From 74e51d9f9bb58dbbad225840281ed08af636073837453f4b3d21fba6a5beb23e Mon Sep 17 00:00:00 2001
From: Michael Vetter <jubalh@iodoru.org>
Date: Mon, 19 Nov 2018 14:15:22 +0000
Subject: [PATCH] Accepting request 650208 from home:pgajdos

- security update
  * CVE-2018-19210 [bsc#1115717]
    + tiff-CVE-2018-19210.patch

OBS-URL: https://build.opensuse.org/request/show/650208
OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=132
---
 tiff-CVE-2018-19210.patch | 14 ++++++++++++++
 tiff.changes              |  7 +++++++
 tiff.spec                 |  2 ++
 3 files changed, 23 insertions(+)
 create mode 100644 tiff-CVE-2018-19210.patch

diff --git a/tiff-CVE-2018-19210.patch b/tiff-CVE-2018-19210.patch
new file mode 100644
index 0000000..c9fde26
--- /dev/null
+++ b/tiff-CVE-2018-19210.patch
@@ -0,0 +1,14 @@
+Index: tiff-4.0.10/libtiff/tif_dirwrite.c
+===================================================================
+--- tiff-4.0.10.orig/libtiff/tif_dirwrite.c	2018-06-24 22:26:30.335763566 +0200
++++ tiff-4.0.10/libtiff/tif_dirwrite.c	2018-11-19 14:21:42.703256410 +0100
+@@ -1883,6 +1883,9 @@ TIFFWriteDirectoryTagTransferfunction(TI
+ 	}
+ 	m=(1<<tif->tif_dir.td_bitspersample);
+ 	n=tif->tif_dir.td_samplesperpixel-tif->tif_dir.td_extrasamples;
++        if (tif->tif_dir.td_transferfunction[2] == NULL ||
++            tif->tif_dir.td_transferfunction[1] == NULL)
++          n = 1;
+ 	/*
+ 	 * Check if the table can be written as a single column,
+ 	 * or if it must be written as 3 columns.  Note that we
diff --git a/tiff.changes b/tiff.changes
index 3bd8498..b055ee1 100644
--- a/tiff.changes
+++ b/tiff.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Nov 19 13:56:48 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
+
+- security update
+  * CVE-2018-19210 [bsc#1115717]
+    + tiff-CVE-2018-19210.patch
+
 -------------------------------------------------------------------
 Tue Nov 13 10:20:45 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
 
diff --git a/tiff.spec b/tiff.spec
index 3662cd3..95aa1e4 100644
--- a/tiff.spec
+++ b/tiff.spec
@@ -34,6 +34,7 @@ Patch1:         tiff-4.0.3-compress-warning.patch
 # http://bugzilla.maptools.org/show_bug.cgi?id=2798
 # https://gitlab.com/libtiff/libtiff/merge_requests/44
 Patch2:         tiff-CVE-2018-12900.patch
+Patch3:         tiff-CVE-2018-19210.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libjbig-devel
 BuildRequires:  libjpeg-devel
@@ -73,6 +74,7 @@ the libtiff library.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 CFLAGS="%{optflags} -fPIE"