Up to [cvs.NetBSD.org] / pkgsrc / graphics / tiff
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.165 / (download) - annotate - [select for diffs], Sun Dec 17 17:56:37 2023 UTC (3 months, 1 week ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base,
pkgsrc-2023Q4,
HEAD
Changes since 1.164: +3 -3
lines
Diff to previous 1.164 (colored) to selected 1.103.2.1 (colored)
tiff: disable libdeflate Having both zlib and libdeflate doesn't make much sense; change was incomplete since it would have required a recursive bump for tiff; and with the branch this close, we don't want that. Bump PKGREVISION.
Revision 1.164 / (download) - annotate - [select for diffs], Sun Dec 17 17:01:59 2023 UTC (3 months, 1 week ago) by thor
Branch: MAIN
Changes since 1.163: +3 -2
lines
Diff to previous 1.163 (colored) to selected 1.103.2.1 (colored)
graphics/tiff: explicitly use libdeflate Otherwise it is found and used in a host GNU/Linux distro, messing up dependents which lack it in buildlinks.
Revision 1.163 / (download) - annotate - [select for diffs], Sun Dec 17 16:46:18 2023 UTC (3 months, 1 week ago) by thor
Branch: MAIN
Changes since 1.162: +3 -4
lines
Diff to previous 1.162 (colored) to selected 1.103.2.1 (colored)
graphics/libtiff: use pkg-config to properly detect deps, remove --without-x The --without-x is defunct. The configure script wants to use pkg-config, it should be able to.
Revision 1.162 / (download) - annotate - [select for diffs], Mon Oct 16 15:54:35 2023 UTC (5 months, 1 week ago) by wiz
Branch: MAIN
Changes since 1.161: +1 -2
lines
Diff to previous 1.161 (colored) to selected 1.103.2.1 (colored)
tiff: reset PKGREVISION after update
Revision 1.161 / (download) - annotate - [select for diffs], Mon Oct 16 15:38:19 2023 UTC (5 months, 1 week ago) by gdt
Branch: MAIN
Changes since 1.160: +4 -8
lines
Diff to previous 1.160 (colored) to selected 1.103.2.1 (colored)
graphics/tiff: Update to 4.6.0 Following upstream guidance, tools that are no longer supported are not built by the package. As raised on tech-pkg on October 2, with no objections or even comments. Upstream NEWS content: This version removes a big number of utilities that have suffered from lack of maintenance over the years and were the source of various reported security issues. See "Removed functionality" below for the list of removed utilities. Starting with libtiff v4.6.0, the source code for most TIFF tools (except tiffinfo, tiffdump, tiffcp and tiffset) was discontinued, due to the lack of contributors able to address reported security issues. tiff2ps and tiff2pdf source code has been moved in a unsupported category, no longer built by default, but are still part of the the source distribution. Other retired utilities are in a archive/ directory, only available in the libtiff git repository. Issues related to unsupported and archived tools will no longer be accepted in the libtiff bug tracker. The usual bugfixes.
Revision 1.160 / (download) - annotate - [select for diffs], Wed Sep 13 11:13:42 2023 UTC (6 months, 2 weeks ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base,
pkgsrc-2023Q3
Changes since 1.159: +2 -1
lines
Diff to previous 1.159 (colored) to selected 1.103.2.1 (colored)
tiff: Ask that it not be updated pre-branch The just-released version withdraws a large number of utilities. This is very likely to cause breakage. I intend to update just after the branch.
Revision 1.158.2.1 / (download) - annotate - [select for diffs], Fri Aug 18 18:13:39 2023 UTC (7 months, 1 week ago) by bsiegert
Branch: pkgsrc-2023Q2
Changes since 1.158: +2 -1
lines
Diff to previous 1.158 (colored) next main 1.159 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #6793 - requested by nia graphics/tiff: build fix Revisions pulled up: - graphics/tiff/Makefile 1.159 - graphics/tiff/distinfo 1.106 - graphics/tiff/patches/patch-configure 1.6 --- Module Name: pkgsrc Committed By: nia Date: Thu Aug 17 10:20:39 UTC 2023 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-configure Log Message: tiff: Use only libs_private to express a dependency on liblzma requires_private assumes the presence of a .pc file, which is not the case on NetBSD 9.x. This allows builds external from pkgsrc dependending on libtiff to not fire errors when they fail to find a corresponding .pc file for liblzma, but still acknowledge the liblzma dependency. PR pkg/57539
Revision 1.159 / (download) - annotate - [select for diffs], Thu Aug 17 10:20:39 2023 UTC (7 months, 1 week ago) by nia
Branch: MAIN
Changes since 1.158: +2 -1
lines
Diff to previous 1.158 (colored) to selected 1.103.2.1 (colored)
tiff: Use only libs_private to express a dependency on liblzma requires_private assumes the presence of a .pc file, which is not the case on NetBSD 9.x. This allows builds external from pkgsrc dependending on libtiff to not fire errors when they fail to find a corresponding .pc file for liblzma, but still acknowledge the liblzma dependency. PR pkg/57539
Revision 1.158 / (download) - annotate - [select for diffs], Mon Jun 19 17:34:13 2023 UTC (9 months, 1 week ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base
Branch point for: pkgsrc-2023Q2
Changes since 1.157: +2 -1
lines
Diff to previous 1.157 (colored) to selected 1.103.2.1 (colored)
tiff: don't try to rebuild docs if sphinx-build is present. Fixes PLIST mismatch (DESTDIR is missing _sources/multi_page.rst.txt and multi_page.html) in that case, at least on my macOS system. No change on my NetBSD system without sphinx.
Revision 1.157 / (download) - annotate - [select for diffs], Wed Jun 14 13:03:31 2023 UTC (9 months, 2 weeks ago) by gdt
Branch: MAIN
Changes since 1.156: +3 -4
lines
Diff to previous 1.156 (colored) to selected 1.103.2.1 (colored)
graphics/tiff: Update to 4.5.1 packaging changes: adjust PLIST for changed doc build The following programs will be dropped in 4.6.0: bin/fax2ps bin/fax2tiff bin/pal2rgb bin/ppm2tiff bin/raw2tiff bin/tiff2bw bin/tiff2pdf bin/tiff2ps bin/tiff2rgba bin/tiffcmp bin/tiffcrop bin/tiffdither bin/tiffmedian bin/tiffsplit Upstream NEWS: DEPRECATION WARNING for 4.6.0: This version will be the last one supporting most TIFF tools (except tiffinfo, tiffdump, tiffcp and tiffset), whose maintenance will be discontinued, due to the lack of contributors able to address reported security issues. Starting with libtiff v4.6.0, their source code, at this time ,will still be available in the source distribution, but they will no longer be built by default, and issues related to them will no longer be accepted in the libtiff bug tracker. New/improved functionalities: Hardcode HOST_FILLORDER to FILLORDER_LSB2MSB and make 'H' flag of TIFFOpen() to warn and an alias of FILLORDER_MSB2LSB. tif_lerc.c: use WORDS_BIGENDIAN instead of HOST_BIGENDIAN. Bug fixes (many) Build system and formatting improvements (many)
Revision 1.156 / (download) - annotate - [select for diffs], Sun Feb 12 09:45:47 2023 UTC (13 months, 2 weeks ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base,
pkgsrc-2023Q1
Changes since 1.155: +3 -1
lines
Diff to previous 1.155 (colored) to selected 1.103.2.1 (colored)
tiff: wire down zstd to disabled so it doesn't get randomly enabled
Revision 1.155 / (download) - annotate - [select for diffs], Tue Jan 3 16:38:50 2023 UTC (14 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.154: +2 -2
lines
Diff to previous 1.154 (colored) to selected 1.103.2.1 (colored)
tiff: update to 4.5.0. Changes in TIFF v4.5.0 ====================== Major changes ------------- * Whole code base reformatting of .c/.h files using new .clang-format format * Documentation changed from static HTML and man pages to Restructured Text (rst). HTML and man pages are now build artifacts. Software configuration changes ------------------------------ * SONAME version bumped to 6 due to changes in symbol versioning. * autoconf/cmake: detect (not yet released) libjpeg-turbo 2.2 to take into its capability of handling both 8-bit JPEG and 12-bit JPEG in a single build. * autoconf/cmake: detect sphinx-build to build HTML and man pages * CMakeLists.txt: fix warning with -Wdev * CMake: correctly set default value of 'lzma' option when liblzma is detected (:issue:`482`) * CMake: Moved linking of CMath::CMath into CMath_LIBRARY check. * Fix CMake build to be compatible with FetchContent. * cmake: Correct duplicate definition of _CRT_SECURE_NO_WARNINGS (:issue:`443`) * cmake: Fixes for Visual Studio 2022. * Adds Requires.private generation so that pkg-config can correctly find the dependencies of libtiff. * Fix dependency on libm on Android * cmake: libtiffxx is static on win32 * Fix build in tif_lzw.c * CMake: Add options for disabling tools, tests, contrib and docs. Library changes --------------- New/improved functionalities: * Addition of an open option concept with the new functions :c:func:`TIFFOpenExt`, :c:func:`TIFFOpenWExt`, :c:func:`TIFFFdOpenExt`, :c:func:`TIFFClientOpenExt`, :c:func:`TIFFOpenOptionsAlloc`, :c:func:`TIFFOpenOptionsFree` * Leveraging above mentioned open option concept, addition of a new capability to limit the size of a single dynamic memory allocation done by the library with :c:func:`TIFFOpenOptionsSetMaxSingleMemAlloc` * Leveraging above mentioned open option concept, addition of a new capability to specify per-TIFF handle re-entrant error and warning callbacks with :c:func:`TIFFOpenOptionsSetErrorHandlerExtR` and :c:func:`TIFFOpenOptionsSetWarningHandlerExtR` * Related to IFD-Loop detection refactoring, the number of IFDs that libtiff can browse through has been extended from 65535 to 1048576. This value is a build-time setting that can be configured with CMake's TIFF_MAX_DIR_COUNT variable or autoconf's --with-max-dir-count option. API/ABI breaks: * tdir_t type updated to uint32_t. This type is now used for the return value of :c:func:`TIFFCurrentDirectory` and :c:func:`TIFFNumberOfDirectories`, and as the argument of :c:func:`TIFFSetDirectory` and :c:func:`TIFFUnlinkDirectory` Bug fixes: * TIFFWriteRawStrip(): restore capabilities to append data in the current strip (:issue:`489`) * _TIFFReadEncodedTileAndAllocBuffer(): avoid excessive memory allocation on broken files (:issue:`479`) * TIFFReadRGBATileExt(): fix (unsigned) integer overflow on strips/tiles > 2 GB (oss-fuzz #53137) * Replace sprintf calls with snprintf to fix warnings on macOS 13 SDK * Added warning messages for FIELD_IGNORE tags for writing and for TIFF_SETGET_UNDEFINED for reading added. (:issue:`438`) * tif_dirinfo.c: fix TIFFTAG_CLIPPATH tag declaration (:issue:`439`) * tif_dirinfo.c: fix TIFFTAG_COMPRESSION and _BITSPERSAMPLE tag declaration (:issue:`364`) * Revised handling of TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value (:issue:`149`, :issue:`150`, :issue:`152`, :issue:`168`, :issue:`250`, :issue:`269`,:issue:`398`, CVE-2022-3599, :issue:`456`) * TIFFAdvanceDirectory(): fix unsigned-integer-overflow in mapped case (oss-fuzz #52309) * Improved/fixes IFD-Loop Handling (:issue:`455`). * Update getimage to support large raster images. * Presetting of default tag values extended (e.g. PlanarConfig). (:issue:`449`) * Deal with RichTIFFIPTC tag written with LONG type (:issue:`225`) * TIFFSetValue(): Writing IFD8 & LONG8 tags to ClassicTIFF corrected (:issue:`442`) * tif_jpeg.c: allow to pass -DEXPECTED_JPEG_LIB_VERSION=number to do optional compile-time version check * TIFFReadFromUserBuffer(): fix clearing of TIFF_CODERSETUP flag that could cause issues with reading JPEG compressed files * _TIFFCheckFieldIsValidForCodec(): return FALSE when passed a codec-specific tag and the codec is not configured (:issue:`433`, :issue:`486`, CVE-2022-34526) * Add basic 16 bit cielab support. * WEBP codec: avoid temporary buffer and memcpy() on whole tile/strip decoding * tif_predict.c: make horAcc8() work with icc (ICC) 2021.6.0 20220226 -O2 Tools changes ------------- New/improved functionality: * :program:`tiffinfo`: Updated to parse through SubIFDs and show their tags. Bug fixes: * :program:`tiffcrop`: add check if (bps != 1) in writeSingleSection() (:issue:`169`) * :program:`tiffcrop`: Fix too many 'mode' options on command line (:issue:`470` and :issue:`450`) * :program:`tiffcrop`: Fix memory allocation to require a larger buffer (:issue:`271`, :issue:`381`, :issue:`386`, :issue:`388`, :issue:`389`, :issue:`435`, CVE-2022-3570, CVE-2022-3598) * :program:`tiffcrop`: disable incompatibility of -Z, -X, -Y, -z options with any PAGE_MODE_x option (:issue:`411`, CVE-2022-3627, :issue:`413`, CVE-2022-3597, :issue:`426`, CVE-2022-3626) * :program:`tiffcrop`: -S option mutually exclusive (:issue:`349`, :issue:`414`, :issue:`422`, :issue:`423`, :issue:`424`) * :program:`tiffcrop`: fix floating-point exception (:issue:`415`, :issue:`427`, :issue:`428`, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058) * :program:`tiff2pdf`: Don't try to seek into stdout (:issue:`441`) * :program:`tiffinfo`: update curdir from uint16_t to tdir_t for more than 64k IFD handling.
Revision 1.154 / (download) - annotate - [select for diffs], Sun Jun 5 14:02:44 2022 UTC (21 months, 3 weeks ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4,
pkgsrc-2022Q3-base,
pkgsrc-2022Q3,
pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.153: +2 -2
lines
Diff to previous 1.153 (colored) to selected 1.103.2.1 (colored)
graphics/tiff: Require c99 Upstream says C99 is required (during a discussion about README not specifying prereqs).
Revision 1.153 / (download) - annotate - [select for diffs], Sun May 29 12:24:16 2022 UTC (22 months ago) by gdt
Branch: MAIN
Changes since 1.152: +7 -3
lines
Diff to previous 1.152 (colored) to selected 1.103.2.1 (colored)
graphics/tiff: Update to 4.4.0 Upstream does not provide NEWS. Skimming over 1300 lines of ChangeLog, this release contains mostly bufixes, speed improvemnents, and other minor improvements. This commit drops 5 patches for CVEs. These patches all appear to have been taken from the upstream repo. One CVE remains: https://nvd.nist.gov/vuln/detail/CVE-2018-10126 http://bugzilla.maptools.org/show_bug.cgi?id=2786 https://gitlab.com/libtiff/libtiff/-/issues/128
Revision 1.152 / (download) - annotate - [select for diffs], Fri Mar 25 09:32:49 2022 UTC (2 years ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2022Q1
Changes since 1.151: +2 -2
lines
Diff to previous 1.151 (colored) to selected 1.103.2.1 (colored)
tiff: apply fixes for CVE-2022-0561 CVE-2022-0907 CVE-2022-0891 CVE-2022-0907 CVE-2022-0909 bump PKGREVISION again...
Revision 1.151 / (download) - annotate - [select for diffs], Fri Mar 25 08:36:37 2022 UTC (2 years ago) by nia
Branch: MAIN
Changes since 1.150: +2 -1
lines
Diff to previous 1.150 (colored) to selected 1.103.2.1 (colored)
tiff: apply fixes for CVE-2022-22844 CVE-2022-0561 CVE-2022-0562 This is tiff-4.3.0nb1.
Revision 1.150 / (download) - annotate - [select for diffs], Mon Jun 14 20:45:03 2021 UTC (2 years, 9 months ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base,
pkgsrc-2021Q4,
pkgsrc-2021Q3-base,
pkgsrc-2021Q3,
pkgsrc-2021Q2-base,
pkgsrc-2021Q2
Changes since 1.149: +7 -1
lines
Diff to previous 1.149 (colored) to selected 1.103.2.1 (colored)
Rename VERSION to VERSION.txt so that it does not collide with the C++ version header on case-insensitive filesystems (via MacPorts). No change intended to installed package.
Revision 1.149 / (download) - annotate - [select for diffs], Tue Apr 20 13:12:54 2021 UTC (2 years, 11 months ago) by gdt
Branch: MAIN
Changes since 1.148: +3 -3
lines
Diff to previous 1.148 (colored) to selected 1.103.2.1 (colored)
graphics/tiff: Update to 4.3.0 Upstream changes: tiff requires C99 and uses C99 types. The previous tiff types are deprecated. new codec for LERC bugfixes pruning of things no longer in use https://libtiff.gitlab.io/libtiff/v4.3.0.html
Revision 1.148 / (download) - annotate - [select for diffs], Mon Jan 4 18:05:03 2021 UTC (3 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base,
pkgsrc-2021Q1
Changes since 1.147: +2 -3
lines
Diff to previous 1.147 (colored) to selected 1.103.2.1 (colored)
tiff: update to 4.2.0. MAJOR CHANGES: Optional support for using libdeflate is added. Many of the tools now support a memory usage limit. CHANGES IN LIBTIFF: A great many issues discovered by fuzzers (via oss-fuzz and other reports) have been addressed. EXIF 2.32 and GPS tags and functionality have been upgraded: Existing EXIF field definition of tags are upgraded to EXIF version 2.3.2 EXIF-GPS structure, tags and access functions are added as special CustomDirectory (like it was done for EXIF). Reading error for FileSource and SceneType tags corrected. Make TIFFTAG_CFAPATTERN variable count. Cmake configuration fixes for big-endian targets. Added support for optional building against libdeflate for faster Zip/Deflate compression/decompression. We now have 2 kinds of builds with the Zip/Deflate codec: zlib only zlib + libdeflate Speed improvements in the 35%-50% range can be expected when libdeflate is used. Compression level up to 12 is now supported (capped to 9 when zlib is used). Still requires zlib for situations where libdeflate cannot be used (that is for scanline access, since libdeflate has no streaming mode) Pseudo-tag TIFFTAG_DEFLATE_SUBCODEC=DEFLATE_SUBCODEC_ZLIB/DEFLATE_SUBCODEC_LIBDEFLATE is added to control which subcodec (zlib or libdeflate) should be used (it defaults of course to libdeflate, when it is available). This is mostly aimed at being used on the writing side, to be able to reproduce output of previous libtiff versions at a binary level, in situations where this would be really needed. Or as a safety belt in case there would be unforeseen issues with using libdeflate. It can be used to know when libdeflate is available at runtime (DEFLATE_SUBCODEC_LIBDEFLATE will be the default value in that situation). Of course, deflate codestreams produced by libdeflate can be read by zlib, and vice-versa. CHANGES IN THE TOOLS: A great many issues discovered by fuzzers (via oss-fuzz and other reports) have been addressed. ppm2tiff: support any bps value from 1 to 16. tiff2ps, tiff2rgba: A default memory limit is now enforced (256MiB) and a '-M' option is added to allow the user to adjust the limit. tiff2pdf, tiffcp: A default memory limit is now enforced (256MiB) and a '-m' option is added to allow the user to adjust the limit. tiffcrop: A default memory limit is now enforced (256MiB) and a '-k' option is added to allow the user to adjust the limit. tiff2pdf: fix "raw" copy of Deflate streams. tiff2pdf.c: properly calculate datasize when saving to JPEG YCbCr tiffcp: disable strip chopping when trying to convert to JBIG compression
Revision 1.147 / (download) - annotate - [select for diffs], Tue Aug 18 00:42:27 2020 UTC (3 years, 7 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base,
pkgsrc-2020Q4,
pkgsrc-2020Q3-base,
pkgsrc-2020Q3
Changes since 1.146: +3 -1
lines
Diff to previous 1.146 (colored) to selected 1.103.2.1 (colored)
tiff: explicitly pass --disable-webp. Bump rev. We don't want it to randomly pick up system libwebp on Linux. If there is a use case for webp compression here it should use the pkgsrc library. Reported-by: "Dr. Thomas Orgis" <thomas.orgis@uni-hamburg.de>
Revision 1.146 / (download) - annotate - [select for diffs], Mon Nov 4 01:11:38 2019 UTC (4 years, 4 months ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base,
pkgsrc-2020Q2,
pkgsrc-2020Q1-base,
pkgsrc-2020Q1,
pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.145: +2 -3
lines
Diff to previous 1.145 (colored) to selected 1.103.2.1 (colored)
graphics/tiff: Update to 4.1.0 Upstream changes are basically minor improvements and bugfixes. Specifically upstream states that there are no ABI changes. Multiple security bugs are fixed due to fuzzing; patches are dropped because they were backported from upstream.
Revision 1.144.6.1 / (download) - annotate - [select for diffs], Thu Jul 18 13:32:31 2019 UTC (4 years, 8 months ago) by bsiegert
Branch: pkgsrc-2019Q2
Changes since 1.144: +2 -1
lines
Diff to previous 1.144 (colored) next main 1.145 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #6004 - requested by nia graphics/tiff: security fix Revisions pulled up: - graphics/tiff/Makefile 1.145 - graphics/tiff/distinfo 1.94 - graphics/tiff/patches/patch-CVE-2018-12900 1.1 - graphics/tiff/patches/patch-CVE-2018-17000 1.1 - graphics/tiff/patches/patch-CVE-2018-19210 1.1 - graphics/tiff/patches/patch-CVE-2019-6128 1.1 --- Module Name: pkgsrc Committed By: nia Date: Wed Jul 17 09:25:45 UTC 2019 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-CVE-2018-12900 patch-CVE-2018-17000 patch-CVE-2018-19210 patch-CVE-2019-6128 Log Message: tiff: Apply patches from upstream's git for the following CVEs: CVE-2018-12900 - buffer-overflow CVE-2018-17000 - denial-of-service CVE-2018-19210 - null-pointer-dereference CVE-2019-6128 - memory-leak Bump PKGREVISION.
Revision 1.145 / (download) - annotate - [select for diffs], Wed Jul 17 09:25:45 2019 UTC (4 years, 8 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base,
pkgsrc-2019Q3
Changes since 1.144: +2 -1
lines
Diff to previous 1.144 (colored) to selected 1.103.2.1 (colored)
tiff: Apply patches from upstream's git for the following CVEs: CVE-2018-12900 - buffer-overflow CVE-2018-17000 - denial-of-service CVE-2018-19210 - null-pointer-dereference CVE-2019-6128 - memory-leak Bump PKGREVISION.
