1. CR # 6858149
Synopsis: CVE-2009-2347 Integer overflow in libtiff utilities
2. Product : JDS
3. Release : Solaris Nevada
4. Changed Files
A patches/libtiff-04-CVE-2009-2347.diff
M SUNWTiff.spec
5. Code Changes:
See File -
/net/drosera.india/export/users/an230044/6858149/SNV/libtiff-04-CVE-2009-2347.diff
Path to Workspace - /net/drosera.india/export/users/an230044/6858149/SNV/
Index: SUNWTiff.spec
===================================================================
--- SUNWTiff.spec (revision 18714)
+++ SUNWTiff.spec (working copy)
@@ -30,6 +30,9 @@
# date:2008-09-03 owner:johnf type:bug bugster:6743799 state:upstream
# upstream, taken from RHEL by Even Rouault
Patch3: libtiff-03-CVE-2008-2327.diff
+# date:2009-07-14 owner:abhijit nath type:bug bugster:6858149
state:upstream
+# upstream, taken from libtiff 4.0
+Patch4: libtiff-04-CVE-2009-2347.diff
SUNW_BaseDir: %{_prefix}
SUNW_Copyright: %{name}.copyright
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -54,6 +57,7 @@
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
gzcat %SOURCE1 | tar -xf -
%ifarch amd64 sparcv9
@@ -171,6 +175,8 @@
%{_mandir}/man3tiff/*
%changelog
+* Tue Jul 14 2009 - abhijit.nath at sun.com
+- add patch libtiff-04-CVE-2009-2347.diff to fix bug CR6858149
* Tue Jun 02 2009 - dave.lin at sun.com
- add 'Requires: SUNWjpg' to fix bug CR6842550
* Thu Sep 4 2008 - john.fischer at sun.com
