- updated to 4.0.3:

* Add some TIFF/FX support in libtiff. * Fix bug rewriting image tiles in a compressed file. * Fix read past end of data buffer. * etc., see ChangeLog - removed upstreamed patches: * bigendian.patch * dont-fancy-upsampling.patch * CVE-2012-3401.patch - new patch: * test-jpeg-turbo.patch * CVE-2012-4564.patch [bnc#787892] OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=51
2012-11-05 13:22:09 +00:00 · 2012-11-05 13:22:09 +00:00 · 75ad3872a9
commit 75ad3872a9
parent 37fb09c0a4
11 changed files with 90 additions and 51 deletions
--- a/tiff-4.0.2-CVE-2012-3401.patch
+++ b/tiff-4.0.2-CVE-2012-3401.patch
@ -1,12 +0,0 @@
-Index: tools/tiff2pdf.c
-===================================================================
--- tools/tiff2pdf.c.orig
-+++ tools/tiff2pdf.c
-@@ -1066,6 +1066,7 @@ void t2p_read_tiff_init(T2P* t2p, TIFF*
- 				"Can't set directory %u of input file %s", 
- 				i,
- 				TIFFFileName(input));
-+                       t2p->t2p_error = T2P_ERR_ERROR;
- 			return;
- 		}
- 		if(TIFFGetField(input, TIFFTAG_PAGENUMBER, &pagen, &paged)){
--- a/tiff-4.0.2-dont-fancy-upsampling.patch
+++ b/tiff-4.0.2-dont-fancy-upsampling.patch
@ -1,11 +0,0 @@
-diff -urN tiff-4.0.1.orig/libtiff/tif_jpeg.c tiff-4.0.1/libtiff/tif_jpeg.c
--- tiff-4.0.1.orig/libtiff/tif_jpeg.c	2012-03-29 01:03:15.680848289 +0800
-+++ tiff-4.0.1/libtiff/tif_jpeg.c	2012-03-29 01:09:09.212428534 +0800
-@@ -1175,6 +1175,7 @@
- 	if (downsampled_output) {
- 		/* Need to use raw-data interface to libjpeg */
- 		sp->cinfo.d.raw_data_out = TRUE;
-+		sp->cinfo.d.do_fancy_upsampling = FALSE;
- 		tif->tif_decoderow = DecodeRowError;
- 		tif->tif_decodestrip = JPEGDecodeRaw;
- 		tif->tif_decodetile = JPEGDecodeRaw;
--- a/tiff-4.0.2.tar.bz2
+++ b/tiff-4.0.2.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:82878047b0513f606428cb13df4b3fa4326c64043843da2cd676e15f0711b9d4
-size 1738297
--- a/tiff-4.0.3-CVE-2012-4564.patch
+++ b/tiff-4.0.3-CVE-2012-4564.patch
@ -0,0 +1,34 @@
+https://bugzilla.redhat.com/attachment.cgi?id=635949&action=diff
+Index: tools/ppm2tiff.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/ppm2tiff.c,v
+--- tools/ppm2tiff.c	10 Apr 2010 19:22:34 -0000	1.16
+++ tools/ppm2tiff.c	31 Oct 2012 06:25:13 -0000
+@@ -89,6 +89,7 @@ 
+ 	int c;
+ 	extern int optind;
+ 	extern char* optarg;
+	tmsize_t scanline_size;
+ 
+ 	if (argc < 2) {
+ 	    fprintf(stderr, "%s: Too few arguments\n", argv[0]);
+@@ -237,8 +238,16 @@ 
+ 	}
+ 	if (TIFFScanlineSize(out) > linebytes)
+ 		buf = (unsigned char *)_TIFFmalloc(linebytes);
+-	else
+-		buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
+	else {
+		scanline_size = TIFFScanlineSize(out);
+		if (scanline_size != 0)
+			buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
+		else {
+			fprintf(stderr, "%s: scanline size overflow\n",infile);
+			(void) TIFFClose(out);
+			exit(-2);					
+			}
+		}
+ 	if (resolution > 0) {
+ 		TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution);
+ 		TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution);
+
--- a/tiff-4.0.3-seek.patch
+++ b/tiff-4.0.3-seek.patch
--- a/tiff-4.0.3-test-jpeg-turbo.patch
+++ b/tiff-4.0.3-test-jpeg-turbo.patch
@ -0,0 +1,29 @@
+From ChangeLog:
+
+       * test/raw_decode.c (main): Test fixes to work with IJG JPEG 7+.
+        IJG JPEG 7+ uses a different upsampling algorithm which produces
+        different numeric results.
+
+this seems not apply for libjpeg-turbo.
+Index: tiff-4.0.3/test/raw_decode.c
+===================================================================
+--- tiff-4.0.3.orig/test/raw_decode.c
+++ tiff-4.0.3/test/raw_decode.c
+@@ -191,7 +191,7 @@ main(int argc, char **argv)
+ 		return 1;
+ 	}
+ 
+-#if JPEG_LIB_VERSION >= 70
+#if JPEG_LIB_VERSION >= 70 && !defined(LIBJPEG_TURBO_VERSION)
+ 	pixel_status |= check_rgb_pixel( 0, 18, 0, 41, buffer );
+ 	pixel_status |= check_rgb_pixel( 64, 0, 0, 0, buffer );
+ 	pixel_status |= check_rgb_pixel( 512, 5, 34, 196, buffer );
+@@ -224,7 +224,7 @@ main(int argc, char **argv)
+ 	 * accomplish it from the YCbCr subsampled buffer ourselves in which
+ 	 * case the results may be subtly different but similar.
+ 	 */
+-#if JPEG_LIB_VERSION >= 70
+#if JPEG_LIB_VERSION >= 70 && !defined(LIBJPEG_TURBO_VERSION)
+ 	pixel_status |= check_rgba_pixel( 0, 18, 0, 41, 255, rgba_buffer );
+ 	pixel_status |= check_rgba_pixel( 64, 0, 0, 0, 255, rgba_buffer );
+ 	pixel_status |= check_rgba_pixel( 512, 5, 34, 196, 255, rgba_buffer );
--- a/tiff-4.0.3-tiff2pdf-colors.patch
+++ b/tiff-4.0.3-tiff2pdf-colors.patch
--- a/tiff-4.0.3.tar.bz2
+++ b/tiff-4.0.3.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b83e669618c1252b9ec6a32a7f1ca362be74654bc2e566bc60680db685eae3c6
+size 1697492
--- a/tiff-bigendian.patch
+++ b/tiff-bigendian.patch
@ -1,15 +0,0 @@
--- tiff-4.0.2/test/raw_decode.c.xx	2012-06-28 11:48:43.000000000 +0200
-+++ tiff-4.0.2/test/raw_decode.c	2012-06-28 12:15:46.000000000 +0200
-@@ -85,9 +85,9 @@
- static int check_rgba_pixel( int pixel, int red, int green, int blue, int alpha, unsigned char *buffer ) {
- 	/* RGBA images are upside down - adjust for normal ordering */
- 	int adjusted_pixel = pixel % 128 + (127 - (pixel/128)) * 128;
-	unsigned char *rgba = buffer + 4 * adjusted_pixel;
-	
-	if( rgba[0] == red && rgba[1] == green && rgba[2] == blue && rgba[3] == alpha ) {
-+	unsigned int *rgba = (unsigned int*)(buffer + 4 * adjusted_pixel);
-+
-+	if( TIFFGetR(*rgba) == red && TIFFGetG(*rgba) == green && TIFFGetB(*rgba) == blue && TIFFGetA(*rgba) == alpha ) {
- 		return 0;
- 	}
- 
--- a/tiff.changes
+++ b/tiff.changes
@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Mon Nov  5 09:27:59 UTC 2012 - pgajdos@suse.com
+
+- updated to 4.0.3:
+  * Add some TIFF/FX support in libtiff.
+  * Fix bug rewriting image tiles in a compressed file.
+  * Fix read past end of data buffer.
+  * etc., see ChangeLog
+- removed upstreamed patches:
+  * bigendian.patch
+  * dont-fancy-upsampling.patch
+  * CVE-2012-3401.patch
+- new patch:
+  * test-jpeg-turbo.patch
+  * CVE-2012-4564.patch [bnc#787892]
+
 -------------------------------------------------------------------
 Mon Jul 23 09:52:50 UTC 2012 - pgajdos@suse.com

