Skip to content

Commit

Permalink
Pullup ticket #3388 - requested by tron
Browse files Browse the repository at this point in the history 
Security update for graphic/tiff

Revisions pulled up:
- graphics/tiff/Makefile                                        1.99
- graphics/tiff/distinfo                                        1.50
- graphics/tiff/patches/patch-SA43593                           1.1

---
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sat Mar 12 16:10:43 UTC 2011

   Modified Files:
   	pkgsrc/graphics/tiff: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/tiff/patches: patch-SA43593

   Log Message:
   Add fix for vulnerability reported in SA43593 taken from the
   "libtiff" CVS repository.
  • Loading branch information
sbd committed Mar 13, 2011
1 parent aa3000e commit 1c0d576
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 3 deletions.
4 changes: 2 additions & 2 deletions graphics/tiff/Makefile
View file
@@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.98 2010/12/23 11:44:46 dsainty Exp $
# $NetBSD: Makefile,v 1.98.2.1 2011/03/13 21:10:18 sbd Exp $

DISTNAME= tiff-3.9.4
PKGREVISION= 1
PKGREVISION= 2
CATEGORIES= graphics
MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \
http://libtiff.maptools.org/dl/
Expand Down
3 changes: 2 additions & 1 deletion graphics/tiff/distinfo
View file
@@ -1,8 +1,9 @@
$NetBSD: distinfo,v 1.49 2010/08/04 17:48:22 tron Exp $
$NetBSD: distinfo,v 1.49.4.1 2011/03/13 21:10:18 sbd Exp $

SHA1 (tiff-3.9.4.tar.gz) = a4e32d55afbbcabd0391a9c89995e8e8a19961de
RMD160 (tiff-3.9.4.tar.gz) = 3e0a74b6294297c16fb983ad68056a1dfbbdb1de
Size (tiff-3.9.4.tar.gz) = 1436968 bytes
SHA1 (patch-SA43593) = d24ff27a7a2e659c632d5a5fb720a908915e8595
SHA1 (patch-aa) = 0ed02eb18454f4d91bf2fad6b9262bc442cd0822
SHA1 (patch-ab) = 66101ec437ff222d629120e52e2011ea5b36dca0
SHA1 (patch-ac) = 7211eebf68e73790ac1263efb16943e59cbffa95
Expand Down
20 changes: 20 additions & 0 deletions graphics/tiff/patches/patch-SA43593
View file
@@ -0,0 +1,20 @@
$NetBSD: patch-SA43593,v 1.1.2.2 2011/03/13 21:10:19 sbd Exp $

Fix heap-based buffer overflow which causes the vulnerability reported
in SA43593. Patch taken from the "libtiff" CVS repository.

--- libtiff/tif_fax3.h 8 Jun 2010 18:50:42 -0000 1.5.2.1
+++ libtiff/tif_fax3.h 10 Mar 2011 20:22:33 -0000 1.5.2.3
@@ -478,6 +478,12 @@
break; \
case S_VL: \
CHECK_b1; \
+ if (b1 <= (int) (a0 + TabEnt->Param)) { \
+ if (b1 < (int) (a0 + TabEnt->Param) || pa != thisrun) { \
+ unexpected("VL", a0); \
+ goto eol2d; \
+ } \
+ } \
SETVALUE(b1 - a0 - TabEnt->Param); \
b1 -= *--pb; \
break; \

0 comments on commit 1c0d576

Please sign in to comment.