Commit Graph

75 Commits

Author SHA1 Message Date
ajacoutot
10e41a8fe3 Fix MASTER_SITES.
from patrick keshishian
2010-07-21 06:46:33 +00:00
naddy
12aaddf055 SECURITY:
Update to 3.9.4, which includes fixes for CVE-2009-2347 and CVE-2010-1411.
2010-06-30 17:10:07 +00:00
jasper
5bd6d49b4a - SECURITY FIX for CVE-2009-2347 (integer overflows in tiff tools)
patch taken from upstream bugreport:
http://bugzilla.maptools.org/show_bug.cgi?id=2079

ok ajacoutot@
2009-07-22 13:15:00 +00:00
jasper
72d0a18369 SECURITY FIX for for SA35515,
LibTIFF "LZWDecodeCompat()" Buffer Underflow Vulnerability

Patch from upstream bugreport #2065 (committed to CVS).
2009-06-23 07:49:31 +00:00
naddy
cdd487f6df fix a silly C99-ism to allow building with gcc2 2009-03-07 15:31:57 +00:00
naddy
fab96bfad1 SECURITY fixes for CVE-2006-2656 and CVE-2006-3459 through 3465.
Man page fixes.

Mostly via FreeBSD.  Approving noises from bernd@ and jasper@
2008-10-25 09:39:29 +00:00
jasper
2247677749 Security fix for SA31610
http://secunia.com/advisories/31610
LibTIFF LZW Decoder Buffer Underflow Vulnerability

Patch extracted from Debian's tiff_3.8.2-7+etch1

"looks fine" ajacoutot@
2008-08-27 18:09:36 +00:00
simon
68a2007cc1 remove surrounding quotes from COMMENT/BROKEN/PERMIT_* 2007-09-15 20:09:40 +00:00
espie
9eafbbfb35 base64 checksums. 2007-04-05 16:19:55 +00:00
espie
9881f499e5 new lib specs 2006-08-03 12:53:18 +00:00
naddy
06de83c3cc SECURITY:
Prevent sign extension on integer promotion that leads to a buffer overflow.
Minimal fix from upstream CVS.  CVE-2006-2193.
prodded by bernd@
2006-06-12 17:31:34 +00:00
naddy
b3d4e51b49 update to 3.8.2: bugfix release 2006-03-31 20:38:29 +00:00
espie
c7e0f26245 fix broken manpages, found out because makewhatis was complaining... 2006-03-26 10:45:18 +00:00
naddy
ce1884601e update to 3.8.1 2006-03-18 17:40:02 +00:00
espie
a9df05cec2 more C++ libs bumps. Done thru mail, plus lizards. 2006-01-14 00:07:28 +00:00
steven
46a206179b remove MODGNU_SHARED_LIBS 2006-01-08 00:29:37 +00:00
steven
dd5b94a745 SHARED_LIBS
ok espie@
2005-12-27 16:42:43 +00:00
naddy
520b48f4f7 Update to 3.7.3; from Bernd Ahlers <b.ahlers@ba-net.org>.
Major changes:
* Replace runtime endianess check with the compile time one.
* Added support for the new predictor type (floating point predictor),
  defined at the TIFF Technical Note 3.
* Added Support for custom tags, passed by value. Added support for
  all DNG tags.
2005-07-17 20:54:36 +00:00
naddy
4fe93ac42d new master site mirror, from FreeBSD 2005-06-19 12:19:30 +00:00
naddy
de027632ac update to 3.7.2 which integrates the numerous security patches
brad@ drops maintainership
2005-06-18 21:24:40 +00:00
espie
738ce04388 this stuff builds without really installing it now. 2005-04-17 13:37:42 +00:00
brad
b8e705b1c2 missed part of the alpha channels fix. 2005-03-27 06:13:07 +00:00
brad
7faf47bc10 fix an issue with not being able to open some valid TIFF files.
http://www.sigmasoft.com/~openbsd/archive/openbsd-ports/200503/msg00090.html

From: Bernd Ahlers <b dot ahlers at ba-net dot org>
2005-03-27 05:12:15 +00:00
brad
149f415140 - bump PKGNAME
- fix MASTER_SITES; From: Bernd Ahlers <b dot ahlers at ba-net dot org>
2005-03-27 03:59:00 +00:00
brad
7222db8f0e Integer overflow in tif_dirread.c and tif_fax3.c for libtiff allows remote
attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII
or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a
heap-based buffer overflow.