Revision 1.141.4.3 / (download) - annotate - [select for diffs], Thu Nov 22 05:50:52 2018 UTC (5 years, 4 months ago) by spz
Branch: pkgsrc-2018Q3
Changes since 1.141.4.2: +3 -4
lines
Diff to previous 1.141.4.2 (colored) to branchpoint 1.141 (colored) next main 1.142 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #5881 - requested by maya graphics/tiff: security update Revisions pulled up: - graphics/tiff/Makefile 1.144 - graphics/tiff/PLIST 1.26 - graphics/tiff/distinfo 1.93 - graphics/tiff/patches/patch-CVE-2017-11613 deleted - graphics/tiff/patches/patch-CVE-2017-18013 deleted - graphics/tiff/patches/patch-CVE-2017-9935 deleted - graphics/tiff/patches/patch-CVE-2018-10963 deleted - graphics/tiff/patches/patch-CVE-2018-17100 deleted - graphics/tiff/patches/patch-CVE-2018-17101 deleted - graphics/tiff/patches/patch-CVE-2018-5784 deleted - graphics/tiff/patches/patch-CVE-2018-8905 deleted - graphics/tiff/patches/patch-libtiff_tif__jbig.c deleted - graphics/tiff/patches/patch-libtiff_tif__read.c deleted - graphics/tiff/patches/patch-tools_pal2rgb.c deleted ------------------------------------------------------------------- Module Name: pkgsrc Committed By: maya Date: Sat Nov 10 21:14:54 UTC 2018 Modified Files: pkgsrc/graphics/tiff: Makefile PLIST distinfo Removed Files: pkgsrc/graphics/tiff/patches: patch-CVE-2017-11613 patch-CVE-2017-18013 patch-CVE-2017-9935 patch-CVE-2018-10963 patch-CVE-2018-17100 patch-CVE-2018-17101 patch-CVE-2018-5784 patch-CVE-2018-8905 patch-libtiff_tif__jbig.c patch-libtiff_tif__read.c patch-tools_pal2rgb.c Log Message: tiff: update to 4.0.10 It has been a year since the previous release. This is the first release made from the Git repository at https://gitlab.com/libtiff/libtiff using a collaborative process. Since the previous release, a number of security issues have been fixed, and some significant new features have been added. This release adds support for Zstd and WebP compression algorithms. In their own way, each of these compression algorithms is highly complimentary to TIFF. Zstd provides improved compression and decompression speed vs zlib's Deflate as well as a broader range of compression ratios. Zstd is developed by Facebook and the implementation continues to be improved. WebP is optimized for small/medium 8-bit images while offering improved compression performance vs traditional JPEG. WebP works well in strips or tiles to compress large images down to very small files, while preserving a good looking image. WebP is developed by Google, and its implementation continues to be improved. Due to Adobe's TIFF tag registration interface going off-line, we have had to assign our own tags for Zstd and WebP. To generate a diff of this commit: cvs rdiff -u -r1.143 -r1.144 pkgsrc/graphics/tiff/Makefile cvs rdiff -u -r1.25 -r1.26 pkgsrc/graphics/tiff/PLIST cvs rdiff -u -r1.92 -r1.93 pkgsrc/graphics/tiff/distinfo cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/tiff/patches/patch-CVE-2017-11613 \ pkgsrc/graphics/tiff/patches/patch-CVE-2017-18013 \ pkgsrc/graphics/tiff/patches/patch-CVE-2017-9935 \ pkgsrc/graphics/tiff/patches/patch-CVE-2018-10963 \ pkgsrc/graphics/tiff/patches/patch-CVE-2018-17100 \ pkgsrc/graphics/tiff/patches/patch-CVE-2018-17101 \ pkgsrc/graphics/tiff/patches/patch-CVE-2018-5784 \ pkgsrc/graphics/tiff/patches/patch-CVE-2018-8905 \ pkgsrc/graphics/tiff/patches/patch-libtiff_tif__jbig.c \ pkgsrc/graphics/tiff/patches/patch-libtiff_tif__read.c \ pkgsrc/graphics/tiff/patches/patch-tools_pal2rgb.c
Revision 1.144 / (download) - annotate - [select for diffs], Sat Nov 10 21:14:53 2018 UTC (5 years, 4 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q1-base,
pkgsrc-2019Q1,
pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Branch point for: pkgsrc-2019Q2
Changes since 1.143: +3 -4
lines
Diff to previous 1.143 (colored) to selected 1.103.2.1 (colored)
tiff: update to 4.0.10 It has been a year since the previous release. This is the first release made from the Git repository at https://gitlab.com/libtiff/libtiff using a collaborative process. Since the previous release, a number of security issues have been fixed, and some significant new features have been added. This release adds support for Zstd and WebP compression algorithms. In their own way, each of these compression algorithms is highly complimentary to TIFF. Zstd provides improved compression and decompression speed vs zlib's Deflate as well as a broader range of compression ratios. Zstd is developed by Facebook and the implementation continues to be improved. WebP is optimized for small/medium 8-bit images while offering improved compression performance vs traditional JPEG. WebP works well in strips or tiles to compress large images down to very small files, while preserving a good looking image. WebP is developed by Google, and its implementation continues to be improved. Due to Adobe's TIFF tag registration interface going off-line, we have had to assign our own tags for Zstd and WebP.
Revision 1.141.4.2 / (download) - annotate - [select for diffs], Mon Oct 29 14:49:32 2018 UTC (5 years, 5 months ago) by bsiegert
Branch: pkgsrc-2018Q3
Changes since 1.141.4.1: +1 -1
lines
Diff to previous 1.141.4.1 (colored) to branchpoint 1.141 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #5867 - requested by spz graphics/tiff: security fix Revisions pulled up: - graphics/tiff/Makefile 1.143 - graphics/tiff/distinfo 1.92 - graphics/tiff/patches/patch-CVE-2017-11613 1.1 - graphics/tiff/patches/patch-CVE-2017-18013 1.1 - graphics/tiff/patches/patch-CVE-2018-10963 1.1 - graphics/tiff/patches/patch-CVE-2018-17100 1.1 - graphics/tiff/patches/patch-CVE-2018-17101 1.1 - graphics/tiff/patches/patch-CVE-2018-5784 1.1 --- Module Name: pkgsrc Committed By: spz Date: Sun Oct 28 09:45:07 UTC 2018 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-CVE-2017-11613 patch-CVE-2017-18013 patch-CVE-2018-10963 patch-CVE-2018-17100 patch-CVE-2018-17101 patch-CVE-2018-5784 Log Message: patches from upstream for CVE-2017-11613 CVE-2017-18013 CVE-2018-5784 CVE-2018-10963 CVE-2018-17100 CVE-2018-17101
Revision 1.143 / (download) - annotate - [select for diffs], Sun Oct 28 09:45:07 2018 UTC (5 years, 5 months ago) by spz
Branch: MAIN
Changes since 1.142: +2 -2
lines
Diff to previous 1.142 (colored) to selected 1.103.2.1 (colored)
patches from upstream for CVE-2017-11613 CVE-2017-18013 CVE-2018-5784 CVE-2018-10963 CVE-2018-17100 CVE-2018-17101
Revision 1.141.4.1 / (download) - annotate - [select for diffs], Fri Oct 26 07:02:55 2018 UTC (5 years, 5 months ago) by spz
Branch: pkgsrc-2018Q3
Changes since 1.141: +2 -2
lines
Diff to previous 1.141 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #5853 - requested by maya graphics/tiff: security patch Revisions pulled up: - graphics/tiff/Makefile 1.142 - graphics/tiff/distinfo 1.91 - graphics/tiff/patches/patch-libtiff_tif__jbig.c 1.1 - graphics/tiff/patches/patch-libtiff_tif__read.c 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: maya Date: Thu Oct 25 22:58:05 UTC 2018 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tif__jbig.c patch-libtiff_tif__read.c Log Message: tiff: apply fix for CVE-2018-18557 >From 681748ec2f5ce88da5f9fa6831e1653e46af8a66 Mon Sep 17 00:00:00 2001 From: Even Rouault <even.rouault@spatialys.com> Date: Sun, 14 Oct 2018 16:38:29 +0200 Subject: [PATCH 1/1] JBIG: fix potential out-of-bounds write in JBIGDecode() JBIGDecode doesn't check if the user provided buffer is large enough to store the JBIG decoded image, which can potentially cause out-of-bounds write in the buffer. This issue was reported and analyzed by Thomas Dullien. Also fixes a (harmless) potential use of uninitialized memory when tif->tif_rawsize > tif->tif_rawcc And in case libtiff is compiled with CHUNKY_STRIP_READ_SUPPORT, make sure that whole strip data is provided to JBIGDecode() The last part (CHUNKY_STRIP_READ_SUPPORT) was adapted by myself to fit the libtiff release. Bump PKGREVISION. To generate a diff of this commit: cvs rdiff -u -r1.141 -r1.142 pkgsrc/graphics/tiff/Makefile cvs rdiff -u -r1.90 -r1.91 pkgsrc/graphics/tiff/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/tiff/patches/patch-libtiff_tif__jbig.c \ pkgsrc/graphics/tiff/patches/patch-libtiff_tif__read.c
Revision 1.142 / (download) - annotate - [select for diffs], Thu Oct 25 22:58:05 2018 UTC (5 years, 5 months ago) by maya
Branch: MAIN
Changes since 1.141: +2 -2
lines
Diff to previous 1.141 (colored) to selected 1.103.2.1 (colored)
tiff: apply fix for CVE-2018-18557 From 681748ec2f5ce88da5f9fa6831e1653e46af8a66 Mon Sep 17 00:00:00 2001 From: Even Rouault <even.rouault@spatialys.com> Date: Sun, 14 Oct 2018 16:38:29 +0200 Subject: [PATCH 1/1] JBIG: fix potential out-of-bounds write in JBIGDecode() JBIGDecode doesn't check if the user provided buffer is large enough to store the JBIG decoded image, which can potentially cause out-of-bounds write in the buffer. This issue was reported and analyzed by Thomas Dullien. Also fixes a (harmless) potential use of uninitialized memory when tif->tif_rawsize > tif->tif_rawcc And in case libtiff is compiled with CHUNKY_STRIP_READ_SUPPORT, make sure that whole strip data is provided to JBIGDecode() The last part (CHUNKY_STRIP_READ_SUPPORT) was adapted by myself to fit the libtiff release. Bump PKGREVISION.
Revision 1.141 / (download) - annotate - [select for diffs], Thu Jun 21 23:11:04 2018 UTC (5 years, 9 months ago) by tez
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base,
pkgsrc-2018Q2-base,
pkgsrc-2018Q2
Branch point for: pkgsrc-2018Q3
Changes since 1.140: +2 -2
lines
Diff to previous 1.140 (colored) to selected 1.103.2.1 (colored)
tiff: fix for CVE-2018-8905 from https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d
Revision 1.140 / (download) - annotate - [select for diffs], Tue Jan 16 23:52:06 2018 UTC (6 years, 2 months ago) by tez
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base,
pkgsrc-2018Q1
Changes since 1.139: +1 -1
lines
Diff to previous 1.139 (colored) to selected 1.103.2.1 (colored)
tiff: add patch for CVE-2017-9935 from upstream git repo
Revision 1.139 / (download) - annotate - [select for diffs], Sun Dec 3 09:07:06 2017 UTC (6 years, 3 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base,
pkgsrc-2017Q4
Changes since 1.138: +2 -2
lines
Diff to previous 1.138 (colored) to selected 1.103.2.1 (colored)
tiff: add my own patch for CVE-2017-17095. bump PKGREVISION
Revision 1.138 / (download) - annotate - [select for diffs], Sun Nov 19 16:31:04 2017 UTC (6 years, 4 months ago) by he
Branch: MAIN
Changes since 1.137: +3 -3
lines
Diff to previous 1.137 (colored) to selected 1.103.2.1 (colored)
Update tiff to version 4.0.9. Pkgsrc changes: * Adapt PLIST, remove patches for now-integrated bugfixes. Upstream changes: * Many changes related to security & stability. See the source's ChangeLog for the details.
Revision 1.137 / (download) - annotate - [select for diffs], Wed Jun 21 01:08:33 2017 UTC (6 years, 9 months ago) by tez
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base,
pkgsrc-2017Q3,
pkgsrc-2017Q2-base,
pkgsrc-2017Q2
Changes since 1.136: +1 -0
lines
Diff to previous 1.136 (colored) to selected 1.103.2.1 (colored)
fix CVE-2014-8128, CVE-2016-5318, CVE-2015-7554 & CVE-2016-10095 per http://bugzilla.maptools.org/show_bug.cgi?id=2580 also CVE-2017-9147 (http://bugzilla.maptools.org/show_bug.cgi?id=2693)
Revision 1.136 / (download) - annotate - [select for diffs], Mon May 29 13:44:05 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.135: +2 -3
lines
Diff to previous 1.135 (colored) to selected 1.103.2.1 (colored)
Update tiff to version 4.0.8. Pkgsrc changes: * Adapt PLIST, remove patches for now-integrated bugfixes. As the release announcement says: All of the changes are bug and security fixes. Upstream changes: CHANGES IN LIBTIFF: * libtiff/tif_getimage.c, libtiff/tif_open.c: add parenthesis to fix cppcheck clarifyCalculation warnings * libtiff/tif_predict.c, libtiff/tif_print.c: fix printf unsigned vs signed formatting (cppcheck invalidPrintfArgType_uint warnings) * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow in TIFFReadEncodedStrip() that caused an integer division by zero. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596 * libtiff/tif_pixarlog.c, libtiff/tif_luv.c: fix heap-based buffer overflow on generation of PixarLog / LUV compressed files, with ColorMap, TransferFunction attached and nasty plays with bitspersample. The fix for LUV has not been tested, but suffers from the same kind of issue of PixarLog. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604 * libtiff/tif_strip.c: revert the change in TIFFNumberOfStrips() done for http://bugzilla.maptools.org/show_bug.cgi?id=2587 / CVE-2016-9273 since the above change is a better fix that makes it unnecessary. * libtiff/tif_dirread.c: modify ChopUpSingleUncompressedStrip() to instanciate compute ntrips as TIFFhowmany_32(td->td_imagelength, rowsperstrip), instead of a logic based on the total size of data. Which is faulty is the total size of data is not sufficient to fill the whole image, and thus results in reading outside of the StripByCounts/StripOffsets arrays when using TIFFReadScanline(). Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608. * libtiff/tif_ojpeg.c: make OJPEGDecode() early exit in case of failure in OJPEGPreDecode(). This will avoid a divide by zero, and potential other issues. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611 * libtiff/tif_write.c: fix misleading indentation as warned by GCC. * libtiff/tif_fax3.h: revert change done on 2016-01-09 that made Param member of TIFFFaxTabEnt structure a uint16 to reduce size of the binary. It happens that the Hylafax software uses the tables that follow this typedef (TIFFFaxMainTable, TIFFFaxWhiteTable, TIFFFaxBlackTable), although they are not in a public libtiff header. Raised by Lee Howard. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2636 * libtiff/tiffio.h, libtiff/tif_getimage.c: add TIFFReadRGBAStripExt() and TIFFReadRGBATileExt() variants of the functions without ext, with an extra argument to control the stop_on_error behaviour. * libtiff/tif_getimage.c: fix potential memory leaks in error code path of TIFFRGBAImageBegin(). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2627 * libtiff/tif_jpeg.c: increase libjpeg max memory usable to 10 MB instead of libjpeg 1MB default. This helps when creating files with "big" tile, without using libjpeg temporary files. Related to https://trac.osgeo.org/gdal/ticket/6757 * libtiff/tif_jpeg.c: avoid integer division by zero in JPEGSetupEncode() when horizontal or vertical sampling is set to 0. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2653 * libtiff/tif_dirwrite.c: in TIFFWriteDirectoryTagCheckedRational, replace assertion by runtime check to error out if passed value is strictly negative. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2535 * libtiff/tif_dirread.c: avoid division by floating point 0 in TIFFReadDirEntryCheckedRational() and TIFFReadDirEntryCheckedSrational(), and return 0 in that case (instead of infinity as before presumably) Apparently some sanitizers do not like those divisions by zero. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2644 * libtiff/tif_dir.c, tif_dirread.c, tif_dirwrite.c: implement various clampings of double to other data types to avoid undefined behaviour if the output range isn't big enough to hold the input value. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2643 http://bugzilla.maptools.org/show_bug.cgi?id=2642 http://bugzilla.maptools.org/show_bug.cgi?id=2646 http://bugzilla.maptools.org/show_bug.cgi?id=2647 * libtiff/tif_jpeg.c: validate BitsPerSample in JPEGSetupEncode() to avoid undefined behaviour caused by invalid shift exponent. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2648 * libtiff/tif_read.c: avoid potential undefined behaviour on signed integer addition in TIFFReadRawStrip1() in isMapped() case. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2650 * libtiff/tif_getimage.c: add explicit uint32 cast in putagreytile to avoid UndefinedBehaviorSanitizer warning. Patch by Nicolás Peña. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2658 * libtiff/tif_read.c: TIFFReadBufferSetup(): use _TIFFcalloc() to zero initialize tif_rawdata. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2651 * libtiff/tiffio.h, tif_unix.c, tif_win32.c, tif_vms.c: add _TIFFcalloc() * libtiff/tif_luv.c, tif_lzw.c, tif_packbits.c: return 0 in Encode functions instead of -1 when TIFFFlushData1() fails. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2130 * libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesQTable, OJPEGReadHeaderInfoSecTablesDcTable and OJPEGReadHeaderInfoSecTablesAcTable when read fails. Patch by Nicolás Peña. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659 * libtiff/tif_jpeg.c: only run JPEGFixupTagsSubsampling() if the YCbCrSubsampling tag is not explicitly present. This helps a bit to reduce the I/O amount when the tag is present (especially on cloud hosted files). * libtiff/tif_lzw.c: in LZWPostEncode(), increase, if necessary, the code bit-width after flushing the remaining code and before emitting the EOI code. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=1982 * libtiff/tif_pixarlog.c: fix memory leak in error code path of PixarLogSetupDecode(). Patch by Nicolás Peña. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2665 * libtiff/tif_fax3.c, tif_predict.c, tif_getimage.c: fix GCC 7 -Wimplicit-fallthrough warnings. * libtiff/tif_dirread.c: fix memory leak in non DEFER_STRILE_LOAD mode (ie default) when there is both a StripOffsets and TileOffsets tag, or a StripByteCounts and TileByteCounts Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2689 * libtiff/tif_ojpeg.c: fix potential memory leak in OJPEGReadHeaderInfoSecTablesQTable, OJPEGReadHeaderInfoSecTablesDcTable and OJPEGReadHeaderInfoSecTablesAcTable Patch by Nicolás Peña. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2670 * libtiff/tif_fax3.c: avoid crash in Fax3Close() on empty file. Patch by Alan Coopersmith + complement by myself. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2673 * libtiff/tif_read.c: TIFFFillStrip(): add limitation to the number of bytes read in case td_stripbytecount[strip] is bigger than reasonable, so as to avoid excessive memory allocation. * libtiff/tif_zip.c, tif_pixarlog.c, tif_predict.c: fix memory leak when the underlying codec (ZIP, PixarLog) succeeds its setupdecode() method, but PredictorSetup fails. Credit to OSS-Fuzz (locally run, on GDAL) * libtiff/tif_read.c: TIFFFillStrip() and TIFFFillTile(): avoid excessive memory allocation in case of shorten files. Only effective on 64 bit builds and non-mapped cases. Credit to OSS-Fuzz (locally run, on GDAL) * libtiff/tif_read.c: TIFFFillStripPartial() / TIFFSeek(), avoid potential integer overflows with read_ahead in CHUNKY_STRIP_READ_SUPPORT mode. Should especially occur on 32 bit platforms. * libtiff/tif_read.c: TIFFFillStripPartial(): avoid excessive memory allocation in case of shorten files. Only effective on 64 bit builds. Credit to OSS-Fuzz (locally run, on GDAL) * libtiff/tif_read.c: update tif_rawcc in CHUNKY_STRIP_READ_SUPPORT mode with tif_rawdataloaded when calling TIFFStartStrip() or TIFFFillStripPartial(). This avoids reading beyond tif_rawdata when bytecount > tif_rawdatasize. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1545. Credit to OSS-Fuzz * libtiff/tif_color.c: avoid potential int32 overflow in TIFFYCbCrToRGBInit() Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1533 Credit to OSS-Fuzz * libtiff/tif_pixarlog.c, tif_luv.c: avoid potential int32 overflows in multiply_ms() and add_ms(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1558 Credit to OSS-Fuzz * libtiff/tif_packbits.c: fix out-of-buffer read in PackBitsDecode() Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1563 Credit to OSS-Fuzz * libtiff/tif_luv.c: LogL16InitState(): avoid excessive memory allocation when RowsPerStrip tag is missing. Credit to OSS-Fuzz (locally run, on GDAL) * libtiff/tif_lzw.c: update dec_bitsleft at beginning of LZWDecode(), and update tif_rawcc at end of LZWDecode(). This is needed to properly work with the latest chnges in tif_read.c in CHUNKY_STRIP_READ_SUPPORT mode. * libtiff/tif_pixarlog.c: PixarLogDecode(): resync tif_rawcp with next_in and tif_rawcc with avail_in at beginning and end of function, similarly to what is done in LZWDecode(). Likely needed so that it works properly with latest chnges in tif_read.c in CHUNKY_STRIP_READ_SUPPORT mode. But untested... * libtiff/tif_getimage.c: initYCbCrConversion(): add basic validation of luma and refBlackWhite coefficients (just check they are not NaN for now), to avoid potential float to int overflows. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1663 Credit to OSS Fuzz * libtiff/tif_read.c: _TIFFVSetField(): fix outside range cast of double to float. Credit to Google Autofuzz project * libtiff/tif_getimage.c: initYCbCrConversion(): check luma[1] is not zero to avoid division by zero. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1665 Credit to OSS Fuzz * libtiff/tif_read.c: _TIFFVSetField(): fix outside range cast of double to float. Credit to Google Autofuzz project * libtiff/tif_getimage.c: initYCbCrConversion(): check luma[1] is not zero to avoid division by zero. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1665 Credit to OSS Fuzz * libtiff/tif_getimage.c: initYCbCrConversion(): stricter validation for refBlackWhite coefficients values. To avoid invalid float->int32 conversion. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1718 Credit to OSS Fuzz CHANGES IN THE TOOLS: * tools/fax2tiff.c (main): Applied patch by Jörg Ahrens to fix passing client data for Win32 builds using tif_win32.c (USE_WIN32_FILEIO defined) for file I/O. Patch was provided via email on November 20, 2016. * tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips that can cause various issues, such as buffer overflows in the library. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598 * tools/tiffcrop.c: fix readContigStripsIntoBuffer() in -i (ignore) mode so that the output buffer is correctly incremented to avoid write outside bounds. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2620 * tools/tiffcrop.c: add 3 extra bytes at end of strip buffer in readSeparateStripsIntoBuffer() to avoid read outside of heap allocated buffer. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2621 * tools/tiffcrop.c: fix integer division by zero when BitsPerSample is missing. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2619 * tools/tiffinfo.c: fix null pointer dereference in -r mode when the image has no StripByteCount tag. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2594 * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples tag is missing. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2597 * tools/tif_dir.c: when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is called, limit the return number of inks to SamplesPerPixel, so that code that parses ink names doesn't go past the end of the buffer. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples tag is missing. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2607 * tools/tiffcp.c: fix uint32 underflow/overflow that can cause heap-based buffer overflow. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2610 * tools/tiffcp.c: replace assert( (bps % 8) == 0 ) by a non assert check. Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2605 * tools/tiff2ps.c: fix 2 heap-based buffer overflows (in PSDataBW and PSDataColorContig). Reported by Agostino Sarubbo. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2633 and http://bugzilla.maptools.org/show_bug.cgi?id=2634. * tools/tiff2pdf.c: prevent heap-based buffer overflow in -j mode on a paletted image. Note: this fix errors out before the overflow happens. There could probably be a better fix. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2635 * tools/tiff2pdf.c: fix wrong usage of memcpy() that can trigger unspecified behaviour. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2638 * tools/tiff2pdf.c: avoid potential invalid memory read in t2p_writeproc. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2639 * tools/tiff2pdf.c: avoid potential heap-based overflow in t2p_readwrite_pdf_image_tile(). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640 * tools/tiffcrop.c: remove extraneous TIFFClose() in error code path, that caused double free. Related to http://bugzilla.maptools.org/show_bug.cgi?id=2535 * tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based overflow. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and http://bugzilla.maptools.org/show_bug.cgi?id=2657 * tools/raw2tiff.c: avoid integer division by zero. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2631 * tools/tiff2ps.c: call TIFFClose() in error code paths. * tools/fax2tiff.c: emit appropriate message if the input file is empty. Patch by Alan Coopersmith. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2672 * tools/tiff2bw.c: close TIFF handle in error code path. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2677
Revision 1.125.4.3 / (download) - annotate - [select for diffs], Thu May 11 17:47:20 2017 UTC (6 years, 10 months ago) by bsiegert
Branch: pkgsrc-2017Q1
Changes since 1.125.4.2: +2 -2
lines
Diff to previous 1.125.4.2 (colored) to branchpoint 1.125 (colored) next main 1.126 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #5406 - requested by sevan graphics/tiff: security fix Revisions pulled up: - graphics/tiff/Makefile 1.130-1.135 - graphics/tiff/distinfo 1.76-1.81 - graphics/tiff/patches/patch-libtiff_tif__luv.c 1.1 - graphics/tiff/patches/patch-libtiff_tif__pixarlog.c 1.1 - graphics/tiff/patches/patch-libtiff_tif__strip.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_dirread.c 1.3 - graphics/tiff/patches/patch-libtiff_tif_ojpeg.c 1.2 - graphics/tiff/patches/patch-libtiff_tif_read.c 1.2 - graphics/tiff/patches/patch-libtiff_tiffiop.h 1.3 - graphics/tiff/patches/patch-tools_tiff2pdf.c 1.3 - graphics/tiff/patches/patch-tools_tiffcp.c 1.3 --- Module Name: pkgsrc Committed By: he Date: Sat May 6 20:34:40 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-tools_tiff2pdf.c Log Message: Fix CVE-2016-10094, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2640 and https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76 Bump PKGREVISION. --- Module Name: pkgsrc Committed By: he Date: Sat May 6 21:02:00 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tif__luv.c patch-libtiff_tif__pixarlog.c Log Message: Fix CVE-2016-10269, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2604 and https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86 Bump PKGREVISION. --- Module Name: pkgsrc Committed By: he Date: Sat May 6 21:29:17 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo pkgsrc/graphics/tiff/patches: patch-libtiff_tif_dirread.c Added Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tif__strip.c Log Message: Fix CVE-2016-10270, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2608 https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018 Bump PKGREVISION. --- Module Name: pkgsrc Committed By: he Date: Sat May 6 21:37:16 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo pkgsrc/graphics/tiff/patches: patch-tools_tiffcp.c Log Message: Fix CVE-2016-10268, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2598 https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df Bump PKGREVISION. --- Module Name: pkgsrc Committed By: he Date: Sun May 7 21:32:30 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo pkgsrc/graphics/tiff/patches: patch-libtiff_tif_read.c Added Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tiffiop.h Log Message: Fix CVE-2016-10266 ref. http://bugzilla.maptools.org/show_bug.cgi?id=2596 https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1 Bump PKGREVISION. --- Module Name: pkgsrc Committed By: he Date: Sun May 7 21:52:16 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo pkgsrc/graphics/tiff/patches: patch-libtiff_tif_ojpeg.c Log Message: Fix CVE-2016-10267 ref. http://bugzilla.maptools.org/show_bug.cgi?id=2611 https://github.com/vadz/libtiff/commit/43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec Bump PKGREVISION.
