diff options
Diffstat (limited to 'main/tiff')
| -rw-r--r-- | main/tiff/APKBUILD | 118 | ||||
| -rw-r--r-- | main/tiff/CVE-2018-12900.patch | 29 |
2 files changed, 87 insertions, 60 deletions
diff --git a/main/tiff/APKBUILD b/main/tiff/APKBUILD index 4c24c386fff..9ffe7ba08dc 100644 --- a/main/tiff/APKBUILD +++ b/main/tiff/APKBUILD @@ -2,22 +2,81 @@ # Contributor: Leonardo Arena <rnalrd@alpinelinux.org> # Maintainer: Michael Mason <ms13sp@gmail.com> pkgname=tiff -pkgver=4.3.0 -pkgrel=0 +pkgver=4.5.0 +pkgrel=5 pkgdesc="Provides support for the Tag Image File Format or TIFF" url="https://gitlab.com/libtiff/libtiff" arch="all" license="libtiff" -depends_dev="zlib-dev libjpeg-turbo-dev libwebp-dev xz-dev zstd-dev" -makedepends="libtool autoconf automake $depends_dev" +depends_dev=" + zlib-dev + zstd-dev + " +makedepends=" + $depends_dev + cmake + libjpeg-turbo-dev + libwebp-dev + python3 + samurai + " checkdepends="diffutils" -subpackages="$pkgname-doc $pkgname-dev $pkgname-tools libtiffxx:_libtiffxx" -source="https://gitlab.com/libtiff/libtiff/-/archive/v$pkgver/libtiff-v$pkgver.tar.gz - CVE-2018-12900.patch +subpackages="$pkgname-doc $pkgname-dev $pkgname-tools libtiffxx" +source="https://download.osgeo.org/libtiff/tiff-$pkgver.tar.xz + $pkgname-CVE-fiesta-1.patch::https://gitlab.com/libtiff/libtiff/-/commit/97d65859bc29ee334012e9c73022d8a8e55ed586.patch + $pkgname-CVE-fiesta-2.patch::https://gitlab.com/libtiff/libtiff/-/commit/9c22495e5eeeae9e00a1596720c969656bb8d678.patch + $pkgname-CVE-fiesta-3.patch::https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536.patch + $pkgname-CVE-fiesta-4.patch::https://gitlab.com/libtiff/libtiff/-/commit/69818e2f2d246e6631ac2a2da692c3706b849c38.patch + $pkgname-CVE-fiesta-5.patch::https://gitlab.com/libtiff/libtiff/-/commit/82a7fbb1fa7228499ffeb3a57a1d106a9626d57c.patch " -builddir="$srcdir/libtiff-v$pkgver" # secfixes: +# 4.5.0-r5: +# - CVE-2023-0795 +# - CVE-2023-0796 +# - CVE-2023-0797 +# - CVE-2023-0798 +# - CVE-2023-0799 +# - CVE-2023-0800 +# - CVE-2023-0801 +# - CVE-2023-0802 +# - CVE-2023-0803 +# - CVE-2023-0804 +# 4.5.0-r3: +# - CVE-2022-48281 +# 4.5.0-r0: +# - CVE-2022-2953 +# - CVE-2022-3213 +# - CVE-2022-3570 +# - CVE-2022-3597 +# - CVE-2022-3598 +# - CVE-2022-3599 +# - CVE-2022-3626 +# - CVE-2022-3627 +# - CVE-2022-3970 +# 4.4.0-r1: +# - CVE-2022-2056 +# - CVE-2022-2057 +# - CVE-2022-2058 +# - CVE-2022-2519 +# - CVE-2022-2520 +# - CVE-2022-2521 +# - CVE-2022-34526 +# 4.4.0-r0: +# - CVE-2022-2867 +# - CVE-2022-2868 +# - CVE-2022-2869 +# 4.3.0-r1: +# - CVE-2022-0561 +# - CVE-2022-0562 +# - CVE-2022-0865 +# - CVE-2022-0891 +# - CVE-2022-0907 +# - CVE-2022-0908 +# - CVE-2022-0909 +# - CVE-2022-0924 +# - CVE-2022-22844 +# - CVE-2022-34266 # 4.2.0-r0: # - CVE-2020-35521 # - CVE-2020-35522 @@ -68,44 +127,41 @@ builddir="$srcdir/libtiff-v$pkgver" # 4.0.7-r1: # - CVE-2017-5225 -prepare() { - default_prepare - autoreconf -fi -} - build() { - ./configure \ - --build=$CBUILD \ - --host=$CHOST \ - --prefix=/usr \ - --sysconfdir=/etc \ - --mandir=/usr/share/man \ - --infodir=/usr/share/info \ - --enable-cxx - make + CFLAGS="$CFLAGS -flto=auto" \ + CXXFLAGS="$CXXFLAGS -flto=auto" \ + cmake -B build -G Ninja \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DCMAKE_BUILD_TYPE=MinSizeRel + + cmake --build build } check() { - make check + ctest --test-dir build --output-on-failure -j2 } package() { - make DESTDIR="$pkgdir" install + DESTDIR="$pkgdir" cmake --install build } -_libtiffxx() { +libtiffxx() { pkgdesc="C++ binding to libtiff" - mkdir -p "$subpkgdir"/usr/lib/ - mv "$pkgdir"/usr/lib/libtiffxx.so.* "$subpkgdir"/usr/lib/ + + amove usr/lib/libtiffxx.so.* } tools() { pkgdesc="Command-line utility programs for manipulating TIFF files" - mkdir -p "$subpkgdir"/usr/ - mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ + + amove usr/bin } sha512sums=" -eaa2503dc1805283e0590b06e3e660a793fe849ae8b975b2d69369695d65a40640787c156574faaca856917be799eeb844e60f55555e1f219dd513cef66ea95d libtiff-v4.3.0.tar.gz -c321f1d4e5d334cdb3b0800299e8165055c040c0c030220769ccfdadcc7fd35a0f3231115f44dc86fe5e34f32eafe1074aa85495a744717f8fc10c0cab2ab085 CVE-2018-12900.patch +c6c866064c2dd5d1711c6ece7bafe5f011f5ce26c0aeaecbff79c05b5671f44150324bea95a0665cc43331883114de855ee1cd87ed733bff0f4d0814515b9f10 tiff-4.5.0.tar.xz +b0444621e2e52ae80f893a88e43813e779839a869a2d4af3a83765ae5e9fce212e579797da52a3a7133cfb7c22a6d6b567e038ef56adb12b565ce31b7976dacd tiff-CVE-fiesta-1.patch +57b296e616f8192f2704036f273b3dd109ae46a48beaf0c76175de60f8a6b2434023ecda580894d8d1f229d9b52958d62e6e354e823ba5e2903ed163c6f0a4b3 tiff-CVE-fiesta-2.patch +9f5988ce62318d819212e4dc6cc0e20858951dbb68b11e3aefb909c3d7d12095bdaf3f8276191b0d5ac0b6b3f5f872f5af9720c09b099ac53f89e5062a389e86 tiff-CVE-fiesta-3.patch +51186c803ebe3e328ba04c54f01fc43467917014519d6dcdbe537704b5a273e02d92f64c3b6785d97e94875c2eafda1e3ad36ea410d798a576bb215ec0cdfbdf tiff-CVE-fiesta-4.patch +e0f011f145523bbf1729c8c754c6609620b6dea75788b9cfb876707fa5fc29dec543b79a6c8814f199b9e527fd9af4a63df36570cfbc415abac732c9b293df40 tiff-CVE-fiesta-5.patch " diff --git a/main/tiff/CVE-2018-12900.patch b/main/tiff/CVE-2018-12900.patch deleted file mode 100644 index f95cd06a523..00000000000 --- a/main/tiff/CVE-2018-12900.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 86861b86f26be5301ccfa96f9bf765051f4e644a Mon Sep 17 00:00:00 2001 -From: pgajdos <pgajdos@suse.cz> -Date: Tue, 13 Nov 2018 09:03:31 +0100 -Subject: [PATCH] prevent integer overflow - ---- - tools/tiffcp.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/tools/tiffcp.c b/tools/tiffcp.c -index 2f406e2d..ece7ba13 100644 ---- a/tools/tiffcp.c -+++ b/tools/tiffcp.c -@@ -1435,6 +1435,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) - status = 0; - goto done; - } -+ if (0xFFFFFFFF / tilew < spp) -+ { -+ TIFFError(TIFFFileName(in), "Error, either TileWidth (%u) or BitsPerSample (%u) is too large", tilew, bps); -+ status = 0; -+ goto done; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { --- -2.18.1 - |