diff options
| author | Andreas Enge <andreas@enge.fr> | 2015-09-04 21:39:59 +0200 |
|---|---|---|
| committer | Andreas Enge <andreas@enge.fr> | 2015-09-05 17:58:45 +0200 |
| commit | 45468e364987ba113fcef20e94d621b8dfc8f33f (patch) | |
| tree | d8eb7e5cce4c7e34bfe44e3ffbeb889d9333de14 /gnu/packages/patches/libtiff-CVE-2014-9330.patch | |
| parent | 21a8fe1bf520027f8e91be41985ea4c300eff554 (diff) | |
| download | guix-45468e364987ba113fcef20e94d621b8dfc8f33f.tar.gz | |
gnu: libtiff: Update to 4.0.5.
* gnu/packages/patches/libtiff-CVE-2012-4564.patch, gnu/packages/patches/libtiff-CVE-2013-1960.patch, gnu/packages/patches/libtiff-CVE-2013-1961.patch, gnu/packages/patches/libtiff-CVE-2013-4231.patch, gnu/packages/patches/libtiff-CVE-2013-4232.patch, gnu/packages/patches/libtiff-CVE-2013-4243.patch, gnu/packages/patches/libtiff-CVE-2013-4244.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8127-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt1.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt2.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt3.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt4.patch, gnu/packages/patches/libtiff-CVE-2014-8128-pt5.patch, gnu/packages/patches/libtiff-CVE-2014-8129.patch, gnu/packages/patches/libtiff-CVE-2014-9330.patch, gnu/packages/patches/libtiff-CVE-2014-9655.patch: Delete files. * gnu-system.am (dist_patch_DATA): Unregister the patches. * gnu/packages/image.scm (libtiff): Update to 4.0.5 and drop the patches.
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2014-9330.patch')
| -rw-r--r-- | gnu/packages/patches/libtiff-CVE-2014-9330.patch | 47 |
1 files changed, 0 insertions, 47 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2014-9330.patch b/gnu/packages/patches/libtiff-CVE-2014-9330.patch deleted file mode 100644 index c3c5fc0367..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2014-9330.patch +++ /dev/null @@ -1,47 +0,0 @@ -Copied from Debian - -Description: CVE-2014-9330 - Integer overflow in bmp2tiff -Origin: upstream, http://bugzilla.maptools.org/show_bug.cgi?id=2494 -Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2494 -Bug-Debian: http://bugs.debian.org/773987 - -Index: tiff/tools/bmp2tiff.c -=================================================================== ---- tiff.orig/tools/bmp2tiff.c -+++ tiff/tools/bmp2tiff.c -@@ -1,4 +1,4 @@ --/* $Id: bmp2tiff.c,v 1.23 2010-03-10 18:56:49 bfriesen Exp $ -+/* $Id: bmp2tiff.c,v 1.24 2014-12-21 15:15:32 erouault Exp $ - * - * Project: libtiff tools - * Purpose: Convert Windows BMP files in TIFF. -@@ -403,6 +403,13 @@ main(int argc, char* argv[]) - - width = info_hdr.iWidth; - length = (info_hdr.iHeight > 0) ? info_hdr.iHeight : -info_hdr.iHeight; -+ if( width <= 0 || length <= 0 ) -+ { -+ TIFFError(infilename, -+ "Invalid dimensions of BMP file" ); -+ close(fd); -+ return -1; -+ } - - switch (info_hdr.iBitCount) - { -@@ -593,6 +600,14 @@ main(int argc, char* argv[]) - - compr_size = file_hdr.iSize - file_hdr.iOffBits; - uncompr_size = width * length; -+ /* Detect int overflow */ -+ if( uncompr_size / width != length ) -+ { -+ TIFFError(infilename, -+ "Invalid dimensions of BMP file" ); -+ close(fd); -+ return -1; -+ } - comprbuf = (unsigned char *) _TIFFmalloc( compr_size ); - if (!comprbuf) { - TIFFError(infilename, |