diff options
author | Tom Rini <tom_rini@mentor.com> | 2010-10-13 09:10:09 -0700 |
---|---|---|
committer | Tom Rini <tom_rini@mentor.com> | 2010-10-13 09:56:07 -0700 |
commit | a92b388ff756052b59dde98500d42fa396248a03 (patch) | |
tree | 77c36dfbd0f6b3f9698016ca76a1e2d2beaed34d /recipes | |
parent | 8f7bd5f92f1dcd0ef11ebf17ea2c3210498f73af (diff) | |
download | openembedded-a92b388ff756052b59dde98500d42fa396248a03.tar.gz |
tiff: Update to 4.0.0beta6
This includes a number of security fixes. In addition, side-port
the fix for CVE-2010-2482. Since we updated for security reasons
and there was only one version before this (the previous beta),
git mv and update the distros that had pinned down.
Signed-off-by: Tom Rini <tom_rini@mentor.com>
Diffstat (limited to 'recipes')
-rw-r--r-- | recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff | 17 | ||||
-rw-r--r-- | recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-ojpeg-null-stripbytecount.diff | 17 | ||||
-rw-r--r-- | recipes/libtiff/tiff_3.9.4.bb (renamed from recipes/libtiff/tiff_3.9.2.bb) | 14 |
3 files changed, 42 insertions, 6 deletions
diff --git a/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff new file mode 100644 index 0000000000..bf2dbfe36d --- /dev/null +++ b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff @@ -0,0 +1,17 @@ +https://bugzilla.redhat.com/attachment.cgi?id=423232 + +Index: libtiff/tif_ojpeg.c +=================================================================== +--- libtiff/tif_ojpeg.c.orig ++++ libtiff/tif_ojpeg.c +@@ -1937,6 +1937,10 @@ OJPEGReadBufferFill(OJPEGState* sp) + sp->in_buffer_source=osibsEof; + else + { ++ if (sp->tif->tif_dir.td_stripoffset == 0) { ++ TIFFErrorExt(sp->tif->tif_clientdata,sp->tif->tif_name,"Strip offsets are missing"); ++ return(0); ++ } + sp->in_buffer_file_pos=sp->tif->tif_dir.td_stripoffset[sp->in_buffer_next_strile]; + if (sp->in_buffer_file_pos!=0) + { diff --git a/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-ojpeg-null-stripbytecount.diff b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-ojpeg-null-stripbytecount.diff new file mode 100644 index 0000000000..209e78a52c --- /dev/null +++ b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-ojpeg-null-stripbytecount.diff @@ -0,0 +1,17 @@ +https://bugzilla.redhat.com/attachment.cgi?id=425925 + +Index: libtiff/tif_ojpeg.c +=================================================================== +--- libtiff/tif_ojpeg.c.orig ++++ libtiff/tif_ojpeg.c +@@ -1948,6 +1948,10 @@ OJPEGReadBufferFill(OJPEGState* sp) + sp->in_buffer_file_pos=0; + else + { ++ if (sp->tif->tif_dir.td_stripbytecount == 0) { ++ TIFFErrorExt(sp->tif->tif_clientdata,sp->tif->tif_name,"Strip byte counts are missing"); ++ return(0); ++ } + sp->in_buffer_file_togo=sp->tif->tif_dir.td_stripbytecount[sp->in_buffer_next_strile]; + if (sp->in_buffer_file_togo==0) + sp->in_buffer_file_pos=0; diff --git a/recipes/libtiff/tiff_3.9.2.bb b/recipes/libtiff/tiff_3.9.4.bb index dd2d80ee6e..f54a19b405 100644 --- a/recipes/libtiff/tiff_3.9.2.bb +++ b/recipes/libtiff/tiff_3.9.4.bb @@ -2,15 +2,17 @@ DESCRIPTION = "This software provides support for the Tag Image File Format (TIF LICENSE = "${PN}" HOMEPAGE = "http://www.remotesensing.org/libtiff/" DEPENDS = "zlib jpeg lzo" -PV = "3.9.2+4.0.0beta5" +PV = "3.9.4+4.0.0beta6" -PR = "r5" +PR = "r0" -SRC_URI = "http://download.osgeo.org/libtiff/tiff-4.0.0beta5.tar.gz;name=tiff400beta5targz" -SRC_URI[tiff400beta5targz.md5sum] = "a0a83604e38a299fae9f0b1a39c04870" -SRC_URI[tiff400beta5targz.sha256sum] = "64b61567782643a841e33a8d031d0d6a9b3e436108829e2e947183f8dcdc6ec7" +SRC_URI = "http://download.osgeo.org/libtiff/tiff-4.0.0beta6.tar.gz \ + file://tiff-lp589145.diff;striplevel=0 \ + file://tiff-ojpeg-null-stripbytecount.diff;striplevel=0" +SRC_URI[md5sum] = "6a1e51841a5a5062cc381e34a48122a0" +SRC_URI[sha256sum] = "de016175742bcdd0cd6f326dd2e7bbc7154437d7bb09976ad4789016065061e6" -S = "${WORKDIR}/tiff-4.0.0beta5" +S = "${WORKDIR}/tiff-4.0.0beta6" inherit autotools |