Accepting request 128740 from graphics

-  fixed CVE-2012-3401 [bnc#770816]

OBS-URL: https://build.opensuse.org/request/show/128740
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tiff?expand=0&rev=42

tiff-4.0.2-CVE-2012-3401.patch

@@ -0,0 +1,12 @@
+Index: tools/tiff2pdf.c
+===================================================================
+--- tools/tiff2pdf.c.orig
++++ tools/tiff2pdf.c
+@@ -1066,6 +1066,7 @@ void t2p_read_tiff_init(T2P* t2p, TIFF*
+ 				"Can't set directory %u of input file %s", 
+ 				i,
+ 				TIFFFileName(input));
++                       t2p->t2p_error = T2P_ERR_ERROR;
+ 			return;
+ 		}
+ 		if(TIFFGetField(input, TIFFTAG_PAGENUMBER, &pagen, &paged)){

tiff.changes

@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Jul 23 09:52:50 UTC 2012 - pgajdos@suse.com
+
+-  fixed CVE-2012-3401 [bnc#770816]
+
 -------------------------------------------------------------------
 Thu Jun 28 10:16:29 UTC 2012 - meissner@suse.com
 

tiff.spec

@@ -50,6 +50,7 @@ Patch2:         tiff-%{version}-seek.patch
 Patch3:         tiff-%{version}-tiff2pdf-colors.patch
 Patch9:         tiff-%{version}-dont-fancy-upsampling.patch
 Patch10:        tiff-bigendian.patch
+Patch11:        tiff-%{version}-CVE-2012-3401.patch
 # FYI: this issue is solved another way
 # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1
 # Patch9:         tiff-%{version}-lzw-CVE-2009-2285.patch
@@ -97,6 +98,7 @@ the libtiff library.
 %patch3 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11
 
 %build
 %configure --disable-static --with-pic