--- a/tiff.spec
+++ b/tiff.spec
@ -37,7 +37,7 @@ Obsoletes:      tiff-64bit
 %if 0%{?suse_version} > 1210
 BuildRequires:  libjbig-devel
 %endif
-Version:        4.0.2
+Version:        4.0.3
 Release:        0
 Summary:        Tools for Converting from and to the Tiff Format
 License:        HPND
@ -46,11 +46,10 @@ Url:            http://www.remotesensing.org/libtiff
 Source:         tiff-%{version}.tar.bz2
 Source2:        README.SUSE
 Source3:        baselibs.conf
-Patch2:         tiff-%{version}-seek.patch
-Patch3:         tiff-%{version}-tiff2pdf-colors.patch
-Patch9:         tiff-%{version}-dont-fancy-upsampling.patch
-Patch10:        tiff-bigendian.patch
-Patch11:        tiff-%{version}-CVE-2012-3401.patch
+Patch0:         tiff-%{version}-test-jpeg-turbo.patch
+Patch1:         tiff-%{version}-seek.patch
+Patch2:         tiff-%{version}-tiff2pdf-colors.patch
+Patch3:         tiff-%{version}-CVE-2012-4564.patch
 # FYI: this issue is solved another way
 # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1
 # Patch9:         tiff-%{version}-lzw-CVE-2009-2285.patch
@ -94,11 +93,10 @@ the libtiff library.

 %prep
 %setup -q
+%patch0 -p1
+%patch1 -p1
 %patch2 -p1
-%patch3 -p1
-%patch9 -p1
-%patch10 -p1
-%patch11
+%patch3

 %build
 %configure --disable-static --with-pic