[oe-commits] Tom Rini : tiff: Update to 4.0.0beta6
git version control
git at git.openembedded.org
Wed Oct 13 17:01:00 UTC 2010
Module: openembedded.git
Branch: org.openembedded.dev
Commit: a92b388ff756052b59dde98500d42fa396248a03
URL: http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=a92b388ff756052b59dde98500d42fa396248a03
Author: Tom Rini <tom_rini at mentor.com>
Date: Wed Oct 13 09:10:09 2010 -0700
tiff: Update to 4.0.0beta6
This includes a number of security fixes. In addition, side-port
the fix for CVE-2010-2482. Since we updated for security reasons
and there was only one version before this (the previous beta),
git mv and update the distros that had pinned down.
Signed-off-by: Tom Rini <tom_rini at mentor.com>
---
.../include/angstrom-2008-preferred-versions.inc | 2 +-
.../include/angstrom-2010-preferred-versions.inc | 2 +-
.../include/kaeilos-2009-preferred-versions.inc | 2 +-
.../tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff | 17 +++++++++++++++++
.../tiff-ojpeg-null-stripbytecount.diff | 17 +++++++++++++++++
recipes/libtiff/{tiff_3.9.2.bb => tiff_3.9.4.bb} | 14 ++++++++------
6 files changed, 45 insertions(+), 9 deletions(-)
diff --git a/conf/distro/include/angstrom-2008-preferred-versions.inc b/conf/distro/include/angstrom-2008-preferred-versions.inc
index 78254a2..fc86eef 100644
--- a/conf/distro/include/angstrom-2008-preferred-versions.inc
+++ b/conf/distro/include/angstrom-2008-preferred-versions.inc
@@ -54,7 +54,7 @@ PREFERRED_VERSION_qt4-x11-free = "${ANGSTROM_QT_VERSION}"
PREFERRED_VERSION_qt4-x11-free-gles = "${ANGSTROM_QT_VERSION}"
PREFERRED_VERSION_samba = "3.3.9"
-PREFERRED_VERSION_tiff = "3.9.2+4.0.0beta5"
+PREFERRED_VERSION_tiff = "3.9.4+4.0.0beta6"
PREFERRED_VERSION_udev = "151"
PREFERRED_VERSION_udev_libc-uclibc = "141"
diff --git a/conf/distro/include/angstrom-2010-preferred-versions.inc b/conf/distro/include/angstrom-2010-preferred-versions.inc
index 7eb8a70..e9ff70e 100644
--- a/conf/distro/include/angstrom-2010-preferred-versions.inc
+++ b/conf/distro/include/angstrom-2010-preferred-versions.inc
@@ -64,7 +64,7 @@ PREFERRED_VERSION_qt4-x11-free = "${ANGSTROM_QT_VERSION}"
PREFERRED_VERSION_qt4-x11-free-gles = "${ANGSTROM_QT_VERSION}"
PREFERRED_VERSION_samba = "3.3.9"
-PREFERRED_VERSION_tiff = "3.9.2+4.0.0beta5"
+PREFERRED_VERSION_tiff = "3.9.4+4.0.0beta6"
PREFERRED_VERSION_udev = "154"
PREFERRED_VERSION_udev_libc-uclibc = "141"
diff --git a/conf/distro/include/kaeilos-2009-preferred-versions.inc b/conf/distro/include/kaeilos-2009-preferred-versions.inc
index 83e18ba..d4e1170 100644
--- a/conf/distro/include/kaeilos-2009-preferred-versions.inc
+++ b/conf/distro/include/kaeilos-2009-preferred-versions.inc
@@ -64,7 +64,7 @@ PREFERRED_VERSION_qt4-x11-free = "${KAEILOS_QT_VERSION}"
PREFERRED_VERSION_qt4-x11-free-gles = "${KAEILOS_QT_VERSION}"
PREFERRED_VERSION_samba = "3.3.9"
-PREFERRED_VERSION_tiff = "3.9.2+4.0.0beta5"
+PREFERRED_VERSION_tiff = "3.9.4+4.0.0beta6"
PREFERRED_VERSION_udev = "151"
PREFERRED_VERSION_udev_libc-uclibc = "141"