Revision 1.135 / (download) - annotate - [select for diffs], Sun May 7 21:52:16 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.134: +2 -2
lines
Diff to previous 1.134 (colored) to selected 1.103.2.1 (colored)
Fix CVE-2016-10267 ref. http://bugzilla.maptools.org/show_bug.cgi?id=2611 https://github.com/vadz/libtiff/commit/43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec Bump PKGREVISION.
Revision 1.134 / (download) - annotate - [select for diffs], Sun May 7 21:32:30 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.133: +2 -2
lines
Diff to previous 1.133 (colored) to selected 1.103.2.1 (colored)
Fix CVE-2016-10266 ref. http://bugzilla.maptools.org/show_bug.cgi?id=2596 https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1 Bump PKGREVISION.
Revision 1.133 / (download) - annotate - [select for diffs], Sat May 6 21:37:16 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.132: +2 -2
lines
Diff to previous 1.132 (colored) to selected 1.103.2.1 (colored)
Fix CVE-2016-10268, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2598 https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df Bump PKGREVISION.
Revision 1.132 / (download) - annotate - [select for diffs], Sat May 6 21:29:16 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.131: +2 -2
lines
Diff to previous 1.131 (colored) to selected 1.103.2.1 (colored)
Fix CVE-2016-10270, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2608 https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018 Bump PKGREVISION.
Revision 1.131 / (download) - annotate - [select for diffs], Sat May 6 21:02:00 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.130: +2 -2
lines
Diff to previous 1.130 (colored) to selected 1.103.2.1 (colored)
Fix CVE-2016-10269, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2604 and https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86 Bump PKGREVISION.
Revision 1.130 / (download) - annotate - [select for diffs], Sat May 6 20:34:40 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.129: +2 -2
lines
Diff to previous 1.129 (colored) to selected 1.103.2.1 (colored)
Fix CVE-2016-10094, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2640 and https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76 Bump PKGREVISION.
Revision 1.125.4.2 / (download) - annotate - [select for diffs], Sat May 6 15:08:52 2017 UTC (6 years, 10 months ago) by bsiegert
Branch: pkgsrc-2017Q1
Changes since 1.125.4.1: +2 -2
lines
Diff to previous 1.125.4.1 (colored) to branchpoint 1.125 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #5404 - requested by sevan graphics/tiff: security fix Revisions pulled up: - graphics/tiff/Makefile 1.127-1.129 - graphics/tiff/distinfo 1.73-1.75 - graphics/tiff/patches/patch-libtiff_tif_dir.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_dirread.c 1.2 - graphics/tiff/patches/patch-libtiff_tif_dirwrite.c 1.1 - graphics/tiff/patches/patch-tools_tiffcp.c 1.2 - graphics/tiff/patches/patch-tools_tiffcrop.c 1.1-1.2 --- Module Name: pkgsrc Committed By: he Date: Fri May 5 19:16:58 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile Added Files: pkgsrc/graphics/tiff/patches: patch-tools_tiffcrop.c Log Message: Apply fix from upstream to fix CVE-2016-10092, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2620 and https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a Bump PKGREVISION. --- Module Name: pkgsrc Committed By: he Date: Fri May 5 19:28:23 UTC 2017 Modified Files: pkgsrc/graphics/tiff: distinfo Log Message: Forgot "make mps", this one belongs to the previous update, 4.0.7nb3. --- Module Name: pkgsrc Committed By: he Date: Fri May 5 20:06:03 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo pkgsrc/graphics/tiff/patches: patch-tools_tiffcp.c Log Message: Apply fix for CVE-2016-10093 http://bugzilla.maptools.org/show_bug.cgi?id=2610 https://github.com/vadz/libtiff/commit/787c0ee906430b772f33ca50b97b8b5ca070faec Bump PKGREVISION. --- Module Name: pkgsrc Committed By: sevan Date: Fri May 5 20:14:05 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo pkgsrc/graphics/tiff/patches: patch-libtiff_tif_dirread.c patch-tools_tiffcrop.c Added Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tif_dir.c patch-libtiff_tif_dirwrite.c Log Message: CVE-2017-7596 CVE-2017-7597 CVE-2017-7599 CVE-2017-7600 https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490 Dependency for applying advisory patch. +http://bugzilla.maptools.org/show_bug.cgi?id=2535 +https://github.com/vadz/libtiff/commit/0abd094b6e5079c4d8be733829240491cb230f3d Bump rev.
Revision 1.125.4.1 / (download) - annotate - [select for diffs], Sat May 6 15:01:21 2017 UTC (6 years, 10 months ago) by bsiegert
Branch: pkgsrc-2017Q1
Changes since 1.125: +2 -2
lines
Diff to previous 1.125 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #5399 - requested by sevan graphics/tiff: security fix Revisions pulled up: - graphics/tiff/Makefile 1.126 - graphics/tiff/distinfo 1.72 - graphics/tiff/patches/patch-libtiff_tif_dirread.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_getimage.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_jpeg.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_ojpeg.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_read.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_unix.c 1.1 - graphics/tiff/patches/patch-libtiff_tif_win32.c 1.1 - graphics/tiff/patches/patch-libtiff_tiffio.h 1.1 - graphics/tiff/patches/patch-tools_tiffcp.c 1.1 --- Module Name: pkgsrc Committed By: sevan Date: Wed May 3 23:00:59 UTC 2017 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tif_dirread.c patch-libtiff_tif_getimage.c patch-libtiff_tif_jpeg.c patch-libtiff_tif_ojpeg.c patch-libtiff_tif_read.c patch-libtiff_tif_unix.c patch-libtiff_tif_win32.c patch-libtiff_tiffio.h patch-tools_tiffcp.c Log Message: Add security patches & bump rev. via FreeBSD bz #216658 https://nvd.nist.gov/vuln/detail/CVE-2017-5225 http://bugzilla.maptools.org/show_bug.cgi?id=2656 http://bugzilla.maptools.org/show_bug.cgi?id=2657 https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7 https://nvd.nist.gov/vuln/detail/CVE-2017-7592 http://bugzilla.maptools.org/show_bug.cgi?id=2658 https://github.com/vadz/libtiff/commit/48780b4fcc42 https://nvd.nist.gov/vuln/detail/CVE-2017-7593 http://bugzilla.maptools.org/show_bug.cgi?id=2651 https://github.com/vadz/libtiff/commit/d60332057b95 https://nvd.nist.gov/vuln/detail/CVE-2017-7594 http://bugzilla.maptools.org/show_bug.cgi?id=2659 https://github.com/vadz/libtiff/commit/8283e4d1b7e5 https://github.com/vadz/libtiff/commit/2ea32f7372b6 https://nvd.nist.gov/vuln/detail/CVE-2017-7595 https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122 https://nvd.nist.gov/vuln/detail/CVE-2017-7598 https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8 https://nvd.nist.gov/vuln/detail/CVE-2017-7601 https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490 https://nvd.nist.gov/vuln/detail/CVE-2017-7602 https://github.com/vadz/libtiff/commit/66e7bd59520996740e4df5495a830b42fae48bc4
Revision 1.129 / (download) - annotate - [select for diffs], Fri May 5 20:14:05 2017 UTC (6 years, 10 months ago) by sevan
Branch: MAIN
Changes since 1.128: +2 -2
lines
Diff to previous 1.128 (colored) to selected 1.103.2.1 (colored)
CVE-2017-7596 CVE-2017-7597 CVE-2017-7599 CVE-2017-7600 https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490 Dependency for applying advisory patch. +http://bugzilla.maptools.org/show_bug.cgi?id=2535 +https://github.com/vadz/libtiff/commit/0abd094b6e5079c4d8be733829240491cb230f3d Bump rev.
Revision 1.128 / (download) - annotate - [select for diffs], Fri May 5 20:06:02 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.127: +2 -2
lines
Diff to previous 1.127 (colored) to selected 1.103.2.1 (colored)
Apply fix for CVE-2016-10093 http://bugzilla.maptools.org/show_bug.cgi?id=2610 https://github.com/vadz/libtiff/commit/787c0ee906430b772f33ca50b97b8b5ca070faec Bump PKGREVISION.
Revision 1.127 / (download) - annotate - [select for diffs], Fri May 5 19:16:57 2017 UTC (6 years, 10 months ago) by he
Branch: MAIN
Changes since 1.126: +2 -2
lines
Diff to previous 1.126 (colored) to selected 1.103.2.1 (colored)
Apply fix from upstream to fix CVE-2016-10092, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2620 and https://github.com/vadz/libtiff/commit/9657bbe3cdce4aaa90e07d50c1c70ae52da0ba6a Bump PKGREVISION.
Revision 1.126 / (download) - annotate - [select for diffs], Wed May 3 23:00:59 2017 UTC (6 years, 10 months ago) by sevan
Branch: MAIN
Changes since 1.125: +2 -2
lines
Diff to previous 1.125 (colored) to selected 1.103.2.1 (colored)
Add security patches & bump rev. via FreeBSD bz #216658 https://nvd.nist.gov/vuln/detail/CVE-2017-5225 http://bugzilla.maptools.org/show_bug.cgi?id=2656 http://bugzilla.maptools.org/show_bug.cgi?id=2657 https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7 https://nvd.nist.gov/vuln/detail/CVE-2017-7592 http://bugzilla.maptools.org/show_bug.cgi?id=2658 https://github.com/vadz/libtiff/commit/48780b4fcc42 https://nvd.nist.gov/vuln/detail/CVE-2017-7593 http://bugzilla.maptools.org/show_bug.cgi?id=2651 https://github.com/vadz/libtiff/commit/d60332057b95 https://nvd.nist.gov/vuln/detail/CVE-2017-7594 http://bugzilla.maptools.org/show_bug.cgi?id=2659 https://github.com/vadz/libtiff/commit/8283e4d1b7e5 https://github.com/vadz/libtiff/commit/2ea32f7372b6 https://nvd.nist.gov/vuln/detail/CVE-2017-7595 https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122 https://nvd.nist.gov/vuln/detail/CVE-2017-7598 https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8 https://nvd.nist.gov/vuln/detail/CVE-2017-7601 https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490 https://nvd.nist.gov/vuln/detail/CVE-2017-7602 https://github.com/vadz/libtiff/commit/66e7bd59520996740e4df5495a830b42fae48bc4
Revision 1.122.6.1 / (download) - annotate - [select for diffs], Mon Nov 28 20:27:03 2016 UTC (7 years, 4 months ago) by bsiegert
Branch: pkgsrc-2016Q3
Changes since 1.122: +4 -6
lines
Diff to previous 1.122 (colored) next main 1.123 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #5163 - requested by wiz graphics/tiff: security fix Revisions pulled up: - graphics/tiff/Makefile 1.123-1.124 - graphics/tiff/PLIST 1.22 - graphics/tiff/distinfo 1.70 - graphics/tiff/patches/patch-libtiff_tif_luv.c deleted --- Module Name: pkgsrc Committed By: adam Date: Sat Oct 8 06:20:39 UTC 2016 Modified Files: pkgsrc/graphics/tiff: Makefile Log Message: Updated MASTER_SITES and HOMEPAGE; the old ones seem to be dead. --- Module Name: pkgsrc Committed By: wiz Date: Tue Nov 22 15:19:54 UTC 2016 Modified Files: pkgsrc/graphics/tiff: Makefile PLIST distinfo Removed Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tif_luv.c Log Message: Updated tiff to 4.0.7. MAJOR CHANGES: The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution. These tools were written in the late 1980s and early 1990s for test and demonstration purposes. In some cases the tools were never updated to support updates to the file format, or the file formats are now rarely used. In all cases these tools increased the libtiff security and maintenance exposure beyond the value offered by the tool. CHANGES IN LIBTIFF: libtiff/tif_dirread.c: in TIFFFetchNormalTag(), do not dereference NULL pointer when values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are 0-byte arrays. Fixes http:// bugzilla.maptools.org/show_bug.cgi?id=2593 (regression introduced by previous fix done on 2016-11-11 for CVE-2016-9297). Reported by Henri Salo. Assigned as CVE-2016-9448 libtiff/tif_aux.c: fix crash in TIFFVGetFieldDefaulted() when requesting Predictor tag and that the zip/lzw codec is not configured. Fixes http:// bugzilla.maptools.org/show_bug.cgi?id=2591 libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are null terminated, to avoid potential read outside buffer in _TIFFPrintField(). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 libtiff/tif_dirread.c: reject images with OJPEG compression that have no TileOffsets/StripOffsets tag, when OJPEG compression is disabled. Prevent null pointer dereference in TIFFReadRawStrip1() and other functions that expect td_stripbytecount to be non NULL. Fixes http://bugzilla.maptools.org /show_bug.cgi?id=2585 libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips value when it is non-zero, instead of recomputing it. This is needed in TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of array in tiffsplit (or other utilities using TIFFNumberOfStrips()). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2587 (CVE-2016-9273) libtiff/tif_predict.h, libtiff/tif_predict.c: Replace assertions by runtime checks to avoid assertions in debug mode, or buffer overflows in release mode. Can happen when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105 by Axel Souchet & Vishal Chauhan from the MSRC Vulnerabilities & Mitigations libtiff/tif_dir.c: discard values of SMinSampleValue and SMaxSampleValue when they have been read and the value of SamplesPerPixel is changed afterwards (like when reading a OJPEG compressed image with a missing SamplesPerPixel tag, and whose photometric is RGB or YCbCr, forcing SamplesPerPixel being 3). Otherwise when rewriting the directory (for example with tiffset, we will expect 3 values whereas the array had been allocated with just one), thus causing a out of bound read access. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500 (CVE-2014-8127, duplicate: CVE-2016-3658) libtiff/tif_dirwrite.c: avoid null pointer dereference on td_stripoffset when writing directory, if FIELD_STRIPOFFSETS was artificially set for a hack case in OJPEG case. Fixes http://bugzilla.maptools.org/show_bug.cgi?id =2500 (CVE-2014-8127, duplicate: CVE-2016-3658) libtiff/tif_getimage.c (TIFFRGBAImageOK): Reject attempts to read floating point images. libtiff/tif_predict.c (PredictorSetup): Enforce bits-per-sample requirements of floating point predictor (3). Fixes CVE-2016-3622 "Divide By Zero in the tiff2rgba tool." libtiff/tif_pixarlog.c: fix out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094. Discovered by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. libtiff/tif_write.c: fix issue in error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. I'm not completely sure if that could happen in practice outside of the odd behaviour of t2p_seekproc() of tiff2pdf). The report points that a better fix could be to check the return value of TIFFFlushData1() in places where it isn't done currently, but it seems this patch is enough. Reported as MSVR 35095. Discovered by Axel Souchet & Vishal Chauhan & Suha Can from the MSRC Vulnerabilities & Mitigations team. libtiff/tif_pixarlog.c: Fix write buffer overflow in PixarLogEncode if more input samples are provided than expected by PixarLogSetupEncode. Idea based on libtiff-CVE-2016-3990.patch from libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, but with different and simpler check. (bugzilla #2544) libtiff/tif_read.c: Fix out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() when stripoffset is beyond tmsize_t max value (reported by Mathias Svensson) libtiff/tif_read.c: make TIFFReadEncodedStrip() and TIFFReadEncodedTile() directly use user provided buffer when no compression (and other conditions) to save a memcpy() libtiff/tif_write.c: make TIFFWriteEncodedStrip() and TIFFWriteEncodedTile () directly use user provided buffer when no compression to save a memcpy (). libtiff/tif_luv.c: validate that for COMPRESSION_SGILOG and PHOTOMETRIC_LOGL, there is only one sample per pixel. Avoid potential invalid memory write on corrupted/unexpected images when using the TIFFRGBAImageBegin() interface (reported by Clay Wood) libtiff/tif_pixarlog.c: fix potential buffer write overrun in PixarLogDecode() on corrupted/unexpected images (reported by Mathias Svensson) (CVE-2016-5875) libtiff/libtiff.def: Added _TIFFMultiply32 and _TIFFMultiply64 to libtiff.def libtiff/tif_config.vc.h (HAVE_SNPRINTF): Add a '1' to the HAVE_SNPRINTF definition. libtiff/tif_config.vc.h (HAVE_SNPRINTF): Applied patch by Edward Lam to define HAVE_SNPRINTF for Visual Studio 2015. libtiff/tif_dirread.c: when compiled with DEFER_STRILE_LOAD, fix regression, introduced on 2014-12-23, when reading a one-strip file without a StripByteCounts tag. GDAL #6490 libtiff/*: upstream typo fixes (mostly contributed by Kurt Schwehr) coming from GDAL internal libtiff libtiff/tif_fax3.h: make Param member of TIFFFaxTabEnt structure a uint16 to reduce size of the binary. libtiff/tif_read.c, tif_dirread.c: fix indentation issues raised by GCC 6 -Wmisleading-indentation libtiff/tif_pixarlog.c: avoid zlib error messages to pass a NULL string to %s formatter, which is undefined behaviour in sprintf(). libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode() triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif (bugzilla # 2508) libtiff/tif_luv.c: fix potential out-of-bound writes in decode functions in non debug builds by replacing assert()s by regular if checks (bugzilla # 2522). Fix potential out-of-bound reads in case of short input data. libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage interface in case of unsupported values of SamplesPerPixel/ExtraSamples for LogLUV / CIELab. Add explicit call to TIFFRGBAImageOK() in TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by limingxing and CVE-2015-8683 reported by zzf of Alibaba. libtiff/tif_dirread.c: workaround false positive warning of Clang Static Analyzer about null pointer dereference in TIFFCheckDirOffset(). libtiff/tif_fax3.c: remove dead assignment in Fax3PutEOLgdal(). Found by Clang Static Analyzer libtiff/tif_dirwrite.c: fix truncation to 32 bit of file offsets in TIFFLinkDirectory() and TIFFWriteDirectorySec() when aligning directory offsets on a even offset (affects BigTIFF). This was a regression of the changeset of 2015-10-19. libtiff/tif_write.c: TIFFWriteEncodedStrip() and TIFFWriteEncodedTile() should return -1 in case of failure of tif_encodestrip() as documented libtiff/tif_dumpmode.c: DumpModeEncode() should return 0 in case of failure so that the above mentionned functions detect the error. libtiff/*.c: fix MSVC warnings related to cast shortening and assignment within conditional expression libtiff/*.c: fix clang -Wshorten-64-to-32 warnings libtiff/tif_dirread.c: prevent reading ColorMap or TransferFunction if BitsPerPixel > 24, so as to avoid huge memory allocation and file read attempts libtiff/tif_dirread.c: remove duplicated assignment (reported by Clang static analyzer) libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_compress.c, libtiff/ tif_jpeg_12.c: suppress warnings about 'no previous declaration/prototype' libtiff/tiffiop.h, libtiff/tif_dirwrite.c: suffix constants by U to fix 'warning: negative integer implicitly converted to unsigned type' warning (part of -Wconversion) libtiff/tif_dir.c, libtiff/tif_dirread.c, libtiff/tif_getimage.c, libtiff/ tif_print.c: fix -Wshadow warnings (only in libtiff/) CHANGES IN THE TOOLS: tools/Makefile.am: The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution. The libtiff tools rgb2ycbcr and thumbnail are only built in the build tree for testing. Old files are put in new 'archive' subdirectory of the source repository, but not in distribution archives. These changes are made in order to lessen the maintenance burden. tools/tiff2pdf.c: avoid undefined behaviour related to overlapping of source and destination buffer in memcpy() call in t2p_sample_rgbaa_to_rgb() Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2577 tools/tiff2pdf.c: fix potential integer overflows on 32 bit builds in t2p_read_tiff_size() Fixes http://bugzilla.maptools.org/show_bug.cgi?id= 2576 tools/fax2tiff.c: fix segfault when specifying -r without argument. Patch by Yuriy M. Kaminskiy. Fixes http://bugzilla.maptools.org/show_bug.cgi?id= 2572 tools/tiffinfo.c: fix out-of-bound read on some tiled images. (http:// bugzilla.maptools.org/show_bug.cgi?id=2517) tools/tiffcrop.c: fix multiple uint32 overflows in writeBufferToSeparateStrips(), writeBufferToContigTiles() and writeBufferToSeparateTiles() that could cause heap buffer overflows. Reported by Henri Salo from Nixu Corporation. Fixes http:// bugzilla.maptools.org/show_bug.cgi?id=2592 tools/tiffcrop.c: fix out-of-bound read of up to 3 bytes in readContigTilesIntoBuffer(). Reported as MSVR 35092 by Axel Souchet & Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2pdf.c: fix write buffer overflow of 2 bytes on JPEG compressed images. Reported by Tyler Bohan of Cisco Talos as TALOS-CAN-0187 / CVE-2016-5652. Also prevents writing 2 extra uninitialized bytes to the file stream. tools/tiffcp.c: fix out-of-bounds write on tiled images with odd tile width vs image width. Reported as MSVR 35103 by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2pdf.c: fix read -largely- outsize of buffer in t2p_readwrite_pdf_image_tile(), causing crash, when reading a JPEG compressed image with TIFFTAG_JPEGTABLES length being one. Reported as MSVR 35101 by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiffcp.c: fix read of undefined variable in case of missing required tags. Found on test case of MSVR 35100. tools/tiffcrop.c: fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16 overflow. Probably not a security issue but I can be wrong. Reported as MSVR 35100 by Axel Souchet from the MSRC Vulnerabilities & Mitigations team. tools/tiffcrop.c: fix various out-of-bounds write vulnerabilities in heap or stack allocated buffers. Reported as MSVR 35093, MSVR 35096 and MSVR 35097. Discovered by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2pdf.c: fix out-of-bounds write vulnerabilities in heap allocate buffer in t2p_process_jpeg_strip(). Reported as MSVR 35098. Discovered by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2bw.c: fix weight computation that could result of color value overflow (no security implication). Fix bugzilla #2550. Patch by Frank Freudenberg. tools/rgb2ycbcr.c: validate values of -v and -h parameters to avoid potential divide by zero. Fixes CVE-2016-3623 (bugzilla #2569) tools/tiffcrop.c: Fix out-of-bounds write in loadImage(). From patch libtiff-CVE-2016-3991.patch from libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro (bugzilla #2543) tools/tiff2rgba.c: Fix integer overflow in size of allocated buffer, when -b mode is enabled, that could result in out-of-bounds write. Based initially on patch tiff-CVE-2016-3945.patch from libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, with correction for invalid tests that rejected valid files. (bugzilla #2545) tools/tiffcrop.c: Avoid access outside of stack allocated array on a tiled separate TIFF with more than 8 samples per pixel. Reported by Kaixiang Zhang of the Cloud Security Team, Qihoo 360 (CVE-2016-5321 / CVE-2016-5323 , bugzilla #2558 / #2559) tools/tiffdump.c: fix a few misaligned 64-bit reads warned by -fsanitize tools/tiffdump.c (ReadDirectory): Remove uint32 cast to _TIFFmalloc() argument which resulted in Coverity report. Added more mutiplication overflow checks.
