diff options
| author | Leo Famulari <leo@famulari.name> | 2016-11-23 00:14:29 -0500 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2016-11-23 22:53:43 -0500 |
| commit | 0bd1097c50950d47954b4dc136654dfbde45d5b1 (patch) | |
| tree | 89f32f8ac4b582a9c657447b20ae3b8f8bc5bc76 /gnu/packages/patches/libtiff-CVE-2016-3990.patch | |
| parent | 2ac7d54616819c65405ea27260dbff462160f290 (diff) | |
| download | guix-0bd1097c50950d47954b4dc136654dfbde45d5b1.tar guix-0bd1097c50950d47954b4dc136654dfbde45d5b1.tar.gz | |
gnu: libtiff: Update to 4.0.7.
* gnu/packages/image.scm (libtiff): Update to 4.0.7.
[source]: Update URL and remove obsolete patches.
[home-page]: Update URL.
[native-inputs]: Add gcc-5.
(libtiff-4.0.7): Delete variable.
* gnu/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch,
gnu/packages/patches/libtiff-CVE-2016-3623.patch,
gnu/packages/patches/libtiff-CVE-2016-3945.patch,
gnu/packages/patches/libtiff-CVE-2016-3990.patch,
gnu/packages/patches/libtiff-CVE-2016-3991.patch,
gnu/packages/patches/libtiff-CVE-2016-5314.patch,
gnu/packages/patches/libtiff-CVE-2016-5321.patch,
gnu/packages/patches/libtiff-CVE-2016-5323.patch,
gnu/packages/patches/libtiff-oob-accesses-in-decode.patch,
gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2016-3990.patch')
| -rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-3990.patch | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3990.patch b/gnu/packages/patches/libtiff-CVE-2016-3990.patch deleted file mode 100644 index 7641c3073b..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-3990.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fix CVE-2016-3990 (write buffer overflow in PixarLogEncode if more input -samples are provided than expected by PixarLogSetupEncode). - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990 -http://bugzilla.maptools.org/show_bug.cgi?id=2544 - -Patch extracted from upstream CVS repo with: -$ cvs diff -u -r1.45 -r1.46 libtiff/tif_pixarlog.c - -Index: libtiff/tif_pixarlog.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v -retrieving revision 1.45 -retrieving revision 1.46 -diff -u -r1.45 -r1.46 ---- libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:37:33 -0000 1.45 -+++ libtiff/libtiff/tif_pixarlog.c 15 Aug 2016 20:49:48 -0000 1.46 -@@ -1141,6 +1141,13 @@ - } - - llen = sp->stride * td->td_imagewidth; -+ /* Check against the number of elements (of size uint16) of sp->tbuf */ -+ if( n > td->td_rowsperstrip * llen ) -+ { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Too many input bytes provided"); -+ return 0; -+ } - - for (i = 0, up = sp->tbuf; i < n; i += llen, up += llen) { - switch (sp->user_datafmt) { |