CMake reads all version information directly from configure.ac to avoid duplication of values. - * CMake builds are now included in 'distcheck' target. - * Autotools 'make distcheck' now tests the CMake-based build if - CMake is available. - * Fixes to avoid undefined behaviour of signed types (C standard + * CMake builds are now included in 'distcheck' target. + * Autotools 'make distcheck' now tests the CMake-based build if + CMake is available. + * Fixes to avoid undefined behaviour of signed types (C standard compliance). * Fixes to avoid possible isses when casting to unsigned char. * Fixes to avoid undefined behaviour with shifts. - * Fix generation of output with 16 bit or 32 bit integer, when + * Fix generation of output with 16 bit or 32 bit integer, when byte swapping is needed, in horizontal predictor (#2521). - * Fix decoding when there is a single pixel to decode + * Fix decoding when there is a single pixel to decode (unlikely case...) and byte swapping is involved. * Add add explicit masking with 0xff before casting to uchar in floating-point horizontal differencing and accumulation routines. - * Eliminate requirement for and use of 64-bit constant values. - * tiffgt : Silence glut API deprecation warnings on MacOS X. + * Eliminate requirement for and use of 64-bit constant values. + * tiffgt : Silence glut API deprecation warnings on MacOS X. * fax2ps : Detect failure to write to temporary file. - Changes from version 4.0.5 * Support for configure/build using CMake. - * Support for large (> 2GB) files under Microsoft Windows. - * Configuration and building using CMake is now supported under - Microsoft Windows and on Unix-type systems. + * Support for large (> 2GB) files under Microsoft Windows. + * Configuration and building using CMake is now supported under + Microsoft Windows and on Unix-type systems. * Test for and use fseeko() if it is available. This allows supporting - large files on Unix-type systems with a 32-bit 'long' type and a - 64-bit 'off_t' type. - * tiffiop.h: Macros added to use 64-bit equivalents for all standard - I/O and POSIX APIs used by libtiff and its tools which are limited - to 2GB in Windows builds. Note that these 64-bit equivalents were - introduced by the CRT provided with Visual Studio 2005 and if the - necessary CRT is not installed on the target computer, the program - will not run. The wrapper macros will not be activated unless the - definition _MSC_VER is at least 1400 or __MSVCRT_VERSION__ is at - least 0x800. - * tif_unix.c: Updated to support large files under Microsoft Windows. - This makes tif_unix.c a completely viable candidate for use under - Windows (in spite of its name) if the CRT is modern enough. Please - note that tif_win32.c already supported large files, but only + large files on Unix-type systems with a 32-bit 'long' type and a + 64-bit 'off_t' type. + * tiffiop.h: Macros added to use 64-bit equivalents for all standard + I/O and POSIX APIs used by libtiff and its tools which are limited + to 2GB in Windows builds. Note that these 64-bit equivalents were + introduced by the CRT provided with Visual Studio 2005 and if the + necessary CRT is not installed on the target computer, the program + will not run. The wrapper macros will not be activated unless the + definition _MSC_VER is at least 1400 or __MSVCRT_VERSION__ is at + least 0x800. + * tif_unix.c: Updated to support large files under Microsoft Windows. + This makes tif_unix.c a completely viable candidate for use under + Windows (in spite of its name) if the CRT is modern enough. Please + note that tif_win32.c already supported large files, but only 'tiffinfo' and 'tiffdump' made any provision to support large files under Windows. - * _tiffReadProc() and _tiffWriteProc() are modified to chunk I/O to a - maximum size of 2GB for extremely large I/O requests. This surmounts - limitations in the Microsoft Windows read() and write() APIs (which - are limited to the range of a 32-bit 'int'), and may avoid poor - behavior with extremely large I/O requests on other systems. - * Updated to use I/O wrapper macros from tiffiop.h in order to - support large files under Microsoft Windows. + * _tiffReadProc() and _tiffWriteProc() are modified to chunk I/O to a + maximum size of 2GB for extremely large I/O requests. This surmounts + limitations in the Microsoft Windows read() and write() APIs (which + are limited to the range of a 32-bit 'int'), and may avoid poor + behavior with extremely large I/O requests on other systems. + * Updated to use I/O wrapper macros from tiffiop.h