Revision 1.125 / (download) - annotate - [select for diffs], Wed Nov 23 13:51:29 2016 UTC (7 years, 4 months ago) by he
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base,
pkgsrc-2016Q4-base,
pkgsrc-2016Q4
Branch point for: pkgsrc-2017Q1
Changes since 1.124: +2 -1
lines
Diff to previous 1.124 (colored) to selected 1.103.2.1 (colored)
Add a couple patches to omit installing the documentation for rgb2ycbcr and thumbnail, since these binaries are no longer being installed. Bump PKGREVISION.
Revision 1.124 / (download) - annotate - [select for diffs], Tue Nov 22 15:19:54 2016 UTC (7 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.123: +2 -3
lines
Diff to previous 1.123 (colored) to selected 1.103.2.1 (colored)
Updated tiff to 4.0.7. MAJOR CHANGES: The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution. These tools were written in the late 1980s and early 1990s for test and demonstration purposes. In some cases the tools were never updated to support updates to the file format, or the file formats are now rarely used. In all cases these tools increased the libtiff security and maintenance exposure beyond the value offered by the tool. CHANGES IN LIBTIFF: libtiff/tif_dirread.c: in TIFFFetchNormalTag(), do not dereference NULL pointer when values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are 0-byte arrays. Fixes http:// bugzilla.maptools.org/show_bug.cgi?id=2593 (regression introduced by previous fix done on 2016-11-11 for CVE-2016-9297). Reported by Henri Salo. Assigned as CVE-2016-9448 libtiff/tif_aux.c: fix crash in TIFFVGetFieldDefaulted() when requesting Predictor tag and that the zip/lzw codec is not configured. Fixes http:// bugzilla.maptools.org/show_bug.cgi?id=2591 libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII access are null terminated, to avoid potential read outside buffer in _TIFFPrintField(). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 libtiff/tif_dirread.c: reject images with OJPEG compression that have no TileOffsets/StripOffsets tag, when OJPEG compression is disabled. Prevent null pointer dereference in TIFFReadRawStrip1() and other functions that expect td_stripbytecount to be non NULL. Fixes http://bugzilla.maptools.org /show_bug.cgi?id=2585 libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips value when it is non-zero, instead of recomputing it. This is needed in TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of array in tiffsplit (or other utilities using TIFFNumberOfStrips()). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2587 (CVE-2016-9273) libtiff/tif_predict.h, libtiff/tif_predict.c: Replace assertions by runtime checks to avoid assertions in debug mode, or buffer overflows in release mode. Can happen when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105 by Axel Souchet & Vishal Chauhan from the MSRC Vulnerabilities & Mitigations libtiff/tif_dir.c: discard values of SMinSampleValue and SMaxSampleValue when they have been read and the value of SamplesPerPixel is changed afterwards (like when reading a OJPEG compressed image with a missing SamplesPerPixel tag, and whose photometric is RGB or YCbCr, forcing SamplesPerPixel being 3). Otherwise when rewriting the directory (for example with tiffset, we will expect 3 values whereas the array had been allocated with just one), thus causing a out of bound read access. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2500 (CVE-2014-8127, duplicate: CVE-2016-3658) libtiff/tif_dirwrite.c: avoid null pointer dereference on td_stripoffset when writing directory, if FIELD_STRIPOFFSETS was artificially set for a hack case in OJPEG case. Fixes http://bugzilla.maptools.org/show_bug.cgi?id =2500 (CVE-2014-8127, duplicate: CVE-2016-3658) libtiff/tif_getimage.c (TIFFRGBAImageOK): Reject attempts to read floating point images. libtiff/tif_predict.c (PredictorSetup): Enforce bits-per-sample requirements of floating point predictor (3). Fixes CVE-2016-3622 "Divide By Zero in the tiff2rgba tool." libtiff/tif_pixarlog.c: fix out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094. Discovered by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. libtiff/tif_write.c: fix issue in error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. I'm not completely sure if that could happen in practice outside of the odd behaviour of t2p_seekproc() of tiff2pdf). The report points that a better fix could be to check the return value of TIFFFlushData1() in places where it isn't done currently, but it seems this patch is enough. Reported as MSVR 35095. Discovered by Axel Souchet & Vishal Chauhan & Suha Can from the MSRC Vulnerabilities & Mitigations team. libtiff/tif_pixarlog.c: Fix write buffer overflow in PixarLogEncode if more input samples are provided than expected by PixarLogSetupEncode. Idea based on libtiff-CVE-2016-3990.patch from libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, but with different and simpler check. (bugzilla #2544) libtiff/tif_read.c: Fix out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() when stripoffset is beyond tmsize_t max value (reported by Mathias Svensson) libtiff/tif_read.c: make TIFFReadEncodedStrip() and TIFFReadEncodedTile() directly use user provided buffer when no compression (and other conditions) to save a memcpy() libtiff/tif_write.c: make TIFFWriteEncodedStrip() and TIFFWriteEncodedTile () directly use user provided buffer when no compression to save a memcpy (). libtiff/tif_luv.c: validate that for COMPRESSION_SGILOG and PHOTOMETRIC_LOGL, there is only one sample per pixel. Avoid potential invalid memory write on corrupted/unexpected images when using the TIFFRGBAImageBegin() interface (reported by Clay Wood) libtiff/tif_pixarlog.c: fix potential buffer write overrun in PixarLogDecode() on corrupted/unexpected images (reported by Mathias Svensson) (CVE-2016-5875) libtiff/libtiff.def: Added _TIFFMultiply32 and _TIFFMultiply64 to libtiff.def libtiff/tif_config.vc.h (HAVE_SNPRINTF): Add a '1' to the HAVE_SNPRINTF definition. libtiff/tif_config.vc.h (HAVE_SNPRINTF): Applied patch by Edward Lam to define HAVE_SNPRINTF for Visual Studio 2015. libtiff/tif_dirread.c: when compiled with DEFER_STRILE_LOAD, fix regression, introduced on 2014-12-23, when reading a one-strip file without a StripByteCounts tag. GDAL #6490 libtiff/*: upstream typo fixes (mostly contributed by Kurt Schwehr) coming from GDAL internal libtiff libtiff/tif_fax3.h: make Param member of TIFFFaxTabEnt structure a uint16 to reduce size of the binary. libtiff/tif_read.c, tif_dirread.c: fix indentation issues raised by GCC 6 -Wmisleading-indentation libtiff/tif_pixarlog.c: avoid zlib error messages to pass a NULL string to %s formatter, which is undefined behaviour in sprintf(). libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode() triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif (bugzilla # 2508) libtiff/tif_luv.c: fix potential out-of-bound writes in decode functions in non debug builds by replacing assert()s by regular if checks (bugzilla # 2522). Fix potential out-of-bound reads in case of short input data. libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage interface in case of unsupported values of SamplesPerPixel/ExtraSamples for LogLUV / CIELab. Add explicit call to TIFFRGBAImageOK() in TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by limingxing and CVE-2015-8683 reported by zzf of Alibaba. libtiff/tif_dirread.c: workaround false positive warning of Clang Static Analyzer about null pointer dereference in TIFFCheckDirOffset(). libtiff/tif_fax3.c: remove dead assignment in Fax3PutEOLgdal(). Found by Clang Static Analyzer libtiff/tif_dirwrite.c: fix truncation to 32 bit of file offsets in TIFFLinkDirectory() and TIFFWriteDirectorySec() when aligning directory offsets on a even offset (affects BigTIFF). This was a regression of the changeset of 2015-10-19. libtiff/tif_write.c: TIFFWriteEncodedStrip() and TIFFWriteEncodedTile() should return -1 in case of failure of tif_encodestrip() as documented libtiff/tif_dumpmode.c: DumpModeEncode() should return 0 in case of failure so that the above mentionned functions detect the error. libtiff/*.c: fix MSVC warnings related to cast shortening and assignment within conditional expression libtiff/*.c: fix clang -Wshorten-64-to-32 warnings libtiff/tif_dirread.c: prevent reading ColorMap or TransferFunction if BitsPerPixel > 24, so as to avoid huge memory allocation and file read attempts libtiff/tif_dirread.c: remove duplicated assignment (reported by Clang static analyzer) libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_compress.c, libtiff/ tif_jpeg_12.c: suppress warnings about 'no previous declaration/prototype' libtiff/tiffiop.h, libtiff/tif_dirwrite.c: suffix constants by U to fix 'warning: negative integer implicitly converted to unsigned type' warning (part of -Wconversion) libtiff/tif_dir.c, libtiff/tif_dirread.c, libtiff/tif_getimage.c, libtiff/ tif_print.c: fix -Wshadow warnings (only in libtiff/) CHANGES IN THE TOOLS: tools/Makefile.am: The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution. The libtiff tools rgb2ycbcr and thumbnail are only built in the build tree for testing. Old files are put in new 'archive' subdirectory of the source repository, but not in distribution archives. These changes are made in order to lessen the maintenance burden. tools/tiff2pdf.c: avoid undefined behaviour related to overlapping of source and destination buffer in memcpy() call in t2p_sample_rgbaa_to_rgb() Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2577 tools/tiff2pdf.c: fix potential integer overflows on 32 bit builds in t2p_read_tiff_size() Fixes http://bugzilla.maptools.org/show_bug.cgi?id= 2576 tools/fax2tiff.c: fix segfault when specifying -r without argument. Patch by Yuriy M. Kaminskiy. Fixes http://bugzilla.maptools.org/show_bug.cgi?id= 2572 tools/tiffinfo.c: fix out-of-bound read on some tiled images. (http:// bugzilla.maptools.org/show_bug.cgi?id=2517) tools/tiffcrop.c: fix multiple uint32 overflows in writeBufferToSeparateStrips(), writeBufferToContigTiles() and writeBufferToSeparateTiles() that could cause heap buffer overflows. Reported by Henri Salo from Nixu Corporation. Fixes http:// bugzilla.maptools.org/show_bug.cgi?id=2592 tools/tiffcrop.c: fix out-of-bound read of up to 3 bytes in readContigTilesIntoBuffer(). Reported as MSVR 35092 by Axel Souchet & Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2pdf.c: fix write buffer overflow of 2 bytes on JPEG compressed images. Reported by Tyler Bohan of Cisco Talos as TALOS-CAN-0187 / CVE-2016-5652. Also prevents writing 2 extra uninitialized bytes to the file stream. tools/tiffcp.c: fix out-of-bounds write on tiled images with odd tile width vs image width. Reported as MSVR 35103 by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2pdf.c: fix read -largely- outsize of buffer in t2p_readwrite_pdf_image_tile(), causing crash, when reading a JPEG compressed image with TIFFTAG_JPEGTABLES length being one. Reported as MSVR 35101 by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiffcp.c: fix read of undefined variable in case of missing required tags. Found on test case of MSVR 35100. tools/tiffcrop.c: fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16 overflow. Probably not a security issue but I can be wrong. Reported as MSVR 35100 by Axel Souchet from the MSRC Vulnerabilities & Mitigations team. tools/tiffcrop.c: fix various out-of-bounds write vulnerabilities in heap or stack allocated buffers. Reported as MSVR 35093, MSVR 35096 and MSVR 35097. Discovered by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2pdf.c: fix out-of-bounds write vulnerabilities in heap allocate buffer in t2p_process_jpeg_strip(). Reported as MSVR 35098. Discovered by Axel Souchet and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. tools/tiff2bw.c: fix weight computation that could result of color value overflow (no security implication). Fix bugzilla #2550. Patch by Frank Freudenberg. tools/rgb2ycbcr.c: validate values of -v and -h parameters to avoid potential divide by zero. Fixes CVE-2016-3623 (bugzilla #2569) tools/tiffcrop.c: Fix out-of-bounds write in loadImage(). From patch libtiff-CVE-2016-3991.patch from libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro (bugzilla #2543) tools/tiff2rgba.c: Fix integer overflow in size of allocated buffer, when -b mode is enabled, that could result in out-of-bounds write. Based initially on patch tiff-CVE-2016-3945.patch from libtiff-4.0.3-25.el7_2.src.rpm by Nikola Forro, with correction for invalid tests that rejected valid files. (bugzilla #2545) tools/tiffcrop.c: Avoid access outside of stack allocated array on a tiled separate TIFF with more than 8 samples per pixel. Reported by Kaixiang Zhang of the Cloud Security Team, Qihoo 360 (CVE-2016-5321 / CVE-2016-5323 , bugzilla #2558 / #2559) tools/tiffdump.c: fix a few misaligned 64-bit reads warned by -fsanitize tools/tiffdump.c (ReadDirectory): Remove uint32 cast to _TIFFmalloc() argument which resulted in Coverity report. Added more mutiplication overflow checks.
Revision 1.123 / (download) - annotate - [select for diffs], Sat Oct 8 06:20:39 2016 UTC (7 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.122: +3 -4
lines
Diff to previous 1.122 (colored) to selected 1.103.2.1 (colored)
Updated MASTER_SITES and HOMEPAGE; the old ones seem to be dead.
Revision 1.122 / (download) - annotate - [select for diffs], Tue Mar 22 21:50:13 2016 UTC (8 years ago) by tez
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base,
pkgsrc-2016Q2-base,
pkgsrc-2016Q2,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1
Branch point for: pkgsrc-2016Q3
Changes since 1.121: +1 -0
lines
Diff to previous 1.121 (colored) to selected 1.103.2.1 (colored)
Fix for CVE-2015-8781, CVE-2015-8782, CVE-2015-8783 from: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65.diff
Revision 1.121 / (download) - annotate - [select for diffs], Sun Sep 13 09:27:08 2015 UTC (8 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base,
pkgsrc-2015Q4,
pkgsrc-2015Q3-base,
pkgsrc-2015Q3
Changes since 1.120: +2 -2
lines
Diff to previous 1.120 (colored) to selected 1.103.2.1 (colored)
Update to 4.0.6: MAJOR CHANGES: Now builds with CMake 2.8.9 and newer (previously required 3.0.0) CHANGES IN THE SOFTWARE CONFIGURATION: CMakeLists.txt / CMake Supports CMake 2.8.9 and later. Add missing file which wasn't being distributed, causing unit tests to fail. Make shared/static library building configurable. CMake reads all version information directly from configure.ac to avoid duplication of values. CMake builds are now included in 'distcheck' target. Makefile.am Autotools 'make distcheck' now tests the CMake-based build if CMake is available. CHANGES IN LIBTIFF: Fixes to avoid undefined behaviour of signed types (C standard compliance). Fixes to avoid possible isses when casting to unsigned char. Fixes to avoid undefined behaviour with shifts. Fix generation of output with 16 bit or 32 bit integer, when byte swapping is needed, in horizontal predictor (#2521). Fix decoding when there is a single pixel to decode (unlikely case...) and byte swapping is involved. Add add explicit masking with 0xff before casting to uchar in floating-point horizontal differencing and accumulation routines. Eliminate requirement for and use of 64-bit constant values. CHANGES IN THE TOOLS: tiffgt Silence glut API deprecation warnings on MacOS X. fax2ps Detect failure to write to temporary file.
Revision 1.120 / (download) - annotate - [select for diffs], Sat Sep 5 10:47:57 2015 UTC (8 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.119: +4 -4
lines
Diff to previous 1.119 (colored) to selected 1.103.2.1 (colored)
Changes 4.0.5: * Support for configure/build using CMake. * Support for large (> 2GB) files under Microsoft Windows.
