Browse Source
			
			
			
			
				
		Note: This update is removing all obsolete security related patches, but also includes a rediffed version of the patch fixing the thumbnail tool.user/karasz/next/updates
				 4 changed files with 8 additions and 75 deletions
			
			
		| @ -1,28 +0,0 @@ | ||||
| # --- SDE-COPYRIGHT-NOTE-BEGIN ---
 | ||||
| # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 | ||||
| #
 | ||||
| # Filename: package/.../libtiff/CVE-2006-2193.patch
 | ||||
| # Copyright (C) 2006 The T2 SDE Project
 | ||||
| #
 | ||||
| # More information can be found in the files COPYING and README.
 | ||||
| #
 | ||||
| # This patch file is dual-licensed. It is available under the license the
 | ||||
| # patched project is licensed under, as long as it is an OpenSource license
 | ||||
| # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
 | ||||
| # of the GNU General Public License as published by the Free Software
 | ||||
| # Foundation; either version 2 of the License, or (at your option) any later
 | ||||
| # version.
 | ||||
| # --- SDE-COPYRIGHT-NOTE-END ---
 | ||||
| 
 | ||||
| diff -Nur tiff-3.7.4-orig/tools/tiff2pdf.c tiff-3.7.4/tools/tiff2pdf.c
 | ||||
| --- tiff-3.7.4-orig/tools/tiff2pdf.c	2005-06-23 13:30:28.000000000 +0000
 | ||||
| +++ tiff-3.7.4/tools/tiff2pdf.c	2006-07-12 14:58:20.000000000 +0000
 | ||||
| @@ -3758,7 +3758,7 @@
 | ||||
|  	written += TIFFWriteFile(output, (tdata_t) "(", 1);
 | ||||
|  	for (i=0;i<len;i++){
 | ||||
|  		if((pdfstr[i]&0x80) || (pdfstr[i]==127) || (pdfstr[i]<32)){
 | ||||
| -			sprintf(buffer, "\\%.3o", pdfstr[i]);
 | ||||
| +			snprintf(buffer, "\\%.3o", pdfstr[i]);
 | ||||
|  			written += TIFFWriteFile(output, (tdata_t) buffer, 4);
 | ||||
|  		} else {
 | ||||
|  			switch (pdfstr[i]){
 | ||||
| @ -1,39 +0,0 @@ | ||||
| # --- SDE-COPYRIGHT-NOTE-BEGIN ---
 | ||||
| # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 | ||||
| #
 | ||||
| # Filename: package/.../libtiff/CVE-2006-2656.patch
 | ||||
| # Copyright (C) 2006 The T2 SDE Project
 | ||||
| #
 | ||||
| # More information can be found in the files COPYING and README.
 | ||||
| #
 | ||||
| # This patch file is dual-licensed. It is available under the license the
 | ||||
| # patched project is licensed under, as long as it is an OpenSource license
 | ||||
| # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
 | ||||
| # of the GNU General Public License as published by the Free Software
 | ||||
| # Foundation; either version 2 of the License, or (at your option) any later
 | ||||
| # version.
 | ||||
| # --- SDE-COPYRIGHT-NOTE-END ---
 | ||||
| 
 | ||||
| diff -Nur tiff-3.7.4-orig/tools/tiffsplit.c tiff-3.7.4/tools/tiffsplit.c
 | ||||
| --- tiff-3.7.4-orig/tools/tiffsplit.c	2005-05-26 18:38:48.000000000 +0000
 | ||||
| +++ tiff-3.7.4/tools/tiffsplit.c	2006-05-31 14:50:05.049544500 +0000
 | ||||
| @@ -59,14 +59,16 @@
 | ||||
|  		fprintf(stderr, "usage: tiffsplit input.tif [prefix]\n");
 | ||||
|  		return (-3);
 | ||||
|  	}
 | ||||
| -	if (argc > 2)
 | ||||
| -		strcpy(fname, argv[2]);
 | ||||
| +	if (argc > 2) {
 | ||||
| +		strncpy(fname, argv[2], 1024);
 | ||||
| +                fname[1024] = '\0';
 | ||||
| +        }
 | ||||
|  	in = TIFFOpen(argv[1], "r");
 | ||||
|  	if (in != NULL) {
 | ||||
|  		do {
 | ||||
|  			char path[1024+1];
 | ||||
|  			newfilename();
 | ||||
| -			strcpy(path, fname);
 | ||||
| +			strncpy(path, fname, 1020);
 | ||||
|  			strcat(path, ".tif");
 | ||||
|  			out = TIFFOpen(path, TIFFIsBigEndian(in)?"wb":"wl");
 | ||||
|  			if (out == NULL)
 | ||||
| @ -2,6 +2,7 @@ | ||||
| # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 | ||||
| #
 | ||||
| # Filename: package/.../libtiff/thumbnail-fixup.patch
 | ||||
| # Copyright (C) 2010 The OpenSDE Project
 | ||||
| # Copyright (C) 2004 - 2006 The T2 SDE Project
 | ||||
| #
 | ||||
| # More information can be found in the files COPYING and README.
 | ||||
| @ -21,8 +22,9 @@ Marked clamp inline, just in case. | ||||
| 
 | ||||
|   - Rene Rebe <[email protected]> for Archivista GmbH Zürich
 | ||||
| 
 | ||||
| --- tiff-3.7.3/tools/thumbnail.c	2005-07-05 18:38:16.000000000 +0200
 | ||||
| +++ tiff-3.7.3-hackery/tools/thumbnail.c	2005-09-30 20:36:44.000000000 +0200
 | ||||
| diff -ruN tiff-3.9.4-orig/tools/thumbnail.c tiff-3.9.4/tools/thumbnail.c
 | ||||
| --- tiff-3.9.4-orig/tools/thumbnail.c	2010-06-08 20:50:44.000000000 +0200
 | ||||
| +++ tiff-3.9.4/tools/thumbnail.c	2010-08-13 12:08:46.272260086 +0200
 | ||||
| @@ -369,7 +369,7 @@
 | ||||
|      }
 | ||||
|  }
 | ||||
| @ -75,7 +77,7 @@ Marked clamp inline, just in case. | ||||
|  		    acc += bits[*src++];
 | ||||
|  		/* fall thru... */
 | ||||
|  	    case 8: acc += bits[*src++];
 | ||||
| @@ -499,8 +507,9 @@
 | ||||
| @@ -499,6 +501,7 @@
 | ||||
|  	    }
 | ||||
|  	    acc += bits[*src & mask1];
 | ||||
|  	}
 | ||||
| @ -83,5 +85,3 @@ Marked clamp inline, just in case. | ||||
|  	*row++ = cmap[(255*acc)/area];
 | ||||
|      }
 | ||||
|  }
 | ||||
|  
 | ||||
|  /*
 | ||||
|  | ||||
					Loading…
					
					
				
		Reference in new issue