diff options
Diffstat (limited to 'gnu/packages/patches/libtiff-CVE-2016-10688.patch')
| -rw-r--r-- | gnu/packages/patches/libtiff-CVE-2016-10688.patch | 92 |
1 files changed, 0 insertions, 92 deletions
diff --git a/gnu/packages/patches/libtiff-CVE-2016-10688.patch b/gnu/packages/patches/libtiff-CVE-2016-10688.patch deleted file mode 100644 index 1630274c61..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10688.patch +++ /dev/null @@ -1,92 +0,0 @@ -Fix CVE-2017-10688: - -http://bugzilla.maptools.org/show_bug.cgi?id=2712 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10688 -https://security-tracker.debian.org/tracker/CVE-2017-10688 - -Patch lifted from upstream source repository (the changes to 'ChangeLog' -don't apply to the libtiff 4.0.8 release tarball). - -3rd party Git reference: - -https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1 - -2017-06-30 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_dirwrite.c: in TIFFWriteDirectoryTagCheckedXXXX() - functions associated with LONG8/SLONG8 data type, replace assertion -that - the file is BigTIFF, by a non-fatal error. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2712 - Reported by team OWL337 - - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1259; previous revision: 1.1258 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v <-- -libtiff/tif_dirwrite.c -new revision: 1.86; previous revision: 1.85 - -Index: libtiff/libtiff/tif_dirwrite.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirwrite.c,v -retrieving revision 1.85 -retrieving revision 1.86 -diff -u -r1.85 -r1.86 ---- libtiff/libtiff/tif_dirwrite.c 11 Jan 2017 16:09:02 -0000 1.85 -+++ libtiff/libtiff/tif_dirwrite.c 30 Jun 2017 17:29:44 -0000 1.86 -@@ -1,4 +1,4 @@ --/* $Id: tif_dirwrite.c,v 1.85 2017-01-11 16:09:02 erouault Exp $ */ -+/* $Id: tif_dirwrite.c,v 1.86 2017-06-30 17:29:44 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -2111,7 +2111,10 @@ - { - uint64 m; - assert(sizeof(uint64)==8); -- assert(tif->tif_flags&TIFF_BIGTIFF); -+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) { -+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","LONG8 not allowed for ClassicTIFF"); -+ return(0); -+ } - m=value; - if (tif->tif_flags&TIFF_SWAB) - TIFFSwabLong8(&m); -@@ -2124,7 +2127,10 @@ - { - assert(count<0x20000000); - assert(sizeof(uint64)==8); -- assert(tif->tif_flags&TIFF_BIGTIFF); -+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) { -+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","LONG8 not allowed for ClassicTIFF"); -+ return(0); -+ } - if (tif->tif_flags&TIFF_SWAB) - TIFFSwabArrayOfLong8(value,count); - return(TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_LONG8,count,count*8,value)); -@@ -2136,7 +2142,10 @@ - { - int64 m; - assert(sizeof(int64)==8); -- assert(tif->tif_flags&TIFF_BIGTIFF); -+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) { -+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","SLONG8 not allowed for ClassicTIFF"); -+ return(0); -+ } - m=value; - if (tif->tif_flags&TIFF_SWAB) - TIFFSwabLong8((uint64*)(&m)); -@@ -2149,7 +2158,10 @@ - { - assert(count<0x20000000); - assert(sizeof(int64)==8); -- assert(tif->tif_flags&TIFF_BIGTIFF); -+ if( !(tif->tif_flags&TIFF_BIGTIFF) ) { -+ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","SLONG8 not allowed for ClassicTIFF"); -+ return(0); -+ } - if (tif->tif_flags&TIFF_SWAB) - TIFFSwabArrayOfLong8((uint64*)value,count); - return(TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_SLONG8,count,count*8,value)); |