Revision 1.119 / (download) - annotate - [select for diffs], Tue Jun 30 10:42:19 2015 UTC (8 years, 9 months ago) by ryoon
Branch: MAIN
Changes since 1.118: +2 -2
lines
Diff to previous 1.118 (colored) to selected 1.103.2.1 (colored)
Update to 4.0.4 Changelog: 2015-06-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * libtiff 4.0.4 released. * configure.ac: Add a HAVE_FOO Automake conditional for each add-on library. * test/Makefile.am (JPEG_DEPENDENT_CHECK_PROG): raw_decode requires JPEG support to compile. Use Automake conditional to only include it when JPEG support is available. * html/build.html: Try to improve the nmake-based VC++ build description. * libtiff/tiffconf.vc.h: Build fixes based on testing. * libtiff/tif_config.vc.h: Build fixes based on testing. * libtiff/libtiff.def: TIFFRasterScanline does not exist so remove export for it. 2015-06-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * libtiff/tif_config.vc.h: Make adjustments to match the new definitions that configure produces, including for WIN64. Still needs to be tested. * configure.ac: For 64-bit MinGW, fix SSIZE_FORMAT formatting specifier. 64-bit MinGW supports 'long long' but support for 'lld' is not assured by the run-time DLLs and so GCC warns. Add TIFF_SIZE_T and TIFF_SIZE_FORMAT to provide a type definition and printf format specifier to deal with printing values of 'size_t' type. In particular, this was necessary for WIN64. Added a configure test for if the system headers provide 'optarg' (normal case) and block out the many explicit 'extern' statements in the utilities. This was found to be necessary under Windows when getopt is in a DLL and the symbols are already imported with dllimport via standard header files. * test/raw_decode.c (XMD_H): Avoid conflicting typedefs for INT32 and boolean in MinGW build due to including jpeglib.h. * test/rewrite_tag.c (main): Fix problem with location of variable declaration. * libtiff/libtiff.def: Added exports for TIFFGetConfiguredCODECs, TIFFReadRGBAImageOriented, TIFFSetCompressionScheme, TIFFSwabArrayOfTriples, TIFFVGetFieldDefaulted, _TIFFCheckRealloc, TIFFRasterScanline, TIFFSetErrorHandlerExt, TIFFSetWarningHandlerExt, TIFFNumberOfDirectories, TIFFCreateCustomDirectory, TIFFCreateEXIFDirectory, TIFFWriteCustomDirectory, _TIFFRewriteField as recommended by Roger Leigh and justified by use in libtiff tests, documentation, and changelog notes. Also sorted symbol list and removed duplicate entries. 2015-06-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * libtiff/tif_getimage.c: Fix four Coverity issues related to unintended sign extension. 2015-06-16 Even Rouault <even.rouault at spatialys.com> * libtiff/tif_unix.c: fix compilation with MSVC (fix by Jeff McKenna) 2015-06-14 Lee Howard <faxguy@howardsilvan.com> * libtiff/tif_unix.c: contribution from Vadim Zeitlin on Bugzilla Bug #2510 fixes several harmless but still annoying warnings * configure: contribution from Ludolf Holzheid on Bugzilla Bug #2498. Adds an option to select the file I/O style on Windows hosts. * libtiff/tif_getimage.c: contribution from Gary Cramblitt on Bugzilla Bug #2409. Correct reading of certain tiled TIFFs. * configure, configure.ac: contribution from Marcos H. Woehrmann on Bugzilla Bug #2405. Correct shell equality operator. * tools/tiffgt.c (raster_draw): contribution from Jay Berkenbilt on Bugzilla Bug #2401. Appropriately call glFlush(). * tools/tiff2pdf.c: change ColorTransform from "0" to "1" following Bugzilla Bug #2150. 2015-06-13 Lee Howard <faxguy@howardsilvan.com> * libtiff/tif_lzw.c: contribution from Andy Cave - decode files that contain consecutive CODE_CLEAR codes. * tools/tiff2pdf.c: contribution from Antti S. Lankila on Bugzilla Bug #2078. Suppress initial output of the header. * tools/tiff2pdf.c: contribution from Yuriy M. Kaminskiy - Take care in using the return value from snprintf(). * tools/tiffcrop.c: contribution from Eduardo Robles Elvira - correctly copy the compression tag from the source TIFF. * tools/tiff2ps.c: contribution from Eduardo Robles Elvira - correct sizing and scaling problems with output document. 2015-06-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * libtiff/tif_jpeg.c (JPEGDecode): Split JPEGDecode() into two clean implementations in order to avoid pre-processor hell. Only one of the implementations is used in a given build. 2015-06-08 Even Rouault <even.rouault at spatialys.com> * libtiff/tif_jpeg.c: Fix compilation in BITS_IN_JSAMPLE == 12 case 2015-06-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * libtiff/tif_write.c (TIFFWriteEncodedStrip): Fix Coverity 715975 "Division or modulo by zero". (TIFFWriteEncodedTile): Fix Coverity 715976 and 715977 "Division or modulo by zero". (TIFFWriteRawStrip): Fix Coverity 715978 "Division or modulo by zero". (TIFFWriteScanline): Fix Coverity 715979 "Division or modulo by zero". * libtiff/tif_read.c (TIFFStartTile): Fix Coverity 715973 and 715974 "Division or modulo by zero". 2015-05-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * libtiff/tif_dir.c (TIFFNumberOfDirectories): Quiet Coverity 1134470 "Logically dead code" by making the roll-over check explicit. * libtiff/tif_luv.c (LogLuvDecodeTile): Fix Coverity 991227 "Division or modulo by zero". (LogLuvDecodeStrip): Fix Coverity 991239 "Division or modulo by zero". (LogLuvEncodeStrip): Fix Coverity 991240 "Division or modulo by zero". (LogLuvEncodeTile): Fix Coverity 991241 "Division or modulo by zero". * libtiff/tif_dirread.c (TIFFReadDirEntryDoubleArray): Fix Coverity 298626 "Logically dead code". (TIFFReadDirEntryFloatArray): Fix Coverity 298627 "Logically dead code". (TIFFReadDirEntryIfd8Array): Fix Coverity 298628 "Logically dead code". (TIFFReadDirEntrySlong8Array): Fix Coverity 298629 "Logically dead code" * libtiff/tif_dir.c (TIFFNumberOfDirectories): Don't depend on ++ operator precedenc in evaluation. Might quench Coverity 1134470 "Logically dead code". * libtiff/tif_jpeg.c (JPEGDecode): Fix Coverity 602597 "Operands don't affect result". This change uses ifdefs to include applicable code based on properties of libjpeg. Still needs to be re-tested with 12-bit "6b" and "MK1". 2015-05-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * libtiff/tif_dirwrite.c (_TIFFRewriteField): Fix Coverity 1024310 "Resource leak". * libtiff/tif_ojpeg.c (OJPEGReadHeaderInfoSecStreamDht): Fix Coverity 601720 "Resource leak". * libtiff/tif_jpeg.c (JPEGCleanup): Fix Coverity 298624 "Dereference before null check". * libtiff/tif_ojpeg.c (OJPEGReadBufferFill): Fix Coverity 603400 "Missing break in switch". * contrib/addtiffo/tif_overview.c (TIFF_DownSample): Check buffer size calculation for overflow. * contrib/addtiffo/addtiffo.c (main): Possibly address Coverity 1024226 "Untrusted value as argument". * tools/gif2tiff.c (readgifimage): Fix Coverity 1024222 "Untrusted value as argument". (checksignature): Fix Coverity 1024894 "Ignoring number of bytes read". (readextension): Fix Coverity 1024893 "Ignoring number of bytes read". (readgifimage): Fix Coverity 1024890 "Ignoring number of bytes read". (readraster): Fix Coverity 1024891 "Ignoring number of bytes read". (readgifimage): Fix Coverity 1024892 "Ignoring number of bytes read". * tools/tiff2pdf.c (t2p_readwrite_pdf_image): Fix Coverity 1024181 "Structurally dead code". * tools/raw2tiff.c (main): Fix Coverity 1024887 "Unchecked return value from library". (guessSize): Fix Coverity 1024888 "Unchecked return value from library". (guessSize): Fix Coverity 1214162 "Ignoring number of bytes read". (guessSize): Fix Coverity 1024889 "Unchecked return value from library". * tools/tiff2pdf.c (t2p_readwrite_pdf_image): Fix Coverity 298621 "Resource leak". (t2p_readwrite_pdf_image): Fix Coverity 1024181 "Structurally dead code". (t2p_write_pdf): Fix Coverity 1227690 "Unused value". 2015-05-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * contrib/iptcutil/iptcutil.c (formatIPTC): Fix Coverity 1024468 "Infinite loop". (formatIPTC): Fix Coverity 1024727 "Truncated stdio return value". (formatIPTC): Fix Coverity 1214240 "Untrusted loop bound". 2015-05-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix Coverity 298615 "Resource leak". (TIFFGetOvrBlock): Fix Coverity 1024649 "Unintended sign extension". * tools/bmp2tiff.c (main): Fix Coverity 1024225 "Untrusted value as argument". (main): Fix Coverity 1024678 "Unchecked return value from library". (main): Fix Coverity 1024679 "Unchecked return value from library". (main): Fix Coverity 1214160 "Ignoring number of bytes read". * contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix Coverity 298615 "Resource leak". * tools/tiffcp.c: Fix Coverity 1024306, 1024307, 1024308, 1024309 "Resource leak". * tools/tiffsplit.c (cpTiles): Fix Coverity 1024304 "Resource leak". (cpStrips): Fix Coverity 1024305 "Resource leak". 2015-05-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * tools/ras2tiff.c: Fix Sun Raster header definition to be safe for 64-bit systems. Add some header validations. Should fix many Coverity issues. (main): Fix Coverity 1301206: "Integer handling issues (BAD_SHIFT)". (main): Quiet Coverity 1024223 "Untrusted value as argument". * tools/tiffmedian.c (GetInputLine): Fix Coverity 1024795 "Nesting level does not match indentation". (get_histogram): Quiet Coverity 1024386 "Out-of-bounds read". This was a benign mis-diagnosis but added code to enforce against buffer overflow. * tools/tiffcrop.c (ROTATE_ANY): Fix Coverity 1294542 "Logical vs. bitwise operator". (readContigStripsIntoBuffer): Fix Coverity 1024545 "Division or modulo by zero". (readContigTilesIntoBuffer): Fix Coverity 1024586 "Logically dead code". (writeSingleSection): Fix Coverity 1024796 "Nesting level does not match indentation". (writeCroppedImage): Fix Coverity 1024797 "Nesting level does not match indentation". (loadImage): Fix Coverity 1299741 "Dereference before null check". (loadImage): Fix Coverity 1299740 "Out-of-bounds write". 2015-03-02 Even Rouault <even.rouault@spatialys.com> * tools/tiffdither.c: check memory allocations to avoid writing to NULL pointer. Also check multiplication overflow. Fixes #2501, CVE-2014-8128. Derived from patch by Petr Gajdos.
Revision 1.118 / (download) - annotate - [select for diffs], Sun Mar 29 14:47:03 2015 UTC (9 years ago) by bsiegert
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base,
pkgsrc-2015Q2,
pkgsrc-2015Q1-base,
pkgsrc-2015Q1
Changes since 1.117: +2 -3
lines
Diff to previous 1.117 (colored) to selected 1.103.2.1 (colored)
SECURITY: Update libtiff to 4.0.4beta to fix CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 (likely) Remaining unfixed vulnerabilities: CVE-2014-9655, CVE-2015-1547 (but these are unfixed upstream AFAICS). ok wiz
Revision 1.117 / (download) - annotate - [select for diffs], Thu Oct 9 14:06:37 2014 UTC (9 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4
Changes since 1.116: +1 -3
lines
Diff to previous 1.116 (colored) to selected 1.103.2.1 (colored)
Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.
Revision 1.116 / (download) - annotate - [select for diffs], Sat Sep 21 18:47:05 2013 UTC (10 years, 6 months ago) by dholland
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base,
pkgsrc-2014Q3,
pkgsrc-2014Q2-base,
pkgsrc-2014Q2,
pkgsrc-2014Q1-base,
pkgsrc-2014Q1,
pkgsrc-2013Q4-base,
pkgsrc-2013Q4,
pkgsrc-2013Q3-base,
pkgsrc-2013Q3
Changes since 1.115: +2 -2
lines
Diff to previous 1.115 (colored) to selected 1.103.2.1 (colored)
Add upstream candidate patch for CVE-2013-4243. PKGREVISION -> 6
Revision 1.115 / (download) - annotate - [select for diffs], Wed Aug 28 16:51:36 2013 UTC (10 years, 7 months ago) by richard
Branch: MAIN
Changes since 1.114: +2 -2
lines
Diff to previous 1.114 (colored) to selected 1.103.2.1 (colored)
update PKGREVISION/BUILDLINK_ABI_DEPENDS
Revision 1.114 / (download) - annotate - [select for diffs], Sun Aug 25 11:48:11 2013 UTC (10 years, 7 months ago) by richard
Branch: MAIN
Changes since 1.113: +2 -1
lines
Diff to previous 1.113 (colored) to selected 1.103.2.1 (colored)
complete jbigkit support in tiff/buildlink3.mk
Revision 1.113 / (download) - annotate - [select for diffs], Thu Aug 15 14:58:46 2013 UTC (10 years, 7 months ago) by drochner
Branch: MAIN
Changes since 1.112: +2 -2
lines
Diff to previous 1.112 (colored) to selected 1.103.2.1 (colored)
add patches from upstream CVS and Redhat bugzilla to fix buffer overflow and use-after-free problems in the "gif2tiff" and "tiff2pdf" command line tools (the library is not affected) (CVE-2013-4231, CVE-2013-4232, CVE-2013-4244) bump PKGREV
Revision 1.112 / (download) - annotate - [select for diffs], Thu May 2 14:52:44 2013 UTC (10 years, 10 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2
Changes since 1.111: +2 -2
lines
Diff to previous 1.111 (colored) to selected 1.103.2.1 (colored)
add patches from Redhat to fix possible buffer overflows in the "tiff2pdf" tool by crafted TIFF image files (CVE-2013-1960/61) bump PKGREV
Revision 1.111 / (download) - annotate - [select for diffs], Sat Apr 6 14:58:19 2013 UTC (10 years, 11 months ago) by rodent
Branch: MAIN
Changes since 1.110: +2 -2
lines
Diff to previous 1.110 (colored) to selected 1.103.2.1 (colored)
'Please use ${ECHO} instead of "echo".' 'Please use ${ECHO_N} instead of "echo -n".'
Revision 1.110 / (download) - annotate - [select for diffs], Sat Jan 26 21:36:32 2013 UTC (11 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base,
pkgsrc-2013Q1
Changes since 1.109: +2 -2
lines
Diff to previous 1.109 (colored) to selected 1.103.2.1 (colored)
Revbump after graphics/jpeg and textproc/icu
Revision 1.109 / (download) - annotate - [select for diffs], Mon Nov 5 12:41:48 2012 UTC (11 years, 4 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base,
pkgsrc-2012Q4
Changes since 1.108: +2 -1
lines
Diff to previous 1.108 (colored) to selected 1.103.2.1 (colored)
add patch from Redhat bug #871700 to fix a possible buffer overflow due to integer overflow in the ppm2tiff cmd line tool (CVE-2012-4564) bump PKGREV
Revision 1.108 / (download) - annotate - [select for diffs], Sat Oct 6 14:11:23 2012 UTC (11 years, 5 months ago) by asau
Branch: MAIN
Changes since 1.107: +1 -2
lines
Diff to previous 1.107 (colored) to selected 1.103.2.1 (colored)
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Revision 1.107 / (download) - annotate - [select for diffs], Mon Oct 1 18:11:29 2012 UTC (11 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.106: +3 -4
lines
Diff to previous 1.106 (colored) to selected 1.103.2.1 (colored)
Changes 4.0.3: MAJOR CHANGES: None CHANGES IN THE SOFTWARE CONFIGURATION: Updated to use Automake 1.12.4. Avoids security problem with 'make distcheck' (CVE-2012-3386). CHANGES IN LIBTIFF: Various memory buffer access fixes. Fix handling when writing RGBA jpeg compressed imagery (http://trac.osgeo.org/gdal/ticket/4732). Fix to work properly with IJG JPEG 7+. New functions TIFFFieldTag(), TIFFFieldName(), TIFFFieldDataType(), TIFFFieldPassCount(), TIFFFieldReadCount(), TIFFFieldWriteCount() to use as external accessors for the opaque type TIFFField. Fix bug rewriting image tiles in a compressed file (http://trac.osgeo.org/gdal/ticket/4771). Add TIFF/FX tag support in libtiff. CHANGES IN THE TOOLS: tiff2pdf: Fail when TIFFSetDirectory() fails. This prevents core dumps or perhaps even arbitrary code execution when processing a corrupt input file (CVE-2012-3401). tiff2pdf: Fix two places where t2p_error didn't get set after a malloc failure. No crash risk AFAICS, but the program might not report exit code 1 as desired. CHANGES IN THE CONTRIB AREA: None
Revision 1.105.2.1 / (download) - annotate - [select for diffs], Fri Jul 20 08:06:28 2012 UTC (11 years, 8 months ago) by sbd
Branch: pkgsrc-2012Q2
Changes since 1.105: +2 -1
lines
Diff to previous 1.105 (colored) next main 1.106 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #3862 - requested by wiz graphics/tiff security update Revisions pulled up: - graphics/tiff/Makefile 1.106 - graphics/tiff/distinfo 1.57 - graphics/tiff/patches/patch-tools_tiff2pdf.c 1.1 --- Module Name: pkgsrc Committed By: wiz Date: Thu Jul 19 21:41:45 UTC 2012 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-tools_tiff2pdf.c Log Message: Fix CVE-2012-3401, buffer overflow in tiff2pdf. Bump PKGREVISION.
Revision 1.106 / (download) - annotate - [select for diffs], Thu Jul 19 21:41:45 2012 UTC (11 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base,
pkgsrc-2012Q3
Changes since 1.105: +2 -1
lines
Diff to previous 1.105 (colored) to selected 1.103.2.1 (colored)
Fix CVE-2012-3401, buffer overflow in tiff2pdf. Bump PKGREVISION.
Revision 1.105 / (download) - annotate - [select for diffs], Wed Jun 20 21:07:14 2012 UTC (11 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base
Branch point for: pkgsrc-2012Q2
Changes since 1.104: +2 -3
lines
Diff to previous 1.104 (colored) to selected 1.103.2.1 (colored)
Update to 4.0.2 for CVE-2012-2113. * tif_getimage.c: added support for _SEPARATED CMYK images. * tif_getimage.c: Added support for greyscale + alpha. * Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory() functions. * tif_print.c: Lots of fixes around printing corrupt or hostile input. * Improve handling of corrupt ycbcrsubsampling values. * tif_unix.c: use strerror to get meaningful error messages. * tif_jpeg.c: fix serious bugs in JPEGDecodeRaw(). * tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173).
Revision 1.103.2.1 / (download) - annotate - [selected], Wed Apr 11 10:06:47 2012 UTC (11 years, 11 months ago) by tron
Branch: pkgsrc-2012Q1
Changes since 1.103: +2 -1
lines
Diff to previous 1.103 (colored) next main 1.104 (colored)
Pullup ticket #3728 - requested by taca graphics/tiff: security patch Revisions pulled up: - graphics/tiff/Makefile 1.104 - graphics/tiff/distinfo 1.55 - graphics/tiff/patches/patch-libtiff_tif__getimage.c 1.1 - graphics/tiff/patches/patch-libtiff_tiffiop.h 1.1 --- Module Name: pkgsrc Committed By: taca Date: Tue Apr 10 14:13:04 UTC 2012 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-libtiff_tif__getimage.c patch-libtiff_tiffiop.h Log Message: Add fix for CVE-2012-1173 from upstream. Bump PKGREVISION.
Revision 1.104 / (download) - annotate - [select for diffs], Tue Apr 10 14:13:04 2012 UTC (11 years, 11 months ago) by taca
Branch: MAIN
Changes since 1.103: +2 -1
lines
Diff to previous 1.103 (colored) to selected 1.103.2.1 (colored)
Add fix for CVE-2012-1173 from upstream. Bump PKGREVISION.
Revision 1.103 / (download) - annotate - [select for diffs], Tue Feb 21 13:03:00 2012 UTC (12 years, 1 month ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base
Branch point for: pkgsrc-2012Q1
Changes since 1.102: +4 -3
lines
Diff to previous 1.102 (colored) to selected 1.103.2.1 (colored)
-pull in xz/bl3 to avoid hidden dependency -update to 4.0.1 -- this only adds symbol versioning support to ease transition from 3.x to 4.x; this is not used in pkgsrc so the update is purely cosmetical
Revision 1.102 / (download) - annotate - [select for diffs], Mon Feb 6 12:30:52 2012 UTC (12 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.101: +5 -2
lines
Diff to previous 1.101 (colored) to selected 1.103.2.1 (colored)
Update tiff to 4.0: At long last, libtiff 4.0.0 is finally released. Libtiff 4.0.0 is the successor to the libtiff 3.9.X release series. It is intended to be largely API compatible with the 3.9.X releases, but it is definitely not ABI compatible so any software which plans to use it will need to be recompiled. With appropriate care, source code can easily compile with both the 3.9.X releases and libtiff 4.0.0. This release supports the BigTIFF TIFF format in which all offsets are unsigned 64-bit, supporting huge files. APIs which deal with tag offsets are necessarily updated to pass 64-bit values. I/O functions supporting the TIFFClientOpen() interface are updated to pass 64-bit offset values.
Revision 1.100.2.1 / (download) - annotate - [select for diffs], Tue Jun 14 11:52:02 2011 UTC (12 years, 9 months ago) by tron
Branch: pkgsrc-2011Q1
Changes since 1.100: +2 -3
lines
Diff to previous 1.100 (colored) next main 1.101 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #3456 - requested by wiz graphics/tiff: security update Revisions pulled up: - graphics/tiff/Makefile 1.101 - graphics/tiff/distinfo 1.52 - graphics/tiff/patches/patch-CVE-2011-1167 deleted - graphics/tiff/patches/patch-SA43593 deleted - graphics/tiff/patches/patch-aa deleted - graphics/tiff/patches/patch-ab deleted - graphics/tiff/patches/patch-ac deleted - graphics/tiff/patches/patch-ad deleted - graphics/tiff/patches/patch-ae deleted --- Module Name: pkgsrc Committed By: wiz Date: Tue Apr 12 08:57:57 UTC 2011 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Removed Files: pkgsrc/graphics/tiff/patches: patch-CVE-2011-1167 patch-SA43593 patch-aa patch-ab patch-ac patch-ad patch-ae Log Message: Update to 3.9.5: Many bugs and security issues are resolved in this stable release.
Revision 1.101 / (download) - annotate - [select for diffs], Tue Apr 12 08:57:57 2011 UTC (12 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2
Changes since 1.100: +2 -3
lines
Diff to previous 1.100 (colored) to selected 1.103.2.1 (colored)
Update to 3.9.5: Many bugs and security issues are resolved in this stable release.
Revision 1.100 / (download) - annotate - [select for diffs], Thu Mar 31 11:05:44 2011 UTC (13 years ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base
Branch point for: pkgsrc-2011Q1
Changes since 1.99: +2 -2
lines
Diff to previous 1.99 (colored) to selected 1.103.2.1 (colored)
add patch from upstream (http://bugzilla.maptools.org/show_bug.cgi?id=2300) to fix possible buffer overflow in the "thunder" decoder (CVE-2011-1167) bump PKGREV
Revision 1.98.2.1 / (download) - annotate - [select for diffs], Sun Mar 13 21:10:18 2011 UTC (13 years ago) by sbd
Branch: pkgsrc-2010Q4
Changes since 1.98: +2 -2
lines
Diff to previous 1.98 (colored) next main 1.99 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #3388 - requested by tron Security update for graphic/tiff Revisions pulled up: - graphics/tiff/Makefile 1.99 - graphics/tiff/distinfo 1.50 - graphics/tiff/patches/patch-SA43593 1.1 --- Module Name: pkgsrc Committed By: tron Date: Sat Mar 12 16:10:43 UTC 2011 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-SA43593 Log Message: Add fix for vulnerability reported in SA43593 taken from the "libtiff" CVS repository.
Revision 1.99 / (download) - annotate - [select for diffs], Sat Mar 12 16:10:42 2011 UTC (13 years ago) by tron
Branch: MAIN
Changes since 1.98: +2 -2
lines
Diff to previous 1.98 (colored) to selected 1.103.2.1 (colored)
Add fix for vulnerability reported in SA43593 taken from the "libtiff" CVS repository.
Revision 1.98 / (download) - annotate - [select for diffs], Thu Dec 23 11:44:46 2010 UTC (13 years, 3 months ago) by dsainty
Branch: MAIN
CVS Tags: pkgsrc-2010Q4-base
Branch point for: pkgsrc-2010Q4
Changes since 1.97: +2 -2
lines
Diff to previous 1.97 (colored) to selected 1.103.2.1 (colored)
Mechanically replace references to graphics/jpeg with the suitable alternative from mk/jpeg.buildlink3.mk This allows selection of an alternative jpeg library (namely the x86 MMX, SSE, SSE2 accelerated libjpeg-turbo) via JPEG_DEFAULT=libjpeg-turbo, and follows the current standard model for alternatives (fam, motif, fuse etc). The mechanical edits were applied via the following script: #!/bin/sh for d in */*; do [ -d "$d" ] || continue for i in "$d/"Makefile* "$d/"*.mk; do case "$i" in *.orig|*"*"*) continue;; esac out="$d/x" sed -e 's;graphics/jpeg/buildlink3\.mk;mk/jpeg.buildlink3.mk;g' \ -e 's;BUILDLINK_PREFIX\.jpeg;JPEGBASE;g' \ < "$i" > "$out" if cmp -s "$i" "$out"; then rm -f "$out" else echo "Edited $i" mv -f "$i" "$i.orig" && mv "$out" "$i" fi done done
Revision 1.96.2.1 / (download) - annotate - [select for diffs], Wed Aug 4 21:23:39 2010 UTC (13 years, 7 months ago) by spz
Branch: pkgsrc-2010Q2
Changes since 1.96: +2 -1
lines
Diff to previous 1.96 (colored) next main 1.97 (colored) to selected 1.103.2.1 (colored)
Pullup ticket 3197 - requested by tron security patches Revisions pulled up: - pkgsrc/graphics/tiff/Makefile 1.97 - pkgsrc/graphics/tiff/distinfo 1.49 Files added: pkgsrc/graphics/tiff/patches/patch-aa pkgsrc/graphics/tiff/patches/patch-ab pkgsrc/graphics/tiff/patches/patch-ac pkgsrc/graphics/tiff/patches/patch-ad pkgsrc/graphics/tiff/patches/patch-ae ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Wed Aug 4 17:48:22 UTC 2010 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-aa patch-ab patch-ac patch-ad patch-ae Log Message: Add patches from either libtiff's or Red Hat's Bugzilla which fix the following vulnerabilities: - CVE-2010-2233 - CVE-2010-2482 - CVE-2010-2483 - CVE-2010-2595 - CVE-2010-2597 There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion gets triggered) and cannot be exploited after the above vulnerabilities are fixed (at least if I understood correctly). No butcher was involved in fixing this package. To generate a diff of this commit: cvs rdiff -u -r1.96 -r1.97 pkgsrc/graphics/tiff/Makefile cvs rdiff -u -r1.48 -r1.49 pkgsrc/graphics/tiff/distinfo cvs rdiff -u -r0 -r1.19 pkgsrc/graphics/tiff/patches/patch-aa cvs rdiff -u -r0 -r1.20 pkgsrc/graphics/tiff/patches/patch-ab cvs rdiff -u -r0 -r1.22 pkgsrc/graphics/tiff/patches/patch-ac cvs rdiff -u -r0 -r1.16 pkgsrc/graphics/tiff/patches/patch-ad cvs rdiff -u -r0 -r1.11 pkgsrc/graphics/tiff/patches/patch-ae
Revision 1.97 / (download) - annotate - [select for diffs], Wed Aug 4 17:48:22 2010 UTC (13 years, 7 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base,
pkgsrc-2010Q3
Changes since 1.96: +2 -1
lines
Diff to previous 1.96 (colored) to selected 1.103.2.1 (colored)
Add patches from either libtiff's or Red Hat's Bugzilla which fix the following vulnerabilities: - CVE-2010-2233 - CVE-2010-2482 - CVE-2010-2483 - CVE-2010-2595 - CVE-2010-2597 There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion gets triggered) and cannot be exploited after the above vulnerabilities are fixed (at least if I understood correctly). No butcher was involved in fixing this package.