CAN-2004-1308
2005-03-27 03:57:26 +00:00
brad
b9b5b63414 Integer overflow in the tiffdump utility for libtiff allows remote
attackers to cause a denial of service (application crash) and
possibly execute arbitrary code via a crafted TIFF file.

CAN-2004-1183
2005-03-27 03:41:26 +00:00
brad
9b61f5a211 fix an issue with alpha channels.
http://bugzilla.remotesensing.org/show_bug.cgi?id=718
2005-03-27 03:40:00 +00:00
naddy
a8817eabcc SIZE 2005-01-05 16:50:35 +00:00
espie
24e6dbf353 fix a few WANTLIB issues.
Install librpmbuild since lib/rpmgettext wants it.
2004-12-22 06:31:05 +00:00
brad
f81e2e0341 Fix memory allocation problems and numerous integer overflows.
CAN-2004-0803, CAN-2004-0804, CAN-2004-0886
2004-10-20 20:37:48 +00:00
espie
6ad2640218 new plists 2004-09-15 00:46:07 +00:00
espie
512d20367c new plists 2004-08-07 08:03:06 +00:00
brad
0b0e7ff81a Add a patch to fix libtiff 3.6.1 with HylaFAX.
http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=500
http://bugzilla.remotesensing.org/show_bug.cgi?id=483

Thanks to Uwe Dippel <udippel at uniten dot edu dot my> for
bringing this to my attention.
2004-05-18 23:35:35 +00:00
brad
96a525ea1f upgrade to libtiff 3.6.1 2004-02-25 00:08:10 +00:00
naddy
1bc6d8a294 remove workarounds for gcc2.95/sparc64 optimizer bugs 2004-02-24 00:06:43 +00:00
brad
98095a8a2c argh, damn cvs. this should have been updated and not removed. 2003-12-23 23:48:55 +00:00
brad
f01fb70235 upgrade to libtiff 3.6.0 2003-12-23 23:45:41 +00:00
naddy
2276d3b230 remove WWW lines 2003-12-15 21:42:08 +00:00
avsm
cf7460a4c4 incomplete format string; submitted upstream, brad@ ok 2003-04-15 15:30:52 +00:00
naddy
d83ef5ba83 No regression tests available. 2002-10-27 00:03:16 +00:00
brad
f8031cbdfb better 2002-01-24 15:13:47 +00:00
brad
0bf25427d0 - add workaround for optimization bug in GCC for sparc64; problem pointed out by marc@
- fpic -> fPIC for sparc64
2002-01-24 04:55:50 +00:00
brad
8050cf7066 damn cvs, this was not supposed to be removed 2002-01-19 17:50:13 +00:00
brad
2bd845dea8 upgrade to libtiff 3.5.7 2002-01-19 09:34:42 +00:00
brad
092746fb44 Use our in-tree copy instead of patching the one that comes with libtiff. 2001-10-10 19:28:50 +00:00
wilfried
97034e70a2 use -fPIC rather than -fpic
regenerate the patches with update-patches
ok naddy@
2001-10-10 15:15:00 +00:00
pvalchev
605ad5eab3 alpha does have shared libraries now; repair 2001-10-08 05:27:00 +00:00
brad
a78d4105d3 - integrate COMMENT
- bump NEED_VERSION
2001-04-13 23:53:27 +00:00
brad
a72f4e812e pass the pic flag along to the compiler when linking the shared library. 2000-10-19 11:56:02 +00:00
brad
fc21c35236 use "cc -shared" for the creation of shared libraries 2000-09-26 06:34:18 +00:00