8e28d22c91
* gnu/packages/patches/libtiff-CVE-2012-4564.patch, gnu/packages/patches/libtiff-CVE-2013-1960.patch, gnu/packages/patches/libtiff-CVE-2013-1961.patch, gnu/packages/patches/libtiff-CVE-2013-4231.patch, gnu/packages/patches/libtiff-CVE-2013-4232.patch, gnu/packages/patches/libtiff-CVE-2013-4243.patch, gnu/packages/patches/libtiff-CVE-2013-4244.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch, gnu/packages/patches/libtiff-CVE-2014-8129.patch, gnu/packages/patches/libtiff-CVE-2014-9330.patch, gnu/packages/patches/libtiff-CVE-2014-9655.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (libtiff)[source]: Add patches.
43 lines
1.7 KiB
Diff
43 lines
1.7 KiB
Diff
Copied from Debian
|
|
|
|
From 3996fa0f84f4a8b7e65fe4b8f0681711022034ea Mon Sep 17 00:00:00 2001
|
|
From: erouault <erouault>
|
|
Date: Sun, 21 Dec 2014 20:04:31 +0000
|
|
Subject: [PATCH] * tools/pal2rgb.c, tools/thumbnail.c: fix crash by disabling
|
|
TIFFTAG_INKNAMES copying. The right fix would be to properly copy it, but not
|
|
worth the burden for those esoteric utilities.
|
|
http://bugzilla.maptools.org/show_bug.cgi?id=2484 (CVE-2014-8127)
|
|
|
|
---
|
|
ChangeLog | 7 +++++++
|
|
tools/pal2rgb.c | 2 +-
|
|
tools/thumbnail.c | 2 +-
|
|
3 files changed, 9 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
|
|
index bfe7899..3fc3de3 100644
|
|
--- a/tools/pal2rgb.c
|
|
+++ b/tools/pal2rgb.c
|
|
@@ -372,7 +372,7 @@ static struct cpTag {
|
|
{ TIFFTAG_CLEANFAXDATA, 1, TIFF_SHORT },
|
|
{ TIFFTAG_CONSECUTIVEBADFAXLINES, 1, TIFF_LONG },
|
|
{ TIFFTAG_INKSET, 1, TIFF_SHORT },
|
|
- { TIFFTAG_INKNAMES, 1, TIFF_ASCII },
|
|
+ /*{ TIFFTAG_INKNAMES, 1, TIFF_ASCII },*/ /* Needs much more complicated logic. See tiffcp */
|
|
{ TIFFTAG_DOTRANGE, 2, TIFF_SHORT },
|
|
{ TIFFTAG_TARGETPRINTER, 1, TIFF_ASCII },
|
|
{ TIFFTAG_SAMPLEFORMAT, 1, TIFF_SHORT },
|
|
diff --git a/tools/thumbnail.c b/tools/thumbnail.c
|
|
index c50bbff..73f9c34 100644
|
|
--- a/tools/thumbnail.c
|
|
+++ b/tools/thumbnail.c
|
|
@@ -257,7 +257,7 @@ static struct cpTag {
|
|
{ TIFFTAG_CLEANFAXDATA, 1, TIFF_SHORT },
|
|
{ TIFFTAG_CONSECUTIVEBADFAXLINES, 1, TIFF_LONG },
|
|
{ TIFFTAG_INKSET, 1, TIFF_SHORT },
|
|
- { TIFFTAG_INKNAMES, 1, TIFF_ASCII },
|
|
+ /*{ TIFFTAG_INKNAMES, 1, TIFF_ASCII },*/ /* Needs much more complicated logic. See tiffcp */
|
|
{ TIFFTAG_DOTRANGE, 2, TIFF_SHORT },
|
|
{ TIFFTAG_TARGETPRINTER, 1, TIFF_ASCII },
|
|
{ TIFFTAG_SAMPLEFORMAT, 1, TIFF_SHORT },
|