Revision 1.94.2.2 / (download) - annotate - [select for diffs], Thu Jun 17 17:52:14 2010 UTC (13 years, 9 months ago) by tron
Branch: pkgsrc-2010Q1
Changes since 1.94.2.1: +1 -1
lines
Diff to previous 1.94.2.1 (colored) to branchpoint 1.94 (colored) next main 1.95 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #3149 - requested by drochner graphics/tiff: security update Revisions pulled up: - graphics/tiff/Makefile 1.96 - graphics/tiff/distinfo 1.48 --- Module Name: pkgsrc Committed By: drochner Date: Wed Jun 16 13:56:41 UTC 2010 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Log Message: update to 3.9.4 changes: -Complete the fixes for CVE-2009-2347. -Tiffcrop now supports custom page sizes. +minor bugfixes
Revision 1.96 / (download) - annotate - [select for diffs], Wed Jun 16 13:56:41 2010 UTC (13 years, 9 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base
Branch point for: pkgsrc-2010Q2
Changes since 1.95: +2 -2
lines
Diff to previous 1.95 (colored) to selected 1.103.2.1 (colored)
update to 3.9.4 changes: -Complete the fixes for CVE-2009-2347. -Tiffcrop now supports custom page sizes. +minor bugfixes
Revision 1.94.2.1 / (download) - annotate - [select for diffs], Tue Jun 15 09:06:28 2010 UTC (13 years, 9 months ago) by tron
Branch: pkgsrc-2010Q1
Changes since 1.94: +2 -3
lines
Diff to previous 1.94 (colored) to selected 1.103.2.1 (colored)
Pullup ticket #3146 - requested by dholland graphics/tiff: security update Revisions pulled up: - graphics/tiff/Makefile 1.95 - graphics/tiff/distinfo 1.47 --- Module Name: pkgsrc Committed By: dholland Date: Tue Jun 15 05:57:45 UTC 2010 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Log Message: Update to 3.9.3, fixing CVE-2010-1411. Other changes are minor bug fixes; gory details at http://www.remotesensing.org/libtiff/v3.9.3.html.
Revision 1.95 / (download) - annotate - [select for diffs], Tue Jun 15 05:57:45 2010 UTC (13 years, 9 months ago) by dholland
Branch: MAIN
Changes since 1.94: +2 -3
lines
Diff to previous 1.94 (colored) to selected 1.103.2.1 (colored)
Update to 3.9.3, fixing CVE-2010-1411. Other changes are minor bug fixes; gory details at http://www.remotesensing.org/libtiff/v3.9.3.html.
Revision 1.94 / (download) - annotate - [select for diffs], Fri Jan 29 11:14:57 2010 UTC (14 years, 2 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2010Q1-base
Branch point for: pkgsrc-2010Q1
Changes since 1.93: +2 -2
lines
Diff to previous 1.93 (colored) to selected 1.103.2.1 (colored)
tiff seems to be a common point of failure from the jpeg fallout, so bump the revision.
Revision 1.93 / (download) - annotate - [select for diffs], Mon Jan 18 09:59:09 2010 UTC (14 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.92: +2 -1
lines
Diff to previous 1.92 (colored) to selected 1.103.2.1 (colored)
Second try at jpeg-8 recursive PKGREVISION bump.
Revision 1.92 / (download) - annotate - [select for diffs], Sun Nov 15 18:12:44 2009 UTC (14 years, 4 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base,
pkgsrc-2009Q4
Changes since 1.91: +2 -2
lines
Diff to previous 1.91 (colored) to selected 1.103.2.1 (colored)
updated to 3.9.2 changes: -bugfixes -OJPEG support updated to work with IJG JPEG 7 release -Tiffcrop validated for most TIFF storage subformats and sample depths
Revision 1.91 / (download) - annotate - [select for diffs], Sat Aug 29 12:32:08 2009 UTC (14 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base,
pkgsrc-2009Q3
Changes since 1.90: +2 -3
lines
Diff to previous 1.90 (colored) to selected 1.103.2.1 (colored)
Update to 3.9.1: This is a bugfix release to correct serious defects found in libtiff 3.9.0. In particular, it was discovered that libtiff 3.9.0 may write defective TIFF files. This release is intended to be API and ABI compatible with libtiff 3.8.2.
Revision 1.90 / (download) - annotate - [select for diffs], Wed Aug 26 19:56:38 2009 UTC (14 years, 7 months ago) by sno
Branch: MAIN
Changes since 1.89: +2 -1
lines
Diff to previous 1.89 (colored) to selected 1.103.2.1 (colored)
bump revision because of graphics/jpeg update
Revision 1.89 / (download) - annotate - [select for diffs], Mon Aug 24 08:50:33 2009 UTC (14 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.88: +8 -3
lines
Diff to previous 1.88 (colored) to selected 1.103.2.1 (colored)
Update to 3.9.0: MAJOR CHANGES: * New tiffcrop utility contributed by Richard Nolde. tiffcrop does the same as tiffcp, but also can crop, extract, rotate and mirror images. * tif_jbig.c: Added support for JBIG compression scheme (34661 code), contributed by Lee Howard. * Totally new implementation of OJPEG module from Joris Van Damme. No need to patch libjpeg anymore. Many OJPEG files should be supported now that was not supported previously. ------------------------------------------------ CHANGES IN THE SOFTWARE CONFIGURATION: * tif_config.wince.h, tiffconf.wince.h, tif_wince.c: WinCE-specific compatibility stuff from Mateusz Loskot. * Rename config.h.vc and tif_config.h.vc to config.vc.h and tif_config.vc.h for easier identification by folks using an IDE. * configure, configure.ac: OJPEG support enabled by default (i.e., whe the conformant JPEG support enabled). * README.vms, Makefile.am, configure.com, libtiff/{Makefile.am, tif_config.h-vms, tif_stream.cxx, tif_vms.c, tiffconf.h-vms}: Added support for OpenVMS by Alexey Chupahin. * nmake.opt: use /EHsc for VS2005 compatibility. Also define _CRT_SECURE_NO_DEPRECATE to avoid noise on VS2005. ------------------------------------------------ CHANGES IN LIBTIFF: * tif_dirinfo.c (_TIFFFindFieldInfo): Don't attempt to bsearch() on a NULL fieldinfo list. (_TIFFFindFieldInfoByName): Don't attempt to lfind() on a NULL fieldinfo list. * tif_jpeg.c: Changed JPEGInitializeLibJPEG() so that it will convert from decompressor to compressor or compress to decompress if required by the force arguments. This works around a problem in where the JPEGFixupTestSubsampling() may cause a decompressor to be setup on a directory when later a compressor is required with the force flag set. Occurs with the addtiffo program for instance. * tif_dirwrite.c: Fixed swapping of byte arrays stored in-place in tag offsets as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1363 * tif_getimage.c: workaround for 'Fractional scanline' error reading OJPEG images with rowsperstrip that is not a multiple of vertical subsampling factor. This bug is mentioned in http://bugzilla.remotesensing.org/show_bug.cgi?id=1390 and http://www.asmail.be/msg0054766825.html * tif_dirread.c: Added special function to handle SubjectDistance EXIF tag as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1362 * tif_dirread.c, tif_read.c: Type of the byte counters changed from tsize_t to uint32 to be able to work with data arrays larger than 2GB. Fixes bug http://bugzilla.remotesensing.org/show_bug.cgi?id=89 Idea submitted by Matt Hancher. * tif_dir.c: Workaround for incorrect TIFFs with ExtraSamples == 999 produced by Corel Draw. As per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1490 * tif_write.c: TIFFAppendToStrip() - clear sorted flag if we move a strip. http://bugzilla.remotesensing.org/show_bug.cgi?id=1359 * tif_fax3.c: Save the state of printdir codec dependent method. * tif_jpeg.c: Save the state of printdir codec dependent method as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1273 * tif_win32.c: Fixed problem with offset value manipulation as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1322 * tif_fax3.c, tif_next.c, tif_pixarlog.c: Fixed multiple vulnerabilities, as per Gentoo bug (): http://bugs.gentoo.org/show_bug.cgi?id=142383 * tif_lzw.c, tif_zip.c: Fixed problems with mixing encoding and decoding on the same read-write TIFF handle. The LZW code can now maintain encode and decode state at the same time. The ZIP code will switch back and forth as needed. http://bugzilla.remotesensing.org/show_bug.cgi?id=757 * tif_msdos.c: Avoid handle leak for failed opens. c/o Thierry Pierron * tif_dirwrite.c: take care not to flush out buffer of strip/tile data in _TIFFWriteDirectory if TIFF_BEENWRITING not set. Relates to bug report by Peng Gao with black strip at bottom of images. * tif_dirwrite.c: make sure to use uint32 for wordcount in TIFFWriteNormanTag if writecount is VARIABLE2 for ASCII fields. It already seems to have been done for other field types. Needed for "tiffset" on files with geotiff ascii text. * tif_dirinfo.c: Added missed EXIF tag ColorSpace (40961). * tif_dirread.c: Move IFD fetching code in the separate function TIFFFetchDirectory() avoiding code duplication in TIFFReadDirectory() and TIFFReadCustomDirectory(). * tif_readdir.c: Added case in EstimateStripByteCounts() for tiled files. Modified TIFFReadDirectory() to not invoke EstimateStripByteCounts() for case where entry 0 and 1 are unequal but one of them is zero. http://bugzilla.remotesensing.org/show_bug.cgi?id=1204 * tif_open.c, tif_dirread.c, tiffiop.h: Move IFD looping checking code in the separate function TIFFCheckDirOffset(). * tif_aux.c: Added _TIFFCheckRealloc() function. * tif_fax3.c: Fixed problems in fax decoder as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1194 * tif_jbig.c: Added support for JBIG compression scheme (34661 code) contributed by Lee Howard. As per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=896 * tif_getimage.c: Added support for planarconfig separate non-subsampled YCbCr (i.e. separate YCbCr with subsampling [1,1]). * tif_getimage.c: Revision of all RGB(A) put routines: * Conversion of unassociated alpha to associated alpha now done with more performant LUT, and calculation more correct. * Conversion of 16bit data to 8bit data now done with more performant LUT, and calculation more correct * Bugfix of handling of 16bit RGB with unassociated alpha * tif_ojpeg.c: totally new implementation * tif_getimage.c: removed TIFFTAG_JPEGCOLORMODE handling of OJPEG images in favor of tif_getimage.c native handling of YCbCr and desubsampling. * tif_jpeg.c: JPEGVSetField() so that altering the photometric interpretation causes the "upsampled" flag to be recomputed. Fixes peculiar bug where photometric flag had to be set before jpegcolormode flag. ------------------------------------------------ CHANGES IN THE TOOLS: * tiff2ps.c: Added support 16-bit images as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1566. Patch from William Bader. * tiff2pdf.c: Fix for TIFFTAG_JPEGTABLES tag fetching and significant upgrade of the whole utility as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1560. Now we don't need tiffiop.h in tiff2pdf anymore and will open output PDF file using TIFFClientOpen() machinery as it is implemented by Leon Bottou. * tiffcrop.c: New tiffcrop utility contributed by Richard Nolde. As per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1383 * tiff2pdf.c: Do not assume inches when the resolution units do not specified. As per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1366 * tiffset.c: Properly handle tags with TIFF_VARIABLE writecount. As per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1350 * tif2rgba.c: This utility does not work properly on big-endian architectures. It was fixed including the bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1149 * tiff2pdf.c: Fix handling of -q values. http://bugzilla.remotesensing.org/show_bug.cgi?id=587 * tiffcmp.c: Fixed floating point comparison logic as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1191 * tiff2pdf.c: Fixed buffer overflow condition in t2p_write_pdf_string() as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1196 ------------------------------------------------ CHANGES IN THE CONTRIB AREA: * contrib/addtiffo/tif_overview.c: Fix problems with odd sized output blocks in TIFF_DownSample_Subsampled() (bug 1542). * contrib/dbs/xtiff/xtiff.c: Make xtiff utility compilable. Though it is still far from the state of being working and useful.
Revision 1.87.2.1 / (download) - annotate - [select for diffs], Sun Jul 19 19:31:37 2009 UTC (14 years, 8 months ago) by spz
Branch: pkgsrc-2009Q2
Changes since 1.87: +2 -2
lines
Diff to previous 1.87 (colored) next main 1.88 (colored) to selected 1.103.2.1 (colored)
Pullup ticket 2823 - requested by tron security fix Revisions pulled up: - pkgsrc/graphics/tiff/Makefile 1.88 - pkgsrc/graphics/tiff/distinfo 1.43 Files added: pkgsrc/graphics/tiff/patches/patch-ca 1.1 pkgsrc/graphics/tiff/patches/patch-cb 1.1 Module Name: pkgsrc Committed By: tron Date: Sun Jul 19 11:45:09 UTC 2009 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-ca patch-cb Log Message: Apply fix for integer overflows in various inter-color space conversion tools taken from MapTools Bugzilla. This fixes CVE-2009-2347. To generate a diff of this commit: cvs rdiff -u -r1.87 -r1.88 pkgsrc/graphics/tiff/Makefile cvs rdiff -u -r1.42 -r1.43 pkgsrc/graphics/tiff/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/tiff/patches/patch-ca \ pkgsrc/graphics/tiff/patches/patch-cb
Revision 1.88 / (download) - annotate - [select for diffs], Sun Jul 19 11:45:09 2009 UTC (14 years, 8 months ago) by tron
Branch: MAIN
Changes since 1.87: +2 -2
lines
Diff to previous 1.87 (colored) to selected 1.103.2.1 (colored)
Apply fix for integer overflows in various inter-color space conversion tools taken from MapTools Bugzilla. This fixes CVE-2009-2347.
Revision 1.87 / (download) - annotate - [select for diffs], Mon Jun 22 14:54:44 2009 UTC (14 years, 9 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base
Branch point for: pkgsrc-2009Q2
Changes since 1.86: +2 -2
lines
Diff to previous 1.86 (colored) to selected 1.103.2.1 (colored)
add a patch from upstream (http://bugzilla.maptools.org/show_bug.cgi?id=2065) to fix a buffer underflow which can cause DOS or system access (SA35515) bump PKGREVISION
Revision 1.85.16.1 / (download) - annotate - [select for diffs], Sat Sep 6 02:17:45 2008 UTC (15 years, 6 months ago) by rtr
Branch: pkgsrc-2008Q2
Changes since 1.85: +2 -2
lines
Diff to previous 1.85 (colored) next main 1.86 (colored) to selected 1.103.2.1 (colored)
pullup ticket #2510 - requested by tron tiff: security patch revisions pulled up: pkgsrc/graphics/tiff/Makefile 1.86 pkgsrc/graphics/tiff/distinfo 1.41 pkgsrc/graphics/tiff/patches/patch-ac 1.19 Module Name: pkgsrc Committed By: tron Date: Sat Aug 30 08:12:45 UTC 2008 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-ac Log Message: Apply Debian's fix for the security vulnerability reported in CVE-2008-2327. Bump package revision.
Revision 1.86 / (download) - annotate - [select for diffs], Sat Aug 30 08:12:45 2008 UTC (15 years, 7 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base,
pkgsrc-2009Q1,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.85: +2 -2
lines
Diff to previous 1.85 (colored) to selected 1.103.2.1 (colored)
Apply Debian's fix for the security vulnerability reported in CVE-2008-2327. Bump package revision.
Revision 1.85 / (download) - annotate - [select for diffs], Thu Nov 2 18:00:43 2006 UTC (17 years, 4 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base,
pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
pkgsrc-2007Q3-base,
pkgsrc-2007Q3,
pkgsrc-2007Q2-base,
pkgsrc-2007Q2,
pkgsrc-2007Q1-base,
pkgsrc-2007Q1,
pkgsrc-2006Q4-base,
pkgsrc-2006Q4,
cwrapper
Branch point for: pkgsrc-2008Q2
Changes since 1.84: +2 -1
lines
Diff to previous 1.84 (colored) to selected 1.103.2.1 (colored)
DESTDIR support.
Revision 1.83.2.1 / (download) - annotate - [select for diffs], Wed Aug 2 17:56:46 2006 UTC (17 years, 8 months ago) by ghen
Branch: pkgsrc-2006Q2
Changes since 1.83: +2 -2
lines
Diff to previous 1.83 (colored) next main 1.84 (colored) to selected 1.103.2.1 (colored)
Pullup ticket 1774 - requested by salo security fix for tiff Revisions pulled up: - pkgsrc/graphics/tiff/Makefile 1.84 - pkgsrc/graphics/tiff/distinfo 1.39 - pkgsrc/graphics/tiff/patches/patch-av 1.5 - pkgsrc/graphics/tiff/patches/patch-aw 1.5 - pkgsrc/graphics/tiff/patches/patch-ax 1.5 - pkgsrc/graphics/tiff/patches/patch-ay 1.3 - pkgsrc/graphics/tiff/patches/patch-az 1.1 - pkgsrc/graphics/tiff/patches/patch-ba 1.1 - pkgsrc/graphics/tiff/patches/patch-bb 1.1 - pkgsrc/graphics/tiff/patches/patch-bc 1.1 Module Name: pkgsrc Committed By: salo Date: Wed Aug 2 15:42:25 UTC 2006 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-av patch-aw patch-ax patch-ay patch-az patch-ba patch-bb patch-bc Log Message: Security fixes for SA21304: "Some vulnerabilities have been reported in libTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerabilities are caused due to various heap and integer overflows when processing TIFF images and can be exploited via a specially crafted TIFF image. Successful exploitation allows crashing applications linked against libTIFF and may also allow execution of arbitrary code." http://secunia.com/advisories/21304/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465 Patches from Tavis Ormandy, Google Security Team via SUSE. Bump PKGREVISION.
Revision 1.84 / (download) - annotate - [select for diffs], Wed Aug 2 15:42:25 2006 UTC (17 years, 8 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.83: +2 -2
lines
Diff to previous 1.83 (colored) to selected 1.103.2.1 (colored)
Security fixes for SA21304: "Some vulnerabilities have been reported in libTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerabilities are caused due to various heap and integer overflows when processing TIFF images and can be exploited via a specially crafted TIFF image. Successful exploitation allows crashing applications linked against libTIFF and may also allow execution of arbitrary code." http://secunia.com/advisories/21304/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465 Patches from Tavis Ormandy, Google Security Team via SUSE. Bump PKGREVISION.
Revision 1.83 / (download) - annotate - [select for diffs], Sat Jun 17 20:25:23 2006 UTC (17 years, 9 months ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base
Branch point for: pkgsrc-2006Q2
Changes since 1.82: +2 -1
lines
Diff to previous 1.82 (colored) to selected 1.103.2.1 (colored)
Configure with --without-x. This fixes problem where GL components were detected and tiffgt was built. No change to package. (TODO: do not install the tiffgt manual pages. Maybe install separate tiffgt package if needed.)
Revision 1.78.2.1 / (download) - annotate - [select for diffs], Fri Jun 9 07:29:35 2006 UTC (17 years, 9 months ago) by snj
Branch: pkgsrc-2006Q1
Changes since 1.78: +3 -2
lines
Diff to previous 1.78 (colored) next main 1.79 (colored) to selected 1.103.2.1 (colored)
Pullup ticket 1694 - requested by salo security update/fix for tiff Revisions pulled up: - pkgsrc/graphics/tiff/Makefile 1.79, 1.80, 1.82 - pkgsrc/graphics/tiff/distinfo 1.37-1.38 - pkgsrc/graphics/tiff/PLIST 1.10 - pkgsrc/graphics/tiff/patches/patch-au 1.5 Module Name: pkgsrc Committed By: drochner Date: Fri Mar 31 14:31:03 UTC 2006 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Log Message: update to 3.8.2 changes: bugfixes --- Module Name: pkgsrc Committed By: uebayasi Date: Wed Apr 5 07:04:18 UTC 2006 Modified Files: pkgsrc/graphics/tiff: Makefile PLIST Log Message: A missing entry in PLIST, found by ftp://ftp.NetBSD.org/pub/pkgsrc/misc/kristerw /pkgstat/i386-2.1/20060404.0711/graphics/tiff/.broken.html. Reviewed By: reed --- Module Name: pkgsrc Committed By: salo Date: Thu Jun 8 11:05:14 UTC 2006 Modified Files: pkgsrc/graphics/tiff: Makefile distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-au Log Message: Security fix for CVE-2006-2193: "A vulnerability in LibTIFF can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerability is caused due to a boundary error within tiff2pdf when handling a TIFF file with a "DocumentName" tag that contains UTF-8 characters. This can be exploited to cause a stack-based buffer overflow and may allow arbitrary code execution." http://secunia.com/advisories/20488/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193 Patch from Ubuntu.
Revision 1.82 / (download) - annotate - [select for diffs], Thu Jun 8 11:05:14 2006 UTC (17 years, 9 months ago) by salo
Branch: MAIN
Changes since 1.81: +2 -2
lines
Diff to previous 1.81 (colored) to selected 1.103.2.1 (colored)
Security fix for CVE-2006-2193: "A vulnerability in LibTIFF can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerability is caused due to a boundary error within tiff2pdf when handling a TIFF file with a "DocumentName" tag that contains UTF-8 characters. This can be exploited to cause a stack-based buffer overflow and may allow arbitrary code execution." http://secunia.com/advisories/20488/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193 Patch from Ubuntu.
Revision 1.81 / (download) - annotate - [select for diffs], Fri Apr 14 07:08:08 2006 UTC (17 years, 11 months ago) by heinz
Branch: MAIN
Changes since 1.80: +3 -1
lines
Diff to previous 1.80 (colored) to selected 1.103.2.1 (colored)
Added appropriate TEST_TARGET.
