OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=99

tiff-CVE-2016-10272.patch

@@ -0,0 +1,11 @@
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -2895,7 +2895,7 @@ tsize_t t2p_readwrite_pdf_image_tile(T2P* t2p, TIFF* input, TIFF* output, ttile_
+ 				return(0);
+ 			}
+ 			if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) {
+-				if (count >= 4) {
++				if (count > 4) {
+                                         int retTIFFReadRawTile;
+                     /* Ignore EOI marker of JpegTables */
+ 					_TIFFmemcpy(buffer, jpt, count - 2);

tiff.changes

@@ -24,6 +24,11 @@ Wed Mar 29 07:55:02 UTC 2017 - fstrba@suse.com
       attackers to cause a denial of service (heap-based buffer
       over-read) or possibly have unspecified other impact via a
       crafted TIFF image (bsc#1031250)
+  * tiff-CVE-2016-10272.patch
+    + Upstream fix for CVE-2016-10272, LibTIFF 4.0.7 allows remote
+	  attackers to cause a denial of service (heap-based buffer
+	  overflow) or possibly have unspecified other impact via a
+	  crafted TIFF image (bsc#1031247)
 
 -------------------------------------------------------------------
 Thu Feb  2 13:40:16 UTC 2017 - fstrba@suse.com

tiff.spec

@@ -43,6 +43,7 @@ Patch7:         tiff-CVE-2016-10267.patch
 Patch8:         tiff-CVE-2016-10268.patch
 Patch9:         tiff-CVE-2016-10269.patch
 Patch10:        tiff-CVE-2016-10270.patch
+Patch12:        tiff-CVE-2016-10272.patch
 
 BuildRequires:  gcc-c++
 BuildRequires:  libjpeg-devel
@@ -114,6 +115,7 @@ the libtiff library.
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch12 -p1
 
 %build
 CFLAGS="%{optflags} -fPIE"