Date: Wed, 16 Jun 2010 08:04:25 +0200 (CEST) From: dirk.meyer@dinoex.sub.org To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/147900: grahics/tiff Fix Integer overflows Message-ID: <201006160604.o5G64PU7036520@home3.dinoex.sub.de> Resent-Message-ID: <201006160610.o5G6A3ul037466@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 147900 >Category: ports >Synopsis: grahics/tiff Fix Integer overflows >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Wed Jun 16 06:10:03 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Dirk Meyer >Release: FreeBSD 8.1-PRERELEASE >Organization: privat >Environment: >Description: Fixes for CVE-2009-2347 in tiff2rgba Integer overflows in various inter-color space conversion tools http://www.remotesensing.org/libtiff/v3.9.4.html The code of the shared lib is not affected. Therefor the Fix is not urgent. >How-To-Repeat: Update needs appoval from portmrg@ >Fix: Impact: dependend packages will need a rfebuild, to have the new version number recorden in dependency. Please approve the patch below. Index: Makefile =================================================================== RCS file: /home/pcvs/ports/graphics/tiff/Makefile,v retrieving revision 1.75 diff -u -r1.75 Makefile --- Makefile 12 Jun 2010 16:45:42 -0000 1.75 +++ Makefile 16 Jun 2010 06:00:05 -0000 @@ -8,7 +8,7 @@ # PORTNAME= tiff -PORTVERSION= 3.9.3 +PORTVERSION= 3.9.4 CATEGORIES= graphics MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \ http://dl1.maptools.org/dl/libtiff/ Index: distinfo =================================================================== RCS file: /home/pcvs/ports/graphics/tiff/distinfo,v retrieving revision 1.28 diff -u -r1.28 distinfo --- distinfo 12 Jun 2010 16:45:42 -0000 1.28 +++ distinfo 16 Jun 2010 06:00:05 -0000 @@ -1,3 +1,3 @@ -MD5 (tiff-3.9.3.tar.gz) = 8e9c2ee955ed7d277dca83a972f306be -SHA256 (tiff-3.9.3.tar.gz) = 60e08794966b7cbf46bbf13c347f1fe41c982f98714909f49d6f198add4fdee6 -SIZE (tiff-3.9.3.tar.gz) = 1439203 +MD5 (tiff-3.9.4.tar.gz) = 2006c1bdd12644dbf02956955175afd6 +SHA256 (tiff-3.9.4.tar.gz) = 67b76d075fb74f7cb32e7e4b217701674755fe6cee0f463b259a753fce691da6 +SIZE (tiff-3.9.4.tar.gz) = 1436968 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201006160604.o5G64PU7036520>