Change-Id: If3e90fc7443bfdb02edcc019a9fb4df05d749803
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/3467
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,18 @@ |
0 |
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c |
|
1 |
+index db196e04..cd1e2358 100644 |
|
2 |
+--- a/tools/tiff2pdf.c |
|
3 |
+@@ -1737,7 +1737,12 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){ |
|
4 |
+ return; |
|
5 |
+ |
|
6 |
+ t2p->pdf_transcode = T2P_TRANSCODE_ENCODE; |
|
7 |
+- if(t2p->pdf_nopassthrough==0){ |
|
8 |
++ /* It seems that T2P_TRANSCODE_RAW mode doesn't support separate->contig */ |
|
9 |
++ /* conversion. At least t2p_read_tiff_size and t2p_read_tiff_size_tile */ |
|
10 |
++ /* do not take into account the number of samples, and thus */ |
|
11 |
++ /* that can cause heap buffer overflows such as in */ |
|
12 |
++ /* http://bugzilla.maptools.org/show_bug.cgi?id=2715 */ |
|
13 |
++ if(t2p->pdf_nopassthrough==0 && t2p->tiff_planar!=PLANARCONFIG_SEPARATE){ |
|
14 |
+ #ifdef CCITT_SUPPORT |
|
15 |
+ if(t2p->tiff_compression==COMPRESSION_CCITTFAX4 |
|
16 |
+ ){ |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: TIFF libraries and associated utilities. |
2 | 2 |
Name: libtiff |
3 | 3 |
Version: 4.0.8 |
4 |
-Release: 2%{?dist} |
|
4 |
+Release: 3%{?dist} |
|
5 | 5 |
License: libtiff |
6 | 6 |
URL: http://www.simplesystems.org/libtiff/ |
7 | 7 |
Group: System Environment/Libraries |
... | ... |
@@ -13,6 +13,8 @@ Source0: http://download.osgeo.org/%{name}/tiff-%{version}.tar.gz |
13 | 13 |
Patch0: libtiff-4.0.6-CVE-2015-7554.patch |
14 | 14 |
Patch1: libtiff-4.0.6-CVE-2015-1547.patch |
15 | 15 |
Patch2: libtiff-CVE-2017-10688.patch |
16 |
+Patch3: libtiff-4.0.8-CVE-2017-9936.patch |
|
17 |
+Patch4: libtiff-4.0.8-CVE-2017-11335.patch |
|
16 | 18 |
BuildRequires: libjpeg-turbo-devel |
17 | 19 |
Requires: libjpeg-turbo |
18 | 20 |
%description |
... | ... |
@@ -30,7 +32,8 @@ It contains the libraries and header files to create applications |
30 | 30 |
%patch0 -p1 |
31 | 31 |
%patch1 -p1 |
32 | 32 |
%patch2 -p1 |
33 |
- |
|
33 |
+%patch3 -p1 |
|
34 |
+%patch4 -p1 |
|
34 | 35 |
%build |
35 | 36 |
./configure \ |
36 | 37 |
--prefix=%{_prefix} \ |
... | ... |
@@ -65,6 +68,8 @@ make %{?_smp_mflags} -k check |
65 | 65 |
%{_datadir}/man/man3/* |
66 | 66 |
|
67 | 67 |
%changelog |
68 |
+* Wed Aug 09 2017 Harish Udaiya Kumar <hudaiyakumar@vmware.com> 4.0.8-3 |
|
69 |
+- Added patch for CVE-2017-9936, CVE-2017-11335 |
|
68 | 70 |
* Tue Jul 11 2017 Divya Thaluru <dthaluru@vmware.com> 4.0.8-2 |
69 | 71 |
- Applied patch for CVE-2017-10688 |
70 | 72 |
* Wed Jun 07 2017 Xiaolin Li <xiaolinl@vmware.com> 4.0.8-1 |