Accepting request 41989 from graphics

checked in (request 41989) OBS-URL: https://build.opensuse.org/request/show/41989 OBS-URL: https://build.opensuse.org/package/show/graphics/tiff?expand=0&rev=20
2010-06-25 18:48:21 +00:00 · 2010-06-25 18:48:21 +00:00 · eb86a43286
commit eb86a43286
parent edd0a84a47
6 changed files with 0 additions and 109 deletions
--- a/tiff-3.9.2-NULL-deref.patch
+++ b/tiff-3.9.2-NULL-deref.patch
@ -1,19 +0,0 @@
-Index: libtiff/tif_ojpeg.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v
-retrieving revision 1.24.2.5
-retrieving revision 1.24.2.6
-diff -u -p -r1.24.2.5 -r1.24.2.6
--- libtiff/tif_ojpeg.c	8 Jun 2010 18:50:42 -0000	1.24.2.5
-+++ libtiff/tif_ojpeg.c	8 Jun 2010 23:29:51 -0000	1.24.2.6
-@@ -1909,6 +1909,10 @@ OJPEGReadBufferFill(OJPEGState* sp)
- 					sp->in_buffer_source=osibsEof;
- 				else
- 				{
-+					if (sp->tif->tif_dir.td_stripoffset == 0) {
-+						TIFFErrorExt(sp->tif->tif_clientdata,sp->tif->tif_name,"Strip offsets are missing");
-+						return(0);
-+					}
- 					sp->in_buffer_file_pos=sp->tif->tif_dir.td_stripoffset[sp->in_buffer_next_strile];  
- 					if (sp->in_buffer_file_pos!=0)
- 					{
--- a/tiff-3.9.2-getimage-64bit.patch
+++ b/tiff-3.9.2-getimage-64bit.patch
@ -1,41 +0,0 @@
-diff -Naur tiff-3.9.2.orig/libtiff/tif_getimage.c tiff-3.9.2/libtiff/tif_getimage.c
--- tiff-3.9.2.orig/libtiff/tif_getimage.c	2009-08-30 12:21:46.000000000 -0400
-+++ tiff-3.9.2/libtiff/tif_getimage.c	2010-06-10 15:07:28.000000000 -0400
-@@ -1846,6 +1846,7 @@
- DECLAREContigPutFunc(putcontig8bitYCbCr22tile)
- {
- 	uint32* cp2;
-+	int32 incr = 2*toskew+w;
- 	(void) y;
- 	fromskew = (fromskew / 2) * 6;
- 	cp2 = cp+w+toskew;
-@@ -1872,8 +1873,8 @@
- 			cp2 ++ ;
- 			pp += 6;
- 		}
-		cp += toskew*2+w;
-		cp2 += toskew*2+w;
-+		cp += incr;
-+		cp2 += incr;
- 		pp += fromskew;
- 		h-=2;
- 	}
-@@ -1939,6 +1940,7 @@
- DECLAREContigPutFunc(putcontig8bitYCbCr12tile)
- {
- 	uint32* cp2;
-+	int32 incr = 2*toskew+w;
- 	(void) y;
- 	fromskew = (fromskew / 2) * 4;
- 	cp2 = cp+w+toskew;
-@@ -1953,8 +1955,8 @@
- 			cp2 ++;
- 			pp += 4;
- 		} while (--x);
-		cp += toskew*2+w;
-		cp2 += toskew*2+w;
-+		cp += incr;
-+		cp2 += incr;
- 		pp += fromskew;
- 		h-=2;
- 	}
--- a/tiff-3.9.2-integer-overflow.patch
+++ b/tiff-3.9.2-integer-overflow.patch
@ -1,17 +0,0 @@
-Index: libtiff/tif_read.c
-===================================================================
-RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v
-retrieving revision 1.16.2.1
-retrieving revision 1.16.2.2
-diff -u -p -r1.16.2.1 -r1.16.2.2
--- libtiff/tif_read.c	8 Jun 2010 18:50:43 -0000	1.16.2.1
-+++ libtiff/tif_read.c	8 Jun 2010 23:29:51 -0000	1.16.2.2
-@@ -609,7 +610,7 @@ TIFFReadBufferSetup(TIFF* tif, tdata_t b
- 		tif->tif_rawdata = (tidata_t) _TIFFmalloc(tif->tif_rawdatasize);
- 		tif->tif_flags |= TIFF_MYBUFFER;
- 	}
-	if (tif->tif_rawdata == NULL) {
-+	if ((tif->tif_rawdata == NULL) || (tif->tif_rawdatasize == 0)) {
- 		TIFFErrorExt(tif->tif_clientdata, module,
- 		    "%s: No space for data buffer at scanline %ld",
- 		    tif->tif_name, (long) tif->tif_row);
--- a/tiff-3.9.2-oob-read.patch
+++ b/tiff-3.9.2-oob-read.patch
@ -1,12 +0,0 @@
-diff -Naur tiff-3.9.2.orig/libtiff/tif_getimage.c tiff-3.9.2/libtiff/tif_getimage.c
--- tiff-3.9.2.orig/libtiff/tif_getimage.c	2009-08-30 12:21:46.000000000 -0400
-+++ tiff-3.9.2/libtiff/tif_getimage.c	2010-06-11 12:06:47.000000000 -0400
-@@ -2397,7 +2397,7 @@
- 			}
- 			break;
- 		case PHOTOMETRIC_YCBCR:
-			if (img->bitspersample == 8)
-+			if ((img->bitspersample==8) && (img->samplesperpixel==3))
- 			{
- 				if (initYCbCrConversion(img)!=0)
- 				{
--- a/tiff.changes
+++ b/tiff.changes
@ -1,15 +1,3 @@
-------------------------------------------------------------------
-Wed Jun 23 10:32:01 CEST 2010 - pgajdos@suse.cz
-
- fixed CVE-2010-2065
-  * integer-overflow.patch
-  * NULL-deref.patch
-  fixed out of bounds read
-  * oob-read.patch
-  fixed CVE-2010-2233
-  * getimage-64bit.patch
- [bnc#612879]
-
 -------------------------------------------------------------------
 Mon Apr 26 15:07:09 CEST 2010 - pgajdos@suse.cz

--- a/tiff.spec
+++ b/tiff.spec
@ -36,10 +36,6 @@ Source2:        README.SUSE
 Source3:        baselibs.conf
 Patch2:         tiff-%{version}-seek.patch
 Patch3:         tiff-%{version}-tiff2pdf-colors.patch
-Patch4:         tiff-%{version}-NULL-deref.patch
-Patch5:         tiff-%{version}-integer-overflow.patch
-Patch6:         tiff-%{version}-oob-read.patch
-Patch7:         tiff-%{version}-getimage-64bit.patch
 # FYI: this issue is solved another way
 # http://bugzilla.maptools.org/show_bug.cgi?id=1985#c1
 # Patch9:         tiff-%{version}-lzw-CVE-2009-2285.patch
@ -101,10 +97,6 @@ the libtiff library.
 %setup -q 
 %patch2
 %patch3 -p1
-%patch4
-%patch5
-%patch6 -p1
-%patch7 -p1
 find -type d -name "CVS" | xargs rm -rfv
 find -type d | xargs chmod 755