From a07d9f929286a0f3ccf9ea20f55c62b03f91c4c4 Mon Sep 17 00:00:00 2001 From: Daniel Sabogal Date: Wed, 3 May 2017 13:41:31 -0400 Subject: main/tiff: improve CVE-2016-10268 patch Ignore changes made to the ChangeLog --- main/tiff/APKBUILD | 2 +- main/tiff/CVE-2016-10268.patch | 20 +------------------- 2 files changed, 2 insertions(+), 20 deletions(-) (limited to 'main') diff --git a/main/tiff/APKBUILD b/main/tiff/APKBUILD index 6f83689b14..ee9667c878 100644 --- a/main/tiff/APKBUILD +++ b/main/tiff/APKBUILD @@ -92,7 +92,7 @@ tools() { sha512sums="941357bdd5f947cdca41a1d31ae14b3fadc174ae5dce7b7981dbe58f61995f575ac2e97a7cc4fcc435184012017bec0920278263490464644f2cdfad9a6c5ddc tiff-4.0.7.tar.gz 5f7a86b6dc1c9bcf707a1fc9fc4b79cc0cfa457582d13f89cc5db1d59193db468ecc8fe976fe688ae7bb6cb451759420cd0a00d957b7c614dbe8fc762adc9734 CVE-2016-10266.patch fccbf981daedff8e4f3b610dc86823cdb0b2f1e08be345b775bd5c7ba89ef681b3cd4e04a97832753081e9df07db0a68a0a0a38cb4f538f260c475565c204f8b CVE-2016-10267.patch -57cd4f9aadaedac5f43d8085729ca5871a40c5bfc88fe01ec9db94162067fb9290ead0d5fba0fef1f6efc04fe2ec18a21703a314c0732be86ddfcca5275803c1 CVE-2016-10268.patch +ed173f71e159a9bb22c602d067e455843e10484173aabdc085ee718afd404f4b58f77373a3526c16ac7c91395bbb277218b7a8ca840db4e3482d715661987236 CVE-2016-10268.patch 3a807132bf751b9e3c0e5a014b6cd9c9b98f79581b2d70167af3e29797a204fe2977349052042757f9bc634faa1afbec01462a947c739fb1ee9b7249341e4879 CVE-2016-10269.patch 1db4890259028c1c29c15137e743e376e1044475b1a3bbdeb946a1b54708a85422217228aed5f5c8ddf2cf156ec75264b430d1d3aa3539b805809d69522f84b5 CVE-2016-10270.patch 001a2df978f51025771c243edee2d033c91114bdd5318a05730b910add9c70f219a848faad899f27421ca18da6ce9972013aa3ecf689cf4ea37ac5409b4b6244 CVE-2017-5225.patch diff --git a/main/tiff/CVE-2016-10268.patch b/main/tiff/CVE-2016-10268.patch index ce5f9be7a2..73e4552a77 100644 --- a/main/tiff/CVE-2016-10268.patch +++ b/main/tiff/CVE-2016-10268.patch @@ -7,27 +7,9 @@ Subject: [PATCH] * tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips http://bugzilla.maptools.org/show_bug.cgi?id=2598 --- - ChangeLog | 7 +++++++ tools/tiffcp.c | 2 +- - 2 files changed, 8 insertions(+), 1 deletion(-) + 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/ChangeLog b/ChangeLog -index 668b66a..0f154d6 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -1,5 +1,12 @@ - 2016-12-02 Even Rouault - -+ * tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips that -+ can cause various issues, such as buffer overflows in the library. -+ Reported by Agostino Sarubbo. -+ Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598 -+ -+2016-12-02 Even Rouault -+ - * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow in - TIFFReadEncodedStrip() that caused an integer division by zero. - Reported by Agostino Sarubbo. diff --git a/tools/tiffcp.c b/tools/tiffcp.c index a99c906..f294ed1 100644 --- a/tools/tiffcp.c -- cgit v1.2.3