Date: Thursday, October 24, 2013 @ 01:16:55 Author: eric Revision: 197203
upgpkg: libtiff 4.0.3-4 Add security patch (close FS#37462) Added: libtiff/trunk/libtiff-CVE-2013-4244.patch Modified: libtiff/trunk/PKGBUILD -----------------------------+ PKGBUILD | 10 +++++++--- libtiff-CVE-2013-4244.patch | 15 +++++++++++++++ 2 files changed, 22 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2013-10-23 20:31:32 UTC (rev 197202) +++ PKGBUILD 2013-10-23 23:16:55 UTC (rev 197203) @@ -3,7 +3,7 @@ pkgname=libtiff pkgver=4.0.3 -pkgrel=3 +pkgrel=4 pkgdesc="Library for manipulation of TIFF images" arch=('i686' 'x86_64') url="http://www.remotesensing.org/libtiff/" @@ -20,7 +20,8 @@ tiff-4.0.3-libjpeg-turbo.patch tiff-4.0.3-tiff2pdf-colors.patch tiff-4.0.3-CVE-2013-4231.patch - tiff-4.0.3-CVE-2013-4232.patch) + tiff-4.0.3-CVE-2013-4232.patch + libtiff-CVE-2013-4244.patch) sha1sums=('652e97b78f1444237a82cbcfe014310e776eb6f0' '41be661638282dae0d07bd2788414cb6650f8981' '6cb3d480908132335c05c769b5a51f951413725d' @@ -29,7 +30,8 @@ '02d57835df50d3f84587571ec52b36f5af838de2' '23443ad0bc130d70860b6cc6d19b69584ae7a6cc' '969f588e9da5991e7f17dddf69ae59424b05fa16' - '2a23c55d081bed74ac8dd99541a93d312cc72b64') + '2a23c55d081bed74ac8dd99541a93d312cc72b64' + '01c6792ba2470493da4d990edae8de6c13bd4670') prepare() { cd tiff-${pkgver} @@ -39,9 +41,11 @@ patch -p1 -i "${srcdir}/tiff-4.0.3-CVE-2013-1960.patch" patch -p1 -i "${srcdir}/tiff-4.0.3-CVE-2013-1961.patch" patch -p1 -i "${srcdir}/tiff-4.0.3-libjpeg-turbo.patch" + patch -p1 -i "${srcdir}/libtiff-CVE-2013-4244.patch" cd tools patch -p0 -i "${srcdir}/tiff-4.0.3-CVE-2013-4231.patch" patch -p0 -i "${srcdir}/tiff-4.0.3-CVE-2013-4232.patch" + } build() { Added: libtiff-CVE-2013-4244.patch =================================================================== --- libtiff-CVE-2013-4244.patch (rev 0) +++ libtiff-CVE-2013-4244.patch 2013-10-23 23:16:55 UTC (rev 197203) @@ -0,0 +1,15 @@ +diff --git a/tools/gif2tiff.c b/tools/gif2tiff.c +index 375b152..2731273 100644 +--- a/tools/gif2tiff.c ++++ b/tools/gif2tiff.c +@@ -402,6 +402,10 @@ process(register int code, unsigned char** fill) + } + + if (oldcode == -1) { ++ if (code >= clear) { ++ fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear); ++ return 0; ++ } + *(*fill)++ = suffix[code]; + firstchar = oldcode = code; + return 1;