# Contributor: Sergei Lukin # Contributor: Leonardo Arena # Maintainer: Michael Mason pkgname=tiff pkgver=4.0.9 pkgrel=4 pkgdesc="Provides support for the Tag Image File Format or TIFF" url="http://www.libtiff.org/" arch="all" license="GPL" depends= depends_dev="zlib-dev libjpeg-turbo-dev" makedepends="libtool autoconf automake $depends_dev" subpackages="$pkgname-doc $pkgname-dev $pkgname-tools" source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz CVE-2017-18013.patch CVE-2018-5784.patch CVE-2018-7456.patch CVE-2018-8905.patch " # secfixes: # 4.0.9-r4: # - CVE-2018-8905 # 4.0.9-r3: # - CVE-2018-7456 # 4.0.9-r2: # - CVE-2018-5784 # 4.0.9-r1: # - CVE-2017-18013 # 4.0.9-r0: # - CVE-2017-16231 # - CVE-2017-16232 # 4.0.8-r0: # - CVE-2017-9936 # - CVE-2017-10688 # 4.0.7-r2: # - CVE-2017-7592 # - CVE-2017-7593 # - CVE-2017-7594 # - CVE-2017-7595 # - CVE-2017-7596 # - CVE-2017-7598 # - CVE-2017-7601 # - CVE-2017-7602 # 4.0.7-r1: # - CVE-2017-5225 # 4.0.7-r0: # - CVE-2016-9273 # - CVE-2016-9297 # - CVE-2016-9448 # - CVE-2016-9453 # - CVE-2016-3186 # - CVE-2016-3621 # - CVE-2016-3622 # - CVE-2016-3623 # - CVE-2016-3624 # - CVE-2016-3625 # - CVE-2016-3658 # - CVE-2014-8127 # - CVE-2016-5314 # - CVE-2016-5315 # - CVE-2016-5316 # - CVE-2016-5317 # - CVE-2016-5320 # - CVE-2016-5875 # - CVE-2016-5321 # - CVE-2016-5323 # - CVE-2016-5652 builddir="$srcdir"/$pkgname-$pkgver prepare() { local _failed= cd "$builddir" update_config_sub || return 1 for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$i || _failed="$_failed $i";; esac done } build() { cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ --infodir=/usr/share/info \ --disable-cxx \ || return 1 make || return 1 } package() { cd "$builddir" make DESTDIR="$pkgdir" install } tools() { pkgdesc="Command-line utility programs for manipulating TIFF files" mkdir -p "$subpkgdir"/usr/ mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } md5sums="54bad211279cc93eb4fca31ba9bfdc79 tiff-4.0.9.tar.gz 13fa73a74348ba75401c8d1c01e08fc4 CVE-2017-18013.patch" sha256sums="6e7bdeec2c310734e734d19aae3a71ebe37a4d842e0e23dbb1b8921c0026cfcd tiff-4.0.9.tar.gz 560808f75587b03bcb0f98f123abb7fd642443edc4e5ea31e14510e2f79068a3 CVE-2017-18013.patch" sha512sums="04f3d5eefccf9c1a0393659fe27f3dddd31108c401ba0dc587bca152a1c1f6bc844ba41622ff5572da8cc278593eff8c402b44e7af0a0090e91d326c2d79f6cd tiff-4.0.9.tar.gz 3a31e4315ecc5c5bf709e2ca0fefb5bc7ff50c79f911b8b8366be38d007d3f79e89982700a620b2d82739313fbd79041428dbf3ecf0a790c9ec3bc2e211d6fce CVE-2017-18013.patch c9cb1f712241c5bbd01910d4f4becf50ba8498bb04393f45451af4ace948b6a41b3d887adc9fbce1a53edeb0aeba03868f4d31428f3c5813ed14bb4b6f4c0f96 CVE-2018-5784.patch 8f3ad4065f6ef349c4bd0fe9161cbe19744fbbc89f17c52eb4e43548ca4816f09c7f7e270cb77ced820a95ca009b5f7ad65ee79e7b23ffe1d31c137e3b2bef47 CVE-2018-7456.patch ba283d0def89bf7caee753f39b5717780e9aec2ba32b8ce400b3d86b50eb1414a92bd56ebcf5e9550436a71aa18c55e31c6b5966f24dc5ec1863f28ca769d887 CVE-2018-8905.patch"