pool/tiff
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 631401 from graphics

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/631401
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tiff?expand=0&rev=74
This commit is contained in:
Yuchen Lin 2018-09-11 15:10:49 +00:00 committed by Git OBS Bridge
commit 63cde53898
3 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
tiff-CVE-2018-10779.patch Normal file
View File

@ -0,0 +1,19 @@
diff --git a/libtiff/tif_write.c b/libtiff/tif_write.c
index 586f6fdff66a7a0c1864dbe1e2c5831602b055ce..a31ecd12c133ac18bed6bfbc97fcbad5e19a3257 100644
--- a/libtiff/tif_write.c
+++ b/libtiff/tif_write.c
@@ -538,9 +538,11 @@ TIFFSetupStrips(TIFF* tif)
if (td->td_planarconfig == PLANARCONFIG_SEPARATE)
td->td_stripsperimage /= td->td_samplesperpixel;
td->td_stripoffset = (uint64 *)
- _TIFFmalloc(td->td_nstrips * sizeof (uint64));
+ _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64),
+ "for \"StripOffsets\" array");
td->td_stripbytecount = (uint64 *)
- _TIFFmalloc(td->td_nstrips * sizeof (uint64));
+ _TIFFCheckMalloc(tif, td->td_nstrips, sizeof (uint64),
+ "for \"StripByteCounts\" array");
if (td->td_stripoffset == NULL || td->td_stripbytecount == NULL)
return (0);
/*

12
tiff.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Fri Aug 24 11:43:53 UTC 2018 - pgajdos@suse.com
- remove pal2rgb tool [bsc#1071031]
-------------------------------------------------------------------
Wed Aug 15 15:10:32 UTC 2018 - pgajdos@suse.com
- security update
* CVE-2018-10779 [bsc#1092480]
+ tiff-CVE-2018-10779.patch
-------------------------------------------------------------------
Tue Jun 5 12:21:02 UTC 2018 - pgajdos@suse.com

8
tiff.spec
View File

@ -37,6 +37,7 @@ Patch5: tiff-CVE-2017-18013.patch
Patch6: tiff-CVE-2018-7456.patch
Patch7: tiff-CVE-2017-11613.patch
Patch8: tiff-CVE-2018-8905.patch
Patch9: tiff-CVE-2018-10779.patch
BuildRequires: gcc-c++
BuildRequires: libjpeg-devel
@ -107,6 +108,7 @@ the libtiff library.
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%build
CFLAGS="%{optflags} -fPIE"
@ -127,6 +129,12 @@ cp %{SOURCE2} .
rm -rf %{buildroot}%{_datadir}/doc/tiff*
find %{buildroot} -type f -name "*.la" -delete -print
find html -name "Makefile*" | xargs rm
# remove pal2rgb, bsc#1071031
for tool in pal2rgb; do
rm %{buildroot}%{_bindir}/$tool
rm %{buildroot}%{_mandir}/man1/$tool.1
rm html/man/$tool.1.html
done
%check
for i in tools test; do