From 276dcc784a594ebc8d8e9ceec90b8b7aaa1a68cd438332eb3f085455a15f3998 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= <ismail@i10z.com>
Date: Tue, 15 May 2018 12:56:19 +0000
Subject: [PATCH] Accepting request 607515 from home:pgajdos

- security update
  * CVE-2018-10963 [bsc#1092949]
    + tiff-CVE-2018-10963.patch

OBS-URL: https://build.opensuse.org/request/show/607515
OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=116
---
 tiff-CVE-2018-10963.patch | 19 +++++++++++++++++++
 tiff.changes              |  7 +++++++
 tiff.spec                 |  2 ++
 3 files changed, 28 insertions(+)
 create mode 100644 tiff-CVE-2018-10963.patch

diff --git a/tiff-CVE-2018-10963.patch b/tiff-CVE-2018-10963.patch
new file mode 100644
index 0000000..0a0dc51
--- /dev/null
+++ b/tiff-CVE-2018-10963.patch
@@ -0,0 +1,19 @@
+diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
+index 2430de6..c15a28d 100644
+--- a/libtiff/tif_dirwrite.c
++++ b/libtiff/tif_dirwrite.c
+@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
+ 								}
+ 								break;
+ 							default:
+-								assert(0);   /* we should never get here */
+-								break;
++								TIFFErrorExt(tif->tif_clientdata,module,
++								            "Cannot write tag %d (%s)",
++								            TIFFFieldTag(o),
++                                                                            o->field_name ? o->field_name : "unknown");
++								goto bad;
+ 						}
+ 					}
+ 				}
+
diff --git a/tiff.changes b/tiff.changes
index 8b71384..c1916f1 100644
--- a/tiff.changes
+++ b/tiff.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue May 15 12:26:45 UTC 2018 - pgajdos@suse.com
+
+- security update
+  * CVE-2018-10963 [bsc#1092949]
+    + tiff-CVE-2018-10963.patch
+
 -------------------------------------------------------------------
 Tue Feb 20 16:18:33 UTC 2018 - mvetter@suse.com
 
diff --git a/tiff.spec b/tiff.spec
index 433d9f7..949e8ca 100644
--- a/tiff.spec
+++ b/tiff.spec
@@ -32,6 +32,7 @@ Patch1:         tiff-4.0.3-compress-warning.patch
 # Contained in upstream repo. See bsc#1046077 for commit IDs.
 Patch2:         tiff-4.0.9-bsc1046077-CVE-2017-9935.patch
 Patch3:         tiff-4.0.9-bsc1081690-CVE-2018-5784.patch
+Patch4:         tiff-CVE-2018-10963.patch
 
 BuildRequires:  gcc-c++
 BuildRequires:  libjpeg-devel
@@ -97,6 +98,7 @@ the libtiff library.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 CFLAGS="%{optflags} -fPIE"