in order to + support large files under Microsoft Windows. ------------------------------------------------------------------- Tue Aug 4 08:17:35 UTC 2015 - kstreitova@suse.com @@ -883,9 +883,9 @@ Wed Jun 20 09:29:37 UTC 2012 - pgajdos@suse.com Improve handling of corrupt ycbcrsubsampling values. tif_unix.c: use strerror to get meaningful error messages. tif_jpeg.c: fix serious bugs in JPEGDecodeRaw(). - tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173). - tiff2pdf: Defend against integer overflows while calculating required - buffer sizes (CVE-2012-2113). + tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173). + tiff2pdf: Defend against integer overflows while calculating required + buffer sizes (CVE-2012-2113). ------------------------------------------------------------------- Tue Apr 10 17:37:25 UTC 2012 - brian@aljex.com @@ -898,7 +898,7 @@ Thu Mar 29 09:51:49 UTC 2012 - idonmez@suse.com - Add lzma support - Implement %check -- Drop visibility patch because it breaks compilation +- Drop visibility patch because it breaks compilation ------------------------------------------------------------------- Wed Mar 28 18:06:34 UTC 2012 - i@marguerite.su @@ -955,7 +955,7 @@ Wed Nov 23 09:31:16 UTC 2011 - coolo@suse.com ------------------------------------------------------------------- Fri Aug 5 21:09:33 UTC 2011 - crrodriguez@opensuse.org -- Do not use -fno-strict-aliasing, no longer needed +- Do not use -fno-strict-aliasing, no longer needed and will probably slow down the code. - Fix self-obsoletion warning @@ -1052,7 +1052,7 @@ Thu Jul 2 16:33:02 CEST 2009 - nadvornik@suse.cz ------------------------------------------------------------------- Wed Feb 4 15:49:04 CET 2009 - nadvornik@suse.cz -- fixed an endless loop on invalid images +- fixed an endless loop on invalid images (bnc#444079) CVE-2008-1586 ------------------------------------------------------------------- @@ -1089,7 +1089,7 @@ Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de ------------------------------------------------------------------- Fri Jul 27 15:58:49 CEST 2007 - ro@suse.de -- add provides and obsoletes for libtiff to libtiff3 package +- add provides and obsoletes for libtiff to libtiff3 package ------------------------------------------------------------------- Thu Jul 19 15:01:40 CEST 2007 - nadvornik@suse.cz @@ -1163,7 +1163,7 @@ Thu Feb 17 13:38:57 CET 2005 - nadvornik@suse.cz ------------------------------------------------------------------- Sun Jan 16 20:05:53 CET 2005 - ro@suse.de -- added c++ to neededforbuild +- added c++ to neededforbuild ------------------------------------------------------------------- Fri Jan 7 15:41:40 CET 2005 - nadvornik@suse.cz @@ -1281,7 +1281,7 @@ Wed Jul 3 13:41:23 CEST 2002 - nadvornik@suse.cz ------------------------------------------------------------------- Wed Jun 26 01:25:38 CEST 2002 - ro@suse.de -- fixed directory permissions +- fixed directory permissions ------------------------------------------------------------------- Wed Jun 19 12:35:20 CEST 2002 - nadvornik@suse.cz @@ -1337,7 +1337,7 @@ Thu May 11 09:41:12 CEST 2000 - nadvornik@suse.cz ------------------------------------------------------------------- Tue Jan 25 17:12:06 CET 2000 - ro@suse.de -- manpages to /usr/share using macro +- manpages to /usr/share using macro ------------------------------------------------------------------- Mon Jan 3 15:10:55 CET 2000 - schwab@suse.de diff --git a/tiff.spec b/tiff.spec index cf71c78..efa0750 100644 --- a/tiff.spec +++ b/tiff.spec @@ -53,11 +53,11 @@ BuildRequires: libjbig-devel %endif %description -This package contains the library and support programs for the Tagged -Image File Format (TIFF). +This package contains the library and support programs for the TIFF +image format. %package -n libtiff5 -Summary: The TIFF Library (with JPEG and compression support) +Summary: The Tiff Library (with JPEG and compression support) Group: System/Libraries Provides: libtiff = %{version} # bug437293 @@ -67,12 +67,12 @@ Obsoletes: libtiff-64bit # %description -n libtiff5 -This package includes the TIFF libraries. To link a program with +This package includes the tiff libraries. To link a program with libtiff, you will have to add -ljpeg and -lz to include the necessary libjpeg and libz in the linking process. %package -n libtiff-devel -Summary: Development tools for programs which will use the TIFF library +Summary: Development Tools for Programs which will use the libtiff Library Group: Development/Libraries/C and C++ Requires: glibc-devel Requires: libstdc++-devel