Accepting request 643137 from home:pgajdos

- security update * CVE-2018-17795 [bsc#1110358] % tiff-4.0.9-bsc1046077-CVE-2017-9935.patch renamed to tiff-CVE-2017-9935,CVE-2018-17795.patch * CVE-2018-16335 [bsc#1106853] % tiff-CVE-2017-11613.patch renamed to tiff-CVE-2017-11613,CVE-2018-16335,15209.patch - add a possibility to build with ASAN OBS-URL: https://build.opensuse.org/request/show/643137 OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=126
2018-10-19 08:39:38 +00:00 · 2018-10-19 08:39:38 +00:00 · b67797b39c
commit b67797b39c
parent ee295f46b9
4 changed files with 23 additions and 2 deletions
--- a/tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
+++ b/tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
--- a/tiff-4.0.9-bsc1046077-CVE-2017-9935.patch
+++ b/tiff-4.0.9-bsc1046077-CVE-2017-9935.patch
--- a/tiff.changes
+++ b/tiff.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Oct 19 07:02:18 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
+
+- security update
+  * CVE-2018-17795 [bsc#1110358]
+    % tiff-4.0.9-bsc1046077-CVE-2017-9935.patch renamed to
+      tiff-CVE-2017-9935,CVE-2018-17795.patch
+  * CVE-2018-16335 [bsc#1106853]
+    % tiff-CVE-2017-11613.patch renamed to
+      tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
+- add a possibility to build with ASAN
+
 -------------------------------------------------------------------
 Wed Oct 17 11:29:07 UTC 2018 - Petr Gajdos <pgajdos@suse.com>

--- a/tiff.spec
+++ b/tiff.spec
@ -16,6 +16,8 @@
 #


+%define         asan_build 0
+
 Name:           tiff
 Version:        4.0.9
 Release:        0
@ -30,12 +32,12 @@ Patch0:         tiff-4.0.3-seek.patch
 # http://bugzilla.maptools.org/show_bug.cgi?id=2442
 Patch1:         tiff-4.0.3-compress-warning.patch
 # Contained in upstream repo. See bsc#1046077 for commit IDs.
-Patch2:         tiff-4.0.9-bsc1046077-CVE-2017-9935.patch
+Patch2:         tiff-CVE-2017-9935,CVE-2018-17795.patch
 Patch3:         tiff-4.0.9-bsc1081690-CVE-2018-5784.patch
 Patch4:         tiff-CVE-2018-10963.patch
 Patch5:         tiff-CVE-2017-18013.patch
 Patch6:         tiff-CVE-2018-7456.patch
-Patch7:         tiff-CVE-2017-11613.patch
+Patch7:         tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
 Patch8:         tiff-CVE-2018-8905.patch
 Patch9:         tiff-CVE-2018-10779.patch
 Patch10:        tiff-CVE-2018-17100.patch
@ -117,6 +119,9 @@ the libtiff library.
 %build
 CFLAGS="%{optflags} -fPIE"
 %configure --disable-static
+%if %{asan_build}
+find -name Makefile | xargs sed -i 's/\(^CFLAGS.*\)/\1 -fsanitize=address/'
+%endif
 make %{?_smp_mflags} LDFLAGS="-pie"

 %install
@ -141,6 +146,10 @@ for tool in pal2rgb; do
 done

 %check
+%if %{asan_build}
+# ASAN needs /proc to be mounted
+exit 0
+%endif
 for i in tools test; do
 	(cd $i && make %{?_smp_mflags} check)
 done