2011/devel/multimedia/graphics/tiff - Disable fancy_upsampling by default, fixes segfaul...

Onur Küçük paketler-commits at pardus.org.tr
Mon Oct 4 17:44:28 EEST 2010 

Author: onur
Date: Mon Oct  4 17:44:28 2010
New Revision: 101718

Added:
   2011/devel/multimedia/graphics/tiff/files/tiff-3.9.2-CVE-2010-3087.diff
   2011/devel/multimedia/graphics/tiff/files/tiff-3.9.2-libjpeg7+.diff
Removed:
   2011/devel/multimedia/graphics/tiff/files/libtiff-scanlinesize.patch
Modified:
   2011/devel/multimedia/graphics/tiff/pspec.xml
Log:
Disable fancy_upsampling by default, fixes segfaults triggered by CVE-2010-3087
Replace scanline patch with CVE-2010-3087, they are the same but new patch has more links




---
 files/libtiff-scanlinesize.patch    |   72 ------------------------------------
 files/tiff-3.9.2-CVE-2010-3087.diff |   69 ++++++++++++++++++++++++++++++++++
 files/tiff-3.9.2-libjpeg7+.diff     |   10 +++++
 pspec.xml                           |   17 +++++++-
 4 files changed, 93 insertions(+), 75 deletions(-)

Modified: 2011/devel/multimedia/graphics/tiff/pspec.xml
=================================================================
--- 2011/devel/multimedia/graphics/tiff/pspec.xml	(original)
+++ 2011/devel/multimedia/graphics/tiff/pspec.xml	Mon Oct  4 17:44:28 2010
@@ -28,7 +28,8 @@
             <Patch level="1">tiff-3.9.1-no_contrib.diff</Patch>
             <Patch level="1">libtiff-acversion.patch</Patch>
             <Patch level="1">libtiff-mantypo.patch</Patch>
-            <Patch level="1">libtiff-scanlinesize.patch</Patch>
+            <Patch level="1">tiff-3.9.2-CVE-2010-3087.diff</Patch>
+            <Patch>tiff-3.9.2-libjpeg7+.diff</Patch>
 
             <!-- FIXME: this patch seems correct, but it needs investigation of the rest of the code
             <Patch>seek.patch</Patch>
@@ -51,7 +52,7 @@
         <Name>tiff-devel</Name>
         <Summary>Developement files for tiff</Summary>
         <RuntimeDependencies>
-            <Dependency release="17">tiff</Dependency>
+            <Dependency release="18">tiff</Dependency>
         </RuntimeDependencies>
         <Files>
             <Path fileType="header">/usr/include</Path>
@@ -62,7 +63,7 @@
         <Name>tiff-docs</Name>
         <Summary>Documentation for tiff</Summary>
         <RuntimeDependencies>
-            <Dependency release="17">tiff</Dependency>
+            <Dependency release="18">tiff</Dependency>
         </RuntimeDependencies>
         <Files>
             <Path fileType="doc">/usr/share/doc</Path>
@@ -71,6 +72,16 @@
     </Package>
 
     <History>
+        <Update release="18">
+            <Date>2010-10-04</Date>
+            <Version>3.9.4</Version>
+            <Comment>
+                Disable fancy_upsampling by default, fixes segfaults triggered by CVE-2010-3087
+                Replace scanline patch with CVE-2010-3087, they are the same but new patch has more links
+            </Comment>
+            <Name>Onur Küçük</Name>
+            <Email>onur at pardus.org.tr</Email>
+        </Update>
         <Update release="17">
             <Date>2010-08-17</Date>
             <Version>3.9.4</Version>

More information about the paketler-commits mailing list