diff options
| author | Mark H Weaver <mhw@netris.org> | 2015-06-16 00:59:15 -0400 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2015-06-16 01:02:01 -0400 |
| commit | 8e28d22c914122aa7bfb70847370d8ae0f070688 (patch) | |
| tree | 14ffa1b7954a3f67c4057bc03ab35c993e98120f /gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch | |
| parent | 7d02724b7bddb4d5e1cc93db99f737baa26840ca (diff) | |
| download | guix-8e28d22c914122aa7bfb70847370d8ae0f070688.tar.gz | |
gnu: libtiff: Add fixes for several CVEs.
* gnu/packages/patches/libtiff-CVE-2012-4564.patch, gnu/packages/patches/libtiff-CVE-2013-1960.patch, gnu/packages/patches/libtiff-CVE-2013-1961.patch, gnu/packages/patches/libtiff-CVE-2013-4231.patch, gnu/packages/patches/libtiff-CVE-2013-4232.patch, gnu/packages/patches/libtiff-CVE-2013-4243.patch, gnu/packages/patches/libtiff-CVE-2013-4244.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch, gnu/packages/patches/libtiff-CVE-2014-8129.patch, gnu/packages/patches/libtiff-CVE-2014-9330.patch, gnu/packages/patches/libtiff-CVE-2014-9655.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (libtiff)[source]: Add patches.
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch')
| -rw-r--r-- | gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch b/gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch new file mode 100644 index 0000000000..7f70edb86f --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch @@ -0,0 +1,30 @@ +Copied from Debian + +From 0782c759084daaf9e4de7ee6be7543081823455e Mon Sep 17 00:00:00 2001 +From: erouault <erouault> +Date: Sun, 21 Dec 2014 20:58:29 +0000 +Subject: [PATCH] * tools/tiff2bw.c: when Photometric=RGB, the utility only + works if SamplesPerPixel = 3. Enforce that + http://bugzilla.maptools.org/show_bug.cgi?id=2485 (CVE-2014-8127) + +--- + ChangeLog | 6 ++++++ + tools/tiff2bw.c | 5 +++++ + 2 files changed, 11 insertions(+) + +diff --git a/tools/tiff2bw.c b/tools/tiff2bw.c +index 22467cd..94b8e31 100644 +--- a/tools/tiff2bw.c ++++ b/tools/tiff2bw.c +@@ -171,6 +171,11 @@ main(int argc, char* argv[]) + argv[optind], samplesperpixel); + return (-1); + } ++ if( photometric == PHOTOMETRIC_RGB && samplesperpixel != 3) { ++ fprintf(stderr, "%s: Bad samples/pixel %u for PHOTOMETRIC_RGB.\n", ++ argv[optind], samplesperpixel); ++ return (-1); ++ } + TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bitspersample); + if (bitspersample != 8) { + fprintf(stderr, |