diff --git a/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff
new file mode 100644
index 0000000..bf2dbfe
--- /dev/null
+++ b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-lp589145.diff
@@ -0,0 +1,17 @@
+https://bugzilla.redhat.com/attachment.cgi?id=423232
+
+Index: libtiff/tif_ojpeg.c
+===================================================================
+--- libtiff/tif_ojpeg.c.orig
++++ libtiff/tif_ojpeg.c
+@@ -1937,6 +1937,10 @@ OJPEGReadBufferFill(OJPEGState* sp)
+ sp->in_buffer_source=osibsEof;
+ else
+ {
++ if (sp->tif->tif_dir.td_stripoffset == 0) {
++ TIFFErrorExt(sp->tif->tif_clientdata,sp->tif->tif_name,"Strip offsets are missing");
++ return(0);
++ }
+ sp->in_buffer_file_pos=sp->tif->tif_dir.td_stripoffset[sp->in_buffer_next_strile];
+ if (sp->in_buffer_file_pos!=0)
+ {
diff --git a/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-ojpeg-null-stripbytecount.diff b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-ojpeg-null-stripbytecount.diff
new file mode 100644
index 0000000..209e78a
--- /dev/null
+++ b/recipes/libtiff/tiff-3.9.4+4.0.0beta6/tiff-ojpeg-null-stripbytecount.diff
@@ -0,0 +1,17 @@
+https://bugzilla.redhat.com/attachment.cgi?id=425925
+
+Index: libtiff/tif_ojpeg.c
+===================================================================
+--- libtiff/tif_ojpeg.c.orig
++++ libtiff/tif_ojpeg.c
+@@ -1948,6 +1948,10 @@ OJPEGReadBufferFill(OJPEGState* sp)
+ sp->in_buffer_file_pos=0;
+ else
+ {
++ if (sp->tif->tif_dir.td_stripbytecount == 0) {
++ TIFFErrorExt(sp->tif->tif_clientdata,sp->tif->tif_name,"Strip byte counts are missing");
++ return(0);
++ }
+ sp->in_buffer_file_togo=sp->tif->tif_dir.td_stripbytecount[sp->in_buffer_next_strile];
+ if (sp->in_buffer_file_togo==0)
+ sp->in_buffer_file_pos=0;
diff --git a/recipes/libtiff/tiff_3.9.2.bb b/recipes/libtiff/tiff_3.9.4.bb
similarity index 59%
rename from recipes/libtiff/tiff_3.9.2.bb
rename to recipes/libtiff/tiff_3.9.4.bb
index dd2d80e..f54a19b 100644
--- a/recipes/libtiff/tiff_3.9.2.bb
+++ b/recipes/libtiff/tiff_3.9.4.bb
@@ -2,15 +2,17 @@ DESCRIPTION = "This software provides support for the Tag Image File Format (TIF
LICENSE = "${PN}"
HOMEPAGE = "http://www.remotesensing.org/libtiff/"
DEPENDS = "zlib jpeg lzo"
-PV = "3.9.2+4.0.0beta5"
+PV = "3.9.4+4.0.0beta6"
-PR = "r5"
+PR = "r0"
-SRC_URI = "http://download.osgeo.org/libtiff/tiff-4.0.0beta5.tar.gz;name=tiff400beta5targz"
-SRC_URI[tiff400beta5targz.md5sum] = "a0a83604e38a299fae9f0b1a39c04870"
-SRC_URI[tiff400beta5targz.sha256sum] = "64b61567782643a841e33a8d031d0d6a9b3e436108829e2e947183f8dcdc6ec7"
+SRC_URI = "http://download.osgeo.org/libtiff/tiff-4.0.0beta6.tar.gz \
+ file://tiff-lp589145.diff;striplevel=0 \
+ file://tiff-ojpeg-null-stripbytecount.diff;striplevel=0"
+SRC_URI[md5sum] = "6a1e51841a5a5062cc381e34a48122a0"
+SRC_URI[sha256sum] = "de016175742bcdd0cd6f326dd2e7bbc7154437d7bb09976ad4789016065061e6"
-S = "${WORKDIR}/tiff-4.0.0beta5"
+S = "${WORKDIR}/tiff-4.0.0beta6"
inherit autotools
More information about the Openembedded-commits
mailing list