- updated to 3.9.4: fixes CVE-2010-2065 -- obsoletes

* integer-overflow.patch * NULL-deref.patch - fixes CVE-2010-2067 OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=21
2010-07-12 14:40:09 +00:00
parent eb86a43286
commit 75ab37b55f
8 changed files with 82 additions and 5 deletions
--- a/tiff.spec
+++ b/tiff.spec
@@ -28,14 +28,16 @@ Obsoletes:      tiff-64bit
 %endif
 #
 Url:            http://www.remotesensing.org/libtiff/
-Version:        3.9.2
-Release:        3
+Version:        3.9.4
+Release:        4
 Summary:        Tools for Converting from and to the Tiff  Format
 Source:         tiff-%{version}.tar.bz2
 Source2:        README.SUSE
 Source3:        baselibs.conf
 Patch2:         tiff-%{version}-seek.patch
 Patch3:         tiff-%{version}-tiff2pdf-colors.patch
+Patch6:         tiff-%{version}-oob-read.patch
+Patch7:         tiff-%{version}-getimage-64bit.patch
 # FYI: this issue is solved another way
 # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1
 # Patch9:         tiff-%{version}-lzw-CVE-2009-2285.patch
@@ -97,6 +99,8 @@ the libtiff library.
 %setup -q 
 %patch2
 %patch3 -p1
+%patch6 -p1
+%patch7 -p1
 find -type d -name "CVS" | xargs rm -rfv
 find -type d | xargs chmod 755