From 0896fcef0080fd0e9d58ab6b29b22ef5890794cd Mon Sep 17 00:00:00 2001 From: Automatic Build System Date: Thu, 19 Sep 2024 19:39:58 +0200 Subject: [PATCH] automatic version update by autodist [release 4.7.0-1mamba;Thu Sep 19 2024] --- libtiff-3.8.2-cve_2006_2193.patch | 18 ------------ libtiff-3.8.2-tiffsplit_overflow.patch | 22 --------------- libtiff.spec | 38 ++++++++++++-------------- 3 files changed, 18 insertions(+), 60 deletions(-) delete mode 100644 libtiff-3.8.2-cve_2006_2193.patch delete mode 100644 libtiff-3.8.2-tiffsplit_overflow.patch diff --git a/libtiff-3.8.2-cve_2006_2193.patch b/libtiff-3.8.2-cve_2006_2193.patch deleted file mode 100644 index a11c5fc..0000000 --- a/libtiff-3.8.2-cve_2006_2193.patch +++ /dev/null @@ -1,18 +0,0 @@ - * SECURITY UPDATE: Arbitrary command execution with crafted TIF files. - * Add debian/patches/tiff2pdf-octal-printf.patch: - - tools/tiff2pdf.c: Fix buffer overflow due to wrong printf for octal - signed char (it printed a signed integer, which overflow the buffer and - was wrong anyway). - - CVE-2006-2193 - ---- tiff-3.8.2/tools/tiff2pdf.c 2006-03-21 17:42:51.000000000 +0100 -+++ tiff-3.8.2/tools/tiff2pdf.c.fix 2006-06-15 17:00:23.000000000 +0200 -@@ -3668,7 +3668,7 @@ - written += TIFFWriteFile(output, (tdata_t) "(", 1); - for (i=0;i 2) -- strcpy(fname, argv[2]); -+ if (argc > 2) { -+ strncpy(fname, argv[2], 1024); -+ fname[1024] = '\0'; -+ } - in = TIFFOpen(argv[1], "r"); - if (in != NULL) { - do { - char path[1024+1]; - newfilename(); -- strcpy(path, fname); -+ strncpy(path, fname, 1020); - strcat(path, ".tif"); - out = TIFFOpen(path, TIFFIsBigEndian(in)?"wb":"wl"); - if (out == NULL) diff --git a/libtiff.spec b/libtiff.spec index e2c3060..8dbcfd4 100644 --- a/libtiff.spec +++ b/libtiff.spec @@ -1,19 +1,24 @@ Name: libtiff -Version: 4.6.0 +Version: 4.7.0 Release: 1mamba Summary: A library of functions for manipulating TIFF format image files Group: System/Libraries Vendor: openmamba Distribution: openmamba Packager: Silvan Calarco -URL: http://www.libtiff.org/ +URL: https://libtiff.gitlab.io/libtiff/ Source: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz -Patch0: %{name}-3.8.2-tiffsplit_overflow.patch -Patch1: %{name}-3.8.2-cve_2006_2193.patch License: BSD ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel +BuildRequires: libICE-devel +BuildRequires: libSM-devel +BuildRequires: libXi-devel +BuildRequires: libdeflate-devel +BuildRequires: libfreeglut-devel BuildRequires: libgcc +BuildRequires: libglu-devel +BuildRequires: libglvnd-devel BuildRequires: libjbig-devel BuildRequires: libjpeg-devel BuildRequires: liblzma-devel @@ -63,8 +68,6 @@ Command line tools for tiff files manipulation. %prep %setup -q -n tiff-%{version} -#%patch0 -p1 -b .cve_2006_2656 -#%patch1 -p1 -b .cve_2006_2193 %build %configure \ @@ -89,8 +92,6 @@ rm -f %{buildroot}%{_mandir}/man1/tiffgt.* %clean [ "%{buildroot}" != / ] && rm -rf "%{buildroot}" -%post -p /sbin/ldconfig -%postun -p /sbin/ldconfig %files %defattr(-,root,root) @@ -112,24 +113,21 @@ rm -f %{buildroot}%{_mandir}/man1/tiffgt.* %files -n tiff-utils %defattr(-,root,root) -%{_bindir}/tiffcp -%{_bindir}/tiffdump -%{_bindir}/tiffinfo -%{_bindir}/tiffset -%{_bindir}/tiffsplit +%{_bindir}/fax2ps +%{_bindir}/fax2tiff +%{_bindir}/pal2rgb +%{_bindir}/ppm2tiff +%{_bindir}/raw2tiff +%{_bindir}/tiff* %if "%{stage1}" != "1" %exclude %{_mandir}/man1/tiffgt.* %endif %{_mandir}/man1/* -#%if "%{stage1}" != "1" -#%files -n tiffgt -#%defattr(-,root,root) -#%{_bindir}/tiffgt -#%{_mandir}/man1/tiffgt.* -#%endif - %changelog +* Thu Sep 19 2024 Automatic Build System 4.7.0-1mamba +- automatic version update by autodist + * Fri Sep 15 2023 Automatic Build System 4.6.0-1mamba - automatic version update by autodist