From 30b7aa05f26eb95f799c13adee40b4b3979c752dd2289346854358d476335614 Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Thu, 12 Feb 2009 22:04:23 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/openSUSE:Factory/tiff?expand=0&rev=10

---
 tiff-3.8.2-bnc444079.patch | 11 +++++++++++
 tiff.changes               |  6 ++++++
 tiff.spec                  |  7 ++++++-
 3 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 tiff-3.8.2-bnc444079.patch

diff --git a/tiff-3.8.2-bnc444079.patch b/tiff-3.8.2-bnc444079.patch
new file mode 100644
index 0000000..11efbb7
--- /dev/null
+++ b/tiff-3.8.2-bnc444079.patch
@@ -0,0 +1,11 @@
+--- libtiff/tif_dirread.c
++++ libtiff/tif_dirread.c
+@@ -870,7 +870,7 @@
+ 
+ 	register TIFFDirEntry *dp;
+ 	register TIFFDirectory *td = &tif->tif_dir;
+-	uint16 i;
++	uint32 i;
+ 
+ 	if (td->td_stripbytecount)
+ 		_TIFFfree(td->td_stripbytecount);
diff --git a/tiff.changes b/tiff.changes
index 5840597..5f8706f 100644
--- a/tiff.changes
+++ b/tiff.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Feb  4 15:49:04 CET 2009 - nadvornik@suse.cz
+
+- fixed an endless loop on invalid images 
+  (bnc#444079) CVE-2008-1586
+
 -------------------------------------------------------------------
 Tue Jan 13 16:19:37 CET 2009 - olh@suse.de
 
diff --git a/tiff.spec b/tiff.spec
index 8d30d02..d4b4780 100644
--- a/tiff.spec
+++ b/tiff.spec
@@ -29,7 +29,7 @@ Obsoletes:      tiff-64bit
 #
 Url:            http://www.remotesensing.org/libtiff/
 Version:        3.8.2
-Release:        139
+Release:        142
 Summary:        Tools for Converting from and to the Tiff  Format
 Source:         tiff-%{version}.tar.bz2
 Source1:        jpegint.h
@@ -40,6 +40,7 @@ Patch4:         tiff-%{version}-tiffsplit-CVE-2006-2656.patch
 Patch5:         tiff-%{version}-tif_lzw.c-CVE-2008-2327.patch
 Patch6:         tiff-%{version}-tif_lzw.c-CVE-2008-2327-2.patch
 Patch7:         tiff-am.patch
+Patch8:         tiff-3.8.2-bnc444079.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -102,6 +103,7 @@ the libtiff library.
 %patch5
 %patch6
 %patch7
+%patch8
 cp %{S:1} libtiff
 find -type d -name "CVS" | xargs rm -rfv
 find -type d | xargs chmod 755
@@ -152,6 +154,9 @@ rm -rf $RPM_BUILD_ROOT
 %doc %{_mandir}/man3/*
 
 %changelog
+* Wed Feb 04 2009 nadvornik@suse.cz
+- fixed an endless loop on invalid images
+  (bnc#444079) CVE-2008-1586
 * Tue Jan 13 2009 olh@suse.de
 - obsolete old libtiff-64bit on ppc64 (bnc#437293)
 * Wed Jan 07 2009 olh@suse.de