Revision 1.80 / (download) - annotate - [select for diffs], Wed Apr 5 07:04:18 2006 UTC (17 years, 11 months ago) by uebayasi
Branch: MAIN
Changes since 1.79: +2 -1
lines
Diff to previous 1.79 (colored) to selected 1.103.2.1 (colored)
A missing entry in PLIST, found by ftp://ftp.NetBSD.org/pub/pkgsrc/misc/kristerw /pkgstat/i386-2.1/20060404.0711/graphics/tiff/.broken.html. Reviewed By: reed
Revision 1.79 / (download) - annotate - [select for diffs], Fri Mar 31 14:31:03 2006 UTC (18 years ago) by drochner
Branch: MAIN
Changes since 1.78: +2 -2
lines
Diff to previous 1.78 (colored) to selected 1.103.2.1 (colored)
update to 3.8.2 changes: bugfixes
Revision 1.78 / (download) - annotate - [select for diffs], Tue Mar 14 14:08:30 2006 UTC (18 years ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base
Branch point for: pkgsrc-2006Q1
Changes since 1.77: +2 -3
lines
Diff to previous 1.77 (colored) to selected 1.103.2.1 (colored)
update to 3.8.1 changes: -many bugfixes -support PBM files in ppm2tiff -Added ability to create multipage TIFFs in bmp2tiff
Revision 1.77 / (download) - annotate - [select for diffs], Sat Mar 4 21:29:52 2006 UTC (18 years ago) by jlam
Branch: MAIN
Changes since 1.76: +2 -2
lines
Diff to previous 1.76 (colored) to selected 1.103.2.1 (colored)
Point MAINTAINER to pkgsrc-users@NetBSD.org in the case where no developer is officially maintaining the package. The rationale for changing this from "tech-pkg" to "pkgsrc-users" is that it implies that any user can try to maintain the package (by submitting patches to the mailing list). Since the folks most likely to care about the package are the folks that want to use it or are already using it, this would leverage the energy of users who aren't developers.
Revision 1.76 / (download) - annotate - [select for diffs], Wed Feb 22 12:38:17 2006 UTC (18 years, 1 month ago) by drochner
Branch: MAIN
Changes since 1.75: +1 -4
lines
Diff to previous 1.75 (colored) to selected 1.103.2.1 (colored)
The "--with-default-strip-size" did just help because it worked around a problem caused by a bash'ism in the configure script. Fix the script instead. No functional change.
Revision 1.75 / (download) - annotate - [select for diffs], Mon Feb 20 17:56:36 2006 UTC (18 years, 1 month ago) by joerg
Branch: MAIN
Changes since 1.74: +2 -1
lines
Diff to previous 1.74 (colored) to selected 1.103.2.1 (colored)
Include stddef.h instead of defining NULL manually. This fixes the inclusion of tiffio.h from C++ as seen in digikam. Bump revision.
Revision 1.74 / (download) - annotate - [select for diffs], Sat Dec 31 00:07:36 2005 UTC (18 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.73: +5 -2
lines
Diff to previous 1.73 (colored) to selected 1.103.2.1 (colored)
Update to 3.8.0: MAJOR CHANGES: * Read-only support for custom directories (e.g. EXIF directory). * Preliminary support for MS MDI format. ---------------------------------------------------------------------------------------- CHANGES IN THE SOFTWARE CONFIGURATION: * Make the default strip size configurable via the --with-default-strip-size and STRIP_SIZE_DEFAULT options. ---------------------------------------------------------------------------------------- CHANGES IN LIBTIFF: * tiffio.h: Added VC_EXTRALEAN definition before including windows.h, to reduce the compile time. * tif_jpeg.c: Improve compilation under MinGW. * {tif_aux.c, tif_dir.c, tif_dir.h, tif_dirwrite.c, tif_print.c, tif_getimage.c}: Make InkSet, NumberOfInks, DotRange and StoNits tags custom. * {tif_aux.c, tif_dir.c, tif_dir.h, tif_print.c}: Make WhitePoint tag custom. * tiffio.h: fixed typo that potentially resulted in redefininition of USE_WIN32_FILEIO * {tif_dir.c, tif_dir.h, tif_print.c}: Make RichTIFFIPTC, Photoshop and ICCProfile tags custom. * libtiff/*, contrib/*: Added 'dual-mode' error handling, enabling newer code to get context indicator in error handler and still remain compatible with older code: Done TIFFError calls everywhere except in tools. * tiffinfo.c: Print EXIF directory contents if exist. * {tif_dirinfo.c, tif_dirread.c, tif_dir.h, tif_dir.c}: Custom directory read-only support. * {tif_aux.c, tif_dirinfo.c, tif_dirread.c, tif_dir.h, tif_dir.c, tif_print.c}: Make YCbCrCoefficients and ReferenceBlackWhite tags custom. * tif_dirread.c: One more workaround for broken StripByteCounts tag. Handle the case when StripByteCounts array filled with completely wrong values. * tif_dirinfo.c: Release file descriptor in case of failure in the TIFFOpenW() function as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1003 * tif_dirinfo.c: Correctly yse bsearch() and lfind() functions as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=1008 * tif_open.c, tiff.h, tiffdump.c: Incorporate preliminary support for MS MDI format. http://bugzilla.remotesensing.org/show_bug.cgi?id=1002 * libtiff.def, tiffiop.h, tiffio.h: Made TIFFFreeDirectory public. * /tif_dirinfo.c: Make XResolution, YResolution and ResolutionUnit tags modifiable during write process. As per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=977 * if_dirread.c: Don't try and split single strips into "0" strips in ChopUpSingleUncompressedStrip. This happens in some degenerate cases (like 1x1 files with stripbytecounts==0 (gtsmall.jp2 embed tiff) * tif_fax3.c: changed 'at scanline ...' style warning/errors with incorrect use of tif_row, to 'at line ... of strip/tile ...' style. CHANGES IN THE TOOLS: * tiffcp.c: Added many error reporting messages; fixed integer overflow as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=789 * tiffcp.c: Return non-zero status when reading fails. * fax2tiff.c: Properly calculate sizes of temporary arrays as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=943 * fax2tiff.c: Added option '-r' to set RowsPerStrip parameter as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=944 * tiffdump.c: Fixed typeshift and typemask arrays initialization problem as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=946 * bmp2tiff.c: Fixed possible integer overflow error as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=965 * tiffsplit.c: Copy fax related fields over splitted parts as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=983 * tiffdump.c: Fixed crash when reading malformed tags. * tiff2pdf.c: Added missed 'break' statement as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=932
Revision 1.73 / (download) - annotate - [select for diffs], Sat Oct 15 17:11:51 2005 UTC (18 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base,
pkgsrc-2005Q4
Changes since 1.72: +2 -2
lines
Diff to previous 1.72 (colored) to selected 1.103.2.1 (colored)
Update to 3.7.4: MAJOR CHANGES: * Fixed important bug in custom tags handling code.. ------------------------------------------------ CHANGES IN THE SOFTWARE CONFIGURATION: * Applied patch from Patrick Welche (all scripts moved in the 'config' and 'm4' directories). * SConstruct, libtiff/SConstruct: Added the first very preliminary support for SCons software building tool (http://www.scons.org/). This is experimental infrastructure and it will exist along with the autotools stuff. * port/lfind.c: Added lfind() replacement module. ------------------------------------------------ CHANGES IN LIBTIFF: * tif_dir.c: When prefreeing tv->value in TIFFSetFieldV also set it to NULL to avoid double free when re-setting custom string fields as per: http://bugzilla.remotesensing.org/show_bug.cgi?id=922 * tif_dir.c: Fixed up support for swapping "double complex" values (128 bits as 2 64 bits doubles). GDAL gcore tests now pass on bigendian (macosx) system. * libtiff/{tif_dirread.c, tif_dirinfo.c}: Do not upcast BYTEs to SHORTs in the TIFFFetchByteArray(). Remove TIFFFetchExtraSamples() function, use TIFFFetchNormalTag() instead as per bug http://bugzilla.remotesensing.org/show_bug.cgi?id=831 Remove TIFFFetchExtraSamples() function, use TIFFFetchNormalTag() instead. * tif_print.c: Fixed printing of the BYTE and SBYTE arrays. * tif_write.c: Do not check the PlanarConfiguration field in the TIFFWriteCheck() function in case of single band images (as per TIFF spec). * libtiff/{tif_dir.c, tif_dir.h, tif_dirinfo.c, tif_print.c}: Make FieldOfViewCotangent, MatrixWorldToScreen, MatrixWorldToCamera, ImageFullWidth, ImageFullLength and PrimaryChromaticities tags custom. ------------------------------------------------ CHANGES IN THE TOOLS: * tiffcp.c: Fixed WhitePoint tag copying. ------------------------------------------------ CHANGES IN THE CONTRIB AREA: * tiffdump.c: Added support for TIFF_IFD datatype. * addtiffo/{tif_overview.c, tif_ovrcache.c, tif_ovrcache.h}: Make overviews working for contiguous images.
Revision 1.72 / (download) - annotate - [select for diffs], Thu Jul 14 13:43:28 2005 UTC (18 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base,
pkgsrc-2005Q3
Changes since 1.71: +2 -3
lines
Diff to previous 1.71 (colored) to selected 1.103.2.1 (colored)
Update to 3.7.3: Many bugfixes and several new features. The runtime endianness check has been replaced with the compile time one. Support has been added for the new predictor type (floating point predictor) defined at the TIFF Technical Note 3, for custom tags passed by value, and for all DNG tags.
Revision 1.71 / (download) - annotate - [select for diffs], Thu Jul 14 00:29:16 2005 UTC (18 years, 8 months ago) by grant
Branch: MAIN
Changes since 1.70: +1 -7
lines
Diff to previous 1.70 (colored) to selected 1.103.2.1 (colored)
remove sunpro c++ runtime library hack, as this is handled in the sunpro-cxx wrapper now.
Revision 1.70 / (download) - annotate - [select for diffs], Wed Jun 22 02:31:36 2005 UTC (18 years, 9 months ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.69: +7 -1
lines
Diff to previous 1.69 (colored) to selected 1.103.2.1 (colored)
libtiffxx needs to be linked against the C++ runtime libraries libCrun and libCstd when building with sunpro. ok'd by jlam@
Revision 1.66.2.1 / (download) - annotate - [select for diffs], Thu May 12 23:21:16 2005 UTC (18 years, 10 months ago) by snj
Branch: pkgsrc-2005Q1
Changes since 1.66: +6 -35
lines
Diff to previous 1.66 (colored) next main 1.67 (colored) to selected 1.103.2.1 (colored)
Pullup ticket 495 - requested by Lubomir Sedlacik security fix for tiff Revisions pulled up: - pkgsrc/graphics/tiff/Makefile 1.67, 1.69 - pkgsrc/graphics/tiff/PLIST 1.7 - pkgsrc/graphics/tiff/distinfo 1.26, 1.27, 1.28, 1.29 - pkgsrc/graphics/tiff/options.mk 1.1 - pkgsrc/graphics/tiff/buildlink3.mk 1.12 - pkgsrc/graphics/tiff/patches/patch-aa 1.16 - pkgsrc/graphics/tiff/patches/patch-ab 1.16 - pkgsrc/graphics/tiff/patches/patch-ac 1.16 - pkgsrc/graphics/tiff/patches/patch-ad 1.14 - pkgsrc/graphics/tiff/patches/patch-ae removed - pkgsrc/graphics/tiff/patches/patch-af removed - pkgsrc/graphics/tiff/patches/patch-ah removed - pkgsrc/graphics/tiff/patches/patch-ag removed Module Name: pkgsrc Committed By: wiz Date: Wed Mar 23 01:17:45 UTC 2005 Modified Files: pkgsrc/graphics/tiff: Makefile PLIST distinfo pkgsrc/graphics/tiff/patches: patch-aa Added Files: pkgsrc/graphics/tiff: options.mk Removed Files: pkgsrc/graphics/tiff/patches: patch-ab patch-ac patch-ad patch-ae patch-af patch-ag patch-ah Log Message: Update to 3.7.2. Package changes: Put options in options.mk, and retire support for USE_GIF; turn on the lzw option by default (since USE_GIF was on by default). C++ library's name changed, to be in sync with tiff distribution's name for it (libtiffcxx -> libtiffxx). Changes in 3.7.2: Maintainance [sic] release. Many bugfixes in the build environment and compatibility improvements. ---- Module Name: pkgsrc Committed By: recht Date: Thu Mar 24 17:46:29 UTC 2005 Modified Files: pkgsrc/graphics/tiff: distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-ab Log Message: Pull in libtiff/Makefile.in rev. 1.54 and 1.55 without the rpath changes from libtiff CVS to fix the build on Darwin. ---- Modified Files: pkgsrc/graphics/tiff: distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-ac Log Message: Fix for NetBSD LP64 arches by checking if _LP64 is defined. These arches don't define __LP64__. This is basically same as patch-ab rev. 1.13, which was probably removed by mistake. ---- Module Name: pkgsrc Committed By: salo Date: Thu May 12 12:53:21 UTC 2005 Modified Files: pkgsrc/graphics/tiff: Makefile buildlink3.mk distinfo Added Files: pkgsrc/graphics/tiff/patches: patch-ad Log Message: Security fix: "A vulnerability in libTIFF was found, it can be potentially exploited by malicious people to compromise a vulnerable system." http://secunia.com/advisories/15320/ http://bugzilla.remotesensing.org/show_bug.cgi?id=3D843 Bump PKGREVISION, patch from libtiff cvs repository.
Revision 1.69 / (download) - annotate - [select for diffs], Thu May 12 12:53:21 2005 UTC (18 years, 10 months ago) by salo
Branch: MAIN
Changes since 1.68: +2 -1
lines
Diff to previous 1.68 (colored) to selected 1.103.2.1 (colored)
Security fix: "A vulnerability in libTIFF was found, it can be potentially exploited by malicious people to compromise a vulnerable system." http://secunia.com/advisories/15320/ http://bugzilla.remotesensing.org/show_bug.cgi?id=843 Bump PKGREVISION, patch from libtiff cvs repository.
Revision 1.68 / (download) - annotate - [select for diffs], Mon Apr 11 21:46:09 2005 UTC (18 years, 11 months ago) by tv
Branch: MAIN
Changes since 1.67: +1 -2
lines
Diff to previous 1.67 (colored) to selected 1.103.2.1 (colored)
Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.
Revision 1.67 / (download) - annotate - [select for diffs], Wed Mar 23 01:17:45 2005 UTC (19 years ago) by wiz
Branch: MAIN
Changes since 1.66: +5 -35
lines
Diff to previous 1.66 (colored) to selected 1.103.2.1 (colored)
Update to 3.7.2. Package changes: Put options in options.mk, and retire support for USE_GIF; turn on the lzw option by default (since USE_GIF was on by default). C++ library's name changed, to be in sync with tiff distribution's name for it (libtiffcxx -> libtiffxx). Changes in 3.7.2: Maintainance [sic] release. Many bugfixes in the build environment and compatibility improvements.
Revision 1.66 / (download) - annotate - [select for diffs], Mon Jan 17 08:04:25 2005 UTC (19 years, 2 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base
Branch point for: pkgsrc-2005Q1
Changes since 1.65: +2 -2
lines
Diff to previous 1.65 (colored) to selected 1.103.2.1 (colored)
Link the tiff library, which has no C++ functions, with $(CC) instead of $(CXX) so that applications needing libtiff don't also need to be linked against $(CXX). Bump the PKGREVISION to 3. This should fix PR pkg/28961.
Revision 1.65 / (download) - annotate - [select for diffs], Thu Jan 13 15:39:20 2005 UTC (19 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.64: +2 -2
lines
Diff to previous 1.64 (colored) to selected 1.103.2.1 (colored)
Fix error in patch to build libtiffcxx.la that tried to create libraries with no objects. libtiffcxx.la now correctly builds using tif_stream.lo. Bump the PKGREVISION to 2.
Revision 1.64 / (download) - annotate - [select for diffs], Tue Jan 11 05:29:55 2005 UTC (19 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.63: +16 -1
lines
Diff to previous 1.63 (colored) to selected 1.103.2.1 (colored)
Create a separate libtiffcxx.so library for use by C++ applications. It's meant to be used directly in place of libtiff.so, i.e. instead of linking against -ltiff, you link against -ltiffcxx. It also leaves libtiff.so as a plain C-linkage library again, as it was in tiff-3.6.x, and avoids needing to patch tiff-using packages to link using the C++ compiler. Bump the PKGREVISION to 1.
Revision 1.63 / (download) - annotate - [select for diffs], Sun Jan 9 23:03:58 2005 UTC (19 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.62: +1 -2
lines
Diff to previous 1.62 (colored) to selected 1.103.2.1 (colored)
--enable-c++ isn't a valid option name because of stupidity on the tiff configure script. Remove this from CONFIGURE_ARGS.
Revision 1.62 / (download) - annotate - [select for diffs], Sun Jan 9 21:34:41 2005 UTC (19 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.61: +18 -6
lines
Diff to previous 1.61 (colored) to selected 1.103.2.1 (colored)
Note that this package requires C++. Also, convert to use the bsd.options.mk framework. The USE_GIF option is now called "lzw" and is enabled by default.
Revision 1.61 / (download) - annotate - [select for diffs], Tue Dec 28 23:10:10 2004 UTC (19 years, 3 months ago) by reed
Branch: MAIN
Changes since 1.60: +10 -51
lines
Diff to previous 1.60 (colored) to selected 1.103.2.1 (colored)
Upgrade tiff to 3.7.1. Remove OpenWindows workaround in pkgsrc for this. Too many changes to include here. See http://www.remotesensing.org/libtiff/v3.7.1.html and http://www.remotesensing.org/libtiff/v3.7.0.html and previous change files for changes information. tiff-3.7.1 now includes the lzw compression code again. It also uses autoconf and libtool now. A new tool is bmp2tiff. Docs are placed under share/doc/tiff/html instead of share/doc/html/tiff. Many manpage symlinks are now missing. (This was reported to tiff list.)
Revision 1.59.2.1 / (download) - annotate - [select for diffs], Wed Dec 22 08:31:29 2004 UTC (19 years, 3 months ago) by snj
Branch: pkgsrc-2004Q4
Changes since 1.59: +2 -2
lines
Diff to previous 1.59 (colored) next main 1.60 (colored) to selected 1.103.2.1 (colored)
Pullup ticket 174 - requested by Jeremy C. Reed security fix for tiff Module Name: pkgsrc Committed By: reed Date: Wed Dec 22 03:57:15 UTC 2004 Modified Files: pkgsrc/graphics/tiff: Makefile buildlink3.mk distinfo pkgsrc/graphics/tiff/patches: patch-ag patch-ao Log Message: patch-ag and patch-ao already had security fixes for CESA-2004-006. But now these are improved in response to iDEFENSE Security Advisory 12.21.04 www.idefense.com/application/poi/display?id=173&type=vulnerabilities libtiff STRIPOFFSETS Integer Overflow Vulnerability December 21, 2004 This fix (in two files) was from that advisory and also seen in tiff 3.7.1. PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for this possible security issue. Other packages depending on this are not bumped.
Revision 1.60 / (download) - annotate - [select for diffs], Wed Dec 22 03:57:15 2004 UTC (19 years, 3 months ago) by reed
Branch: MAIN
Changes since 1.59: +2 -2
lines
Diff to previous 1.59 (colored) to selected 1.103.2.1 (colored)
patch-ag and patch-ao already had security fixes for CESA-2004-006. But now these are improved in response to iDEFENSE Security Advisory 12.21.04 www.idefense.com/application/poi/display?id=173&type=vulnerabilities libtiff STRIPOFFSETS Integer Overflow Vulnerability December 21, 2004 This fix (in two files) was from that advisory and also seen in tiff 3.7.1. PKGREVISION is bumped to 6 and BUILDLINK_RECOMMENDED is adjusted for this possible security issue. Other packages depending on this are not bumped.
Revision 1.59 / (download) - annotate - [select for diffs], Fri Nov 26 15:32:34 2004 UTC (19 years, 4 months ago) by jmmv
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base
Branch point for: pkgsrc-2004Q4
Changes since 1.58: +2 -2
lines
Diff to previous 1.58 (colored) to selected 1.103.2.1 (colored)
Bump revisions of tiff and qt1 after changing the default USE_GIF value to 'yes'. (In behalf of jlam@, who can't commit this ATM.)
Revision 1.53.4.1 / (download) - annotate - [select for diffs], Mon Oct 18 17:03:48 2004 UTC (19 years, 5 months ago) by agc
Branch: pkgsrc-2004Q3
Changes since 1.53: +5 -5
lines
Diff to previous 1.53 (colored) next main 1.54 (colored) to selected 1.103.2.1 (colored)
Pullup ticket 122 - requested by Matthias Scheler security fix for tiff Modified Files: pkgsrc/graphics/tiff: Makefile Log Message: Derive "PKGNAME" from "DISTNAME" instead of defining it manually. Modified Files: pkgsrc/graphics/tiff: Makefile Log Message: Add mirror on "ftp.fu-berlin.de" to master site list. Modified Files: pkgsrc/graphics/tiff: Makefile distinfo pkgsrc/graphics/tiff/patches: patch-ag Added Files: pkgsrc/graphics/tiff/patches: patch-ai patch-aj patch-ak patch-al patch-am patch-an patch-ao patch-ap patch-aq patch-ar patch-as patch-at patch-au patch-av patch-aw patch-ax Log Message: Add various bug fixes taken from Debian's unstable distribution which include fixes for CESA-2004-006. Bump package revision.
Revision 1.58 / (download) - annotate - [select for diffs], Mon Oct 18 14:37:24 2004 UTC (19 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.57: +2 -2
lines
Diff to previous 1.57 (colored) to selected 1.103.2.1 (colored)
Add various bug fixes taken from Debian's unstable distribution which include fixes for CESA-2004-006. Bump package revision.
Revision 1.57 / (download) - annotate - [select for diffs], Mon Oct 18 10:30:33 2004 UTC (19 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.56: +3 -2
lines
Diff to previous 1.56 (colored) to selected 1.103.2.1 (colored)
Add mirror on "ftp.fu-berlin.de" to master site list.
Revision 1.56 / (download) - annotate - [select for diffs], Mon Oct 18 10:05:11 2004 UTC (19 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.55: +2 -2
lines
Diff to previous 1.55 (colored) to selected 1.103.2.1 (colored)
Derive "PKGNAME" from "DISTNAME" instead of defining it manually.
Revision 1.55 / (download) - annotate - [select for diffs], Sat Oct 16 22:27:40 2004 UTC (19 years, 5 months ago) by reed
Branch: MAIN
Changes since 1.54: +2 -3
lines
Diff to previous 1.54 (colored) to selected 1.103.2.1 (colored)
Remove second master site because it doesn't return the tarball. Add /old/ to end of master site URL. This was reported by Georg Schwarz on tech-pkg and also by Ian Harding via PR #27278. Note that this is insecure version of tiff!
Revision 1.54 / (download) - annotate - [select for diffs], Sun Oct 3 00:14:58 2004 UTC (19 years, 5 months ago) by tv
Branch: MAIN
Changes since 1.53: +2 -2
lines
Diff to previous 1.53 (colored) to selected 1.103.2.1 (colored)
Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10 in the process. (More information on tech-pkg.) Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and installing .la files. Bump PKGREVISION (only) of all packages depending directly on the above via a buildlink3 include.
Revision 1.53 / (download) - annotate - [select for diffs], Tue Apr 27 20:38:48 2004 UTC (19 years, 11 months ago) by tv
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base,
pkgsrc-2004Q2-base,
pkgsrc-2004Q2
Branch point for: pkgsrc-2004Q3
Changes since 1.52: +3 -2
lines
Diff to previous 1.52 (colored) to selected 1.103.2.1 (colored)
nb2: Obey PKGDIRMODE, and install shlibs as executable.
Revision 1.52 / (download) - annotate - [select for diffs], Sat Apr 24 18:24:56 2004 UTC (19 years, 11 months ago) by tv
Branch: MAIN
Changes since 1.51: +3 -6
lines
Diff to previous 1.51 (colored) to selected 1.103.2.1 (colored)
Don't put plain comments in make commands. These can result in a nonzero shell exit code, and thus a failure. Move comments out of the list of commands. (Alternately ${DO_NADA} could have been used.)
Revision 1.51 / (download) - annotate - [select for diffs], Mon Mar 22 16:48:13 2004 UTC (20 years ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Changes since 1.50: +2 -1
lines
Diff to previous 1.50 (colored) to selected 1.103.2.1 (colored)
Update tiff to tiff-3.6.1nb1: Add a patch to fix fax3 tiff handling. Without this hylafax generates completely garbled tiff images unless error correction was disabled: http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=500
Revision 1.50 / (download) - annotate - [select for diffs], Mon Jan 5 22:33:45 2004 UTC (20 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.49: +8 -4
lines
Diff to previous 1.49 (colored) to selected 1.103.2.1 (colored)
bl3ify
Revision 1.49 / (download) - annotate - [select for diffs], Sat Jan 3 18:33:24 2004 UTC (20 years, 2 months ago) by reed
Branch: MAIN
Changes since 1.48: +23 -10
lines
Diff to previous 1.48 (colored) to selected 1.103.2.1 (colored)
Update to tiff-3.6.1. This is many changes and fixes. The main changes include: new utility tiff2pdf for converting a TIFF image to a PDF document new utility raw2tiff for converting raw rasters into TIFF files new tiff2ps options new fax2tiff options bug fixes for LZW, JPEG and OJPEG compression. more documentation and upgrade to libtiff.so.3.6 other changes at http://www.libtiff.org/v3.6.0.html Removed patch-ab because html/Makefile.in: added missing images per bug 92 Removed patch-ag because http://bugzilla.remotesensing.org/show_bug.cgi?id=315 Other changes: HOMEPAGE changed due to libtiff.org has been hijacked INSTALL.OpenWindows updated (thank you to dieter) tiff is backward compatible with older version, but buildlink2.mk version is increased because libtiff was broken for amd64 support.
Revision 1.48 / (download) - annotate - [select for diffs], Fri Oct 3 15:38:46 2003 UTC (20 years, 6 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base,
pkgsrc-2003Q4
Changes since 1.47: +3 -3
lines
Diff to previous 1.47 (colored) to selected 1.103.2.1 (colored)
Fix manpages installation. From Ben Collver via PR pkg/23047.
Revision 1.47 / (download) - annotate - [select for diffs], Sat Aug 30 23:01:32 2003 UTC (20 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.46: +7 -8
lines
Diff to previous 1.46 (colored) to selected 1.103.2.1 (colored)
Make these INSTALL scripts safe for when pkgviews is merged.
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jul 17 21:42:52 2003 UTC (20 years, 8 months ago) by grant
Branch: MAIN
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored) to selected 1.103.2.1 (colored)
s/netbsd.org/NetBSD.org/
Revision 1.45 / (download) - annotate - [select for diffs], Mon Jun 2 01:19:13 2003 UTC (20 years, 10 months ago) by jschauma
Branch: MAIN
Changes since 1.44: +2 -2
lines
Diff to previous 1.44 (colored) to selected 1.103.2.1 (colored)
Use tech-pkg@ in favor of packages@ as MAINTAINER for orphaned packages. Should anybody feel like they could be the maintainer for any of thewe packages, please adjust.
Revision 1.44 / (download) - annotate - [select for diffs], Tue Jan 28 22:03:25 2003 UTC (21 years, 2 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-6-1-base,
netbsd-1-6-1
Changes since 1.43: +6 -7
lines
Diff to previous 1.43 (colored) to selected 1.103.2.1 (colored)
Instead of including bsd.pkg.install.mk directly in a package Makefile, have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set to "YES". This enforces the requirement that bsd.pkg.install.mk be included at the end of a package Makefile. Idea suggested by Julio M. Merino Vidal <jmmv at menta.net>.
Revision 1.43 / (download) - annotate - [select for diffs], Wed Dec 25 14:25:27 2002 UTC (21 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.42: +2 -1
lines
Diff to previous 1.42 (colored) to selected 1.103.2.1 (colored)
Fix core dump when fax2tiff is started without arguments. Patch from Ingolf Steinbach in PR 19306. Bump PKGREVISION to 1.
Revision 1.42 / (download) - annotate - [select for diffs], Sun Oct 20 09:15:23 2002 UTC (21 years, 5 months ago) by jlam
Branch: MAIN
Changes since 1.41: +11 -20
lines
Diff to previous 1.41 (colored) to selected 1.103.2.1 (colored)
Use bsd.pkg.install.mk and change INSTALL.OpenWindows into a model for how to replace the complexity of the default INSTALL/DEINSTALL scripts with something simpler when simple is all that's needed. Also replace the check for OpenWindows with one that's more sensible.
Revision 1.41 / (download) - annotate - [select for diffs], Sun Aug 25 18:39:23 2002 UTC (21 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.40: +5 -8
lines
Diff to previous 1.40 (colored) to selected 1.103.2.1 (colored)
Merge changes in packages from the buildlink2 branch that have buildlink2.mk files back into the main trunk. This provides sufficient buildlink2 infrastructure to start merging other packages from the buildlink2 branch that have already been converted to use the buildlink2 framework.
Revision 1.39.2.3 / (download) - annotate - [select for diffs], Thu Aug 22 11:11:43 2002 UTC (21 years, 7 months ago) by jlam
Branch: buildlink2
Changes since 1.39.2.2: +2 -3
lines
Diff to previous 1.39.2.2 (colored) to branchpoint 1.39 (colored) next main 1.40 (colored) to selected 1.103.2.1 (colored)
Merge changes from pkgsrc-current into the buildlink2 branch for the packages that have buildlink2.mk files.
Revision 1.40 / (download) - annotate - [select for diffs], Sat Jul 13 00:53:35 2002 UTC (21 years, 8 months ago) by grant
Branch: MAIN
CVS Tags: pkgviews-base,
pkgviews,
netbsd-1-6-RELEASE-base,
netbsd-1-6,
buildlink2-base
Changes since 1.39: +2 -3
lines
Diff to previous 1.39 (colored) to selected 1.103.2.1 (colored)
update MASTER_SITES.
Revision 1.39.2.2 / (download) - annotate - [select for diffs], Fri Jun 21 23:05:26 2002 UTC (21 years, 9 months ago) by jlam
Branch: buildlink2
Changes since 1.39.2.1: +2 -2
lines
Diff to previous 1.39.2.1 (colored) to branchpoint 1.39 (colored) to selected 1.103.2.1 (colored)
Rename USE_BUILDLINK2_ONLY to USE_BUILDLINK2 for less verbosity. Also convert a few more packages to use the buildlink2 framework.
Revision 1.39.2.1 / (download) - annotate - [select for diffs], Sat May 11 02:09:16 2002 UTC (21 years, 10 months ago) by jlam
Branch: buildlink2
Changes since 1.39: +5 -8
lines
Diff to previous 1.39 (colored) to selected 1.103.2.1 (colored)
First pass at conversion of various packages to use the buildlink2 framework. Add many buildlink2.mk files to add to the framework. Please see buildlink2.txt for more details.
Revision 1.39 / (download) - annotate - [select for diffs], Thu Mar 7 21:55:08 2002 UTC (22 years ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH003
Branch point for: buildlink2
Changes since 1.38: +3 -3
lines
Diff to previous 1.38 (colored) to selected 1.103.2.1 (colored)
Rearrange so that buildlink.mk files come _after_ USE_BUILDLINK_ONLY.
Revision 1.38 / (download) - annotate - [select for diffs], Tue Mar 5 19:33:16 2002 UTC (22 years ago) by martti
Branch: MAIN
Changes since 1.37: +5 -8
lines
Diff to previous 1.37 (colored) to selected 1.103.2.1 (colored)
Fixed compilation when USE_GIF is set.
Revision 1.37 / (download) - annotate - [select for diffs], Tue Mar 5 10:33:35 2002 UTC (22 years ago) by martti
Branch: MAIN
Changes since 1.36: +6 -6
lines
Diff to previous 1.36 (colored) to selected 1.103.2.1 (colored)
Updated tiff to 3.5.7 * many bug fixes * added support for 16bit minisblack/miniswhite images in RGBA interface * integrated experimental OJPEG support * updated tiffcp utility * substantial changes to tiff2ps
Revision 1.36 / (download) - annotate - [select for diffs], Sat Jan 5 22:30:12 2002 UTC (22 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.35: +2 -1
lines
Diff to previous 1.35 (colored) to selected 1.103.2.1 (colored)
Add work arround for problem with Solaris's "sed" so that the "post-patch" target works there.
Revision 1.35 / (download) - annotate - [select for diffs], Sun Jul 8 13:01:44 2001 UTC (22 years, 8 months ago) by tron
Branch: MAIN
Changes since 1.34: +18 -1
lines
Diff to previous 1.34 (colored) to selected 1.103.2.1 (colored)
Replace TIFF library included in OpenWindows distribution with the one from this package because OpenWindows and CDE programs work with it while package sources program don't work with the OpenWindows library. The original library is restored on deinstallation.
Revision 1.34 / (download) - annotate - [select for diffs], Mon Jun 18 21:32:24 2001 UTC (22 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.33: +2 -5
lines
Diff to previous 1.33 (colored) to selected 1.103.2.1 (colored)
Mark these packages as USE_BUILDLINK_ONLY.
Revision 1.33 / (download) - annotate - [select for diffs], Mon Jun 11 02:05:11 2001 UTC (22 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.32: +2 -3
lines
Diff to previous 1.32 (colored) to selected 1.103.2.1 (colored)
The buildlink include and lib directories are added to CFLAGS, CPPFLAGS, CXXFLAGS, and LDFLAGS by the buildlink.mk files so remove the extra definitions to add them from the package Makefiles. As advised by the bsd.buildlink.mk file, also ensure that the buildlink.mk files are included prior to defining any package-specific CFLAGS/LDFLAGS to ensure that the buildlink directories are at the head of the compiler search paths.
Revision 1.32 / (download) - annotate - [select for diffs], Sun Jun 10 00:08:45 2001 UTC (22 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.31: +1 -3
lines
Diff to previous 1.31 (colored) to selected 1.103.2.1 (colored)
Remove dependency on ${BUILDLINK_TARGETS} in pre-configure and pre-build targets as the buildlink.mk files now add the dependency automatically. Remove any NO_CONFIGURE definitions as they seem to be useless.
Revision 1.31 / (download) - annotate - [select for diffs], Mon May 28 02:50:24 2001 UTC (22 years, 10 months ago) by jlam
Branch: MAIN
Changes since 1.30: +13 -11
lines
Diff to previous 1.30 (colored) to selected 1.103.2.1 (colored)
Find location of zlib using EVAL_PREFIX. Use buildlink.mk files to find the required headers and libraries for jpeg and zlib.
Revision 1.30 / (download) - annotate - [select for diffs], Thu May 3 13:22:50 2001 UTC (22 years, 11 months ago) by skrll
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH001
Changes since 1.29: +2 -1
lines
Diff to previous 1.29 (colored) to selected 1.103.2.1 (colored)
Pass CC down to configure script and make sure its used properly. This fixes pkg/12797
Revision 1.29 / (download) - annotate - [select for diffs], Fri Feb 16 15:22:34 2001 UTC (23 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.28: +2 -1
lines
Diff to previous 1.28 (colored) to selected 1.103.2.1 (colored)
Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT.
Revision 1.28 / (download) - annotate - [select for diffs], Sun Jan 21 20:27:26 2001 UTC (23 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.27: +2 -2
lines
Diff to previous 1.27 (colored) to selected 1.103.2.1 (colored)
Revert last change. "libtiff" works fine with Solaris 8's "zlib", but "gnome-libs" wants a newer version. So always use the package to avoid problems caused by different "zlib" versions.
Revision 1.27 / (download) - annotate - [select for diffs], Sun Jan 21 18:25:50 2001 UTC (23 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.26: +2 -2
lines
Diff to previous 1.26 (colored) to selected 1.103.2.1 (colored)
Solaris 8 includes "libz".
Revision 1.26 / (download) - annotate - [select for diffs], Sat Jun 3 19:18:23 2000 UTC (23 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: netbsd-1-5-RELEASE,
netbsd-1-4-PATCH003
Changes since 1.25: +2 -2
lines
Diff to previous 1.25 (colored) to selected 1.103.2.1 (colored)
Fix dependency on libjpeg and libm. Use USE_LIBTOOL instead of USE_PKGLIBTOOL.
Revision 1.25 / (download) - annotate - [select for diffs], Thu Jun 1 11:23:32 2000 UTC (23 years, 10 months ago) by rh
Branch: MAIN
Changes since 1.24: +2 -2
lines
Diff to previous 1.24 (colored) to selected 1.103.2.1 (colored)
s/USE_LIBTOOL/USE_PKGLIBTOOL/ Add a new USE_LIBTOOL definition that uses the libtool package instead of pkglibtool which is now considered outdated. USE_PKGLIBTOOL is available for backwards compatibility with old packages but is deprecated for new packages.
Revision 1.24 / (download) - annotate - [select for diffs], Sat Apr 1 00:05:27 2000 UTC (24 years ago) by wiz
Branch: MAIN
Changes since 1.23: +11 -9
lines
Diff to previous 1.23 (colored) to selected 1.103.2.1 (colored)
Update tiff-library to 3.5.5. Changes from 3.5.4 are some bugfixes and beginning support for 2-4GB files. Complete list of changes at http://www.libtiff.org/v3.5.5.html
Revision 1.23 / (download) - annotate - [select for diffs], Thu Jan 6 01:25:22 2000 UTC (24 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: netbsd-1-4-PATCH002
Changes since 1.22: +15 -3
lines
Diff to previous 1.22 (colored) to selected 1.103.2.1 (colored)
tiff library upgraded from 3.5.2 to 3.5.4. LZW compression part is now optional and controlled by USE_GIF in mk.conf, decompression is unchanged. Comment for USE_GIF in mk.conf has been updated. Some HTML documentation gets installed now, too. Changes: A Y2K bugfix in ras2tiff, removal of LZW compression, new Pixar tags, and Adobe ZIP support, as well as removal of some compiler warnings and minor fixes.
Revision 1.22 / (download) - annotate - [select for diffs], Fri Oct 8 21:14:32 1999 UTC (24 years, 5 months ago) by jlam
Branch: MAIN
CVS Tags: comdex-fall-1999
Changes since 1.21: +36 -13
lines
Diff to previous 1.21 (colored) to selected 1.103.2.1 (colored)
Update tiff to version 3.5.2. Changes in TIFF v3.5.1 * Support was added for IPTC Newsphoto metadata (TIFFTAGE_IPTCNEWSPHOTO) * Support was added for photoshop caption handling (TIFFTAG_PHOTOSHOP) Changes in TIFF v3.5.2 * Added TIFFReassignTagToIgnore() API on behalf of Bruce Cameron <cameron@petris.com>. Man page still pending. * Fixed problem with cvtcmap() in tif_getimage.c modifying the colormaps owned by the TIFF handle itself when trying to fixup wrong (eight bit) colormaps. Corrected by maintaining a private copy of the colormap. * Added TIFFReadRGBATile()/TIFFReadRGBAStrip() support in tif_getimage.c. * Applied "a" mode fix to tif_win32.c/TIFFOpen() as suggested by Christopher Lawton <clawton@mathworks.com> * Set O_BINARY for tif_unix.c open() ... used on cygwin for instance. * Applied Francois Dagand's patch to handle fax decompression bug. (sizes >= 65536 were failing)
Revision 1.21 / (download) - annotate - [select for diffs], Thu Oct 7 17:41:54 1999 UTC (24 years, 5 months ago) by tron
Branch: MAIN
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (colored) to selected 1.103.2.1 (colored)
Remove me as maintainer of those packages.
Revision 1.20 / (download) - annotate - [select for diffs], Tue Apr 27 16:28:08 1999 UTC (24 years, 11 months ago) by tron
Branch: MAIN
CVS Tags: netbsd-1-4-RELEASE,
netbsd-1-4-PATCH001
Changes since 1.19: +2 -2
lines
Diff to previous 1.19 (colored) to selected 1.103.2.1 (colored)
Pass "${CFLAGS}" instead of "-O" to configure script as suggested by Adam Ciarcinski.
Revision 1.19 / (download) - annotate - [select for diffs], Mon Nov 23 21:30:40 1998 UTC (25 years, 4 months ago) by frueauf
Branch: MAIN
Changes since 1.18: +2 -2
lines
Diff to previous 1.18 (colored) to selected 1.103.2.1 (colored)
Add -Dunix to GCOPTS in CONFIGURE_ENV, pointed out in pr 6487 by Johnny C. Lam.
Revision 1.18 / (download) - annotate - [select for diffs], Thu Aug 20 15:50:00 1998 UTC (25 years, 7 months ago) by agc
Branch: MAIN
CVS Tags: netbsd-1-3-PATCH003
Changes since 1.17: +2 -2
lines
Diff to previous 1.17 (colored) to selected 1.103.2.1 (colored)
Define USE_LIBTOOL.
Revision 1.17 / (download) - annotate - [select for diffs], Thu Aug 20 15:17:02 1998 UTC (25 years, 7 months ago) by tsarna
Branch: MAIN
Changes since 1.16: +2 -1
lines
Diff to previous 1.16 (colored) to selected 1.103.2.1 (colored)
The Grand Homepagification: - New, optional Makefile variable HOMEPAGE, specifies a URL for the home page of the software if it has one. - The value of HOMEPAGE is used to add a link from the README.html files. - pkglint updated to know about it. The "correct" location for HOMEPAGE in the Makefile is after MAINTAINER, in that same section.
Revision 1.16 / (download) - annotate - [select for diffs], Fri Jul 31 14:32:15 1998 UTC (25 years, 8 months ago) by kleink
Branch: MAIN
Changes since 1.15: +2 -2
lines
Diff to previous 1.15 (colored) to selected 1.103.2.1 (colored)
Fix a significant typo.
Revision 1.15 / (download) - annotate - [select for diffs], Mon Jul 20 15:51:29 1998 UTC (25 years, 8 months ago) by tv
Branch: MAIN
Changes since 1.14: +3 -2
lines
Diff to previous 1.14 (colored) to selected 1.103.2.1 (colored)
Use libtool to create the shared library. Strip binaries using BSD_INSTALL_PROGRAM.
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jul 15 11:24:51 1998 UTC (25 years, 8 months ago) by agc
Branch: MAIN
Changes since 1.13: +1 -4
lines
Diff to previous 1.13 (colored) to selected 1.103.2.1 (colored)
Use automatic shared object handling
Revision 1.13 / (download) - annotate - [select for diffs], Sun Jul 5 02:45:13 1998 UTC (25 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.12: +2 -1
lines
Diff to previous 1.12 (colored) to selected 1.103.2.1 (colored)
Fix problem with compression of manual page links.
Revision 1.12 / (download) - annotate - [select for diffs], Sat Jul 4 05:11:13 1998 UTC (25 years, 9 months ago) by mycroft
Branch: MAIN
Changes since 1.11: +2 -2
lines
Diff to previous 1.11 (colored) to selected 1.103.2.1 (colored)
Update libjpeg to v6b.
Revision 1.11 / (download) - annotate - [select for diffs], Mon Jun 22 12:39:47 1998 UTC (25 years, 9 months ago) by agc
Branch: MAIN
Changes since 1.10: +1 -31
lines
Diff to previous 1.10 (colored) to selected 1.103.2.1 (colored)
Update package Makefiles for automatic manual page handling.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Apr 22 14:22:43 1998 UTC (25 years, 11 months ago) by agc
Branch: MAIN
CVS Tags: netbsd-1-3-PATCH002
Changes since 1.9: +2 -2
lines
Diff to previous 1.9 (colored) to selected 1.103.2.1 (colored)
Remove the old deprecated DEPENDS definition from bsd.pkg.mk. Implement a new DEPENDS definition, which looks for an installed package, building it if not present, and use it in preference to LIB_DEPENDS. This should make the package collection more useful on NetBSD ELF ports.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Apr 15 10:38:27 1998 UTC (25 years, 11 months ago) by agc
Branch: MAIN
Changes since 1.8: +2 -7
lines
Diff to previous 1.8 (colored) to selected 1.103.2.1 (colored)
Use the bsd.pkg.mk and bsd.pkg.subdir.mk files in the pkgsrc tree. Remove redundant (and sometimes erroneous) comments.
Revision 1.8 / (download) - annotate - [select for diffs], Mon Feb 2 08:59:22 1998 UTC (26 years, 2 months ago) by hubertf
Branch: MAIN
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored) to selected 1.103.2.1 (colored)
Remove -m argument from ldconfig calls, require the system to have ${PREFIX}/lib in ld.so.conf instead. This ensures things even work after a reboot.
Revision 1.7 / (download) - annotate - [select for diffs], Mon Feb 2 08:10:57 1998 UTC (26 years, 2 months ago) by hubertf
Branch: MAIN
Changes since 1.6: +2 -2
lines
Diff to previous 1.6 (colored) to selected 1.103.2.1 (colored)
Introduce TRUE?=/usr/bin/true, and use it.
Revision 1.6 / (download) - annotate - [select for diffs], Fri Jan 30 13:57:07 1998 UTC (26 years, 2 months ago) by agc
Branch: MAIN
Changes since 1.5: +2 -2
lines
Diff to previous 1.5 (colored) to selected 1.103.2.1 (colored)
Modify individual package Makefiles to use the new way of specifying shared object dependencies (LIB_DEPENDS).
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jan 29 16:55:20 1998 UTC (26 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored) to selected 1.103.2.1 (colored)
Fix "MAINTAINER".
Revision 1.4 / (download) - annotate - [select for diffs], Sat Jan 24 05:29:15 1998 UTC (26 years, 2 months ago) by hubertf
Branch: MAIN
Changes since 1.3: +5 -7
lines
Diff to previous 1.3 (colored) to selected 1.103.2.1 (colored)
portlint: fix RCS Id, remove EXTRACT_CMD and EXTRACT_BEFORE_ARGS, add MAINTAINER, $() -> ${}, ldconfig||true
Revision 1.3 / (download) - annotate - [select for diffs], Mon Dec 1 00:01:51 1997 UTC (26 years, 4 months ago) by hubertf
Branch: MAIN
Changes since 1.2: +51 -34
lines
Diff to previous 1.2 (colored) to selected 1.103.2.1 (colored)
Incorporate Matthias Scheler's update to the tiff package with some minor fixes from me. Closes PR pkg/4603.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Oct 6 13:44:56 1997 UTC (26 years, 5 months ago) by agc
Branch: MAIN
Changes since 1.1: +2 -1
lines
Diff to previous 1.1 (colored) to selected 1.103.2.1 (colored)
Add NetBSD RCS Id.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon Oct 6 13:29:39 1997 UTC (26 years, 5 months ago) by agc
Branch: FREEBSD
CVS Tags: FreeBSD-current-1997-10-05
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored) to selected 1.103.2.1 (colored)
Initial import of FreeBSD graphics ports into the NetBSD packages system.
Revision 1.1 / (download) - annotate - [select for diffs], Mon Oct 6 13:29:39 1997 UTC (26 years, 5 months ago) by agc
Branch: MAIN
Diff to selected 1.103.2.1 (colored)
Initial revision