Date: Sat, 11 Apr 2026 08:26:09 +0000 From: Daniel Engberg <diizzy@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: a7af345cb919 - main - graphics/tiff: Fix CVE-2026-4775 Message-ID: <69da05a1.40011.457ff26e@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by diizzy: URL: https://cgit.FreeBSD.org/ports/commit/?id=a7af345cb919c0cab70b0801abaff2b528f1eaff commit a7af345cb919c0cab70b0801abaff2b528f1eaff Author: Daniel Engberg <diizzy@FreeBSD.org> AuthorDate: 2026-04-11 06:03:40 +0000 Commit: Daniel Engberg <diizzy@FreeBSD.org> CommitDate: 2026-04-11 08:26:02 +0000 graphics/tiff: Fix CVE-2026-4775 Backport upstream commit 782a11d6b5b61c6dc21e714950a4af5bf89f023c Reference: https://gitlab.com/libtiff/libtiff/-/commit/782a11d6b5b61c6dc21e714950a4af5bf89f023c PR: 294370 Reviewed by: desktop (arrowd) --- graphics/tiff/Makefile | 1 + graphics/tiff/files/patch-libtiff_tif__getimage.c | 38 +++++++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/graphics/tiff/Makefile b/graphics/tiff/Makefile index f4c8b7119511..635c491ea844 100644 --- a/graphics/tiff/Makefile +++ b/graphics/tiff/Makefile @@ -1,5 +1,6 @@ PORTNAME= tiff DISTVERSION= 4.7.1 +PORTREVISION= 1 CATEGORIES= graphics MASTER_SITES= https://download.osgeo.org/libtiff/ diff --git a/graphics/tiff/files/patch-libtiff_tif__getimage.c b/graphics/tiff/files/patch-libtiff_tif__getimage.c new file mode 100644 index 000000000000..c3c3ed3a62a0 --- /dev/null +++ b/graphics/tiff/files/patch-libtiff_tif__getimage.c @@ -0,0 +1,38 @@ +--- libtiff/tif_getimage.c.orig 2025-06-25 17:20:35 UTC ++++ libtiff/tif_getimage.c +@@ -2216,7 +2216,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr44tile) + uint32_t *cp1 = cp + w + toskew; + uint32_t *cp2 = cp1 + w + toskew; + uint32_t *cp3 = cp2 + w + toskew; +- int32_t incr = 3 * w + 4 * toskew; ++ const tmsize_t incr = 3 * (tmsize_t)w + 4 * (tmsize_t)toskew; + + (void)y; + /* adjust fromskew */ +@@ -2356,7 +2356,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr42tile) + DECLAREContigPutFunc(putcontig8bitYCbCr42tile) + { + uint32_t *cp1 = cp + w + toskew; +- int32_t incr = 2 * toskew + w; ++ const tmsize_t incr = 2 * (tmsize_t)toskew + w; + + (void)y; + fromskew = (fromskew / 4) * (4 * 2 + 2); +@@ -2512,7 +2512,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr22tile) + DECLAREContigPutFunc(putcontig8bitYCbCr22tile) + { + uint32_t *cp2; +- int32_t incr = 2 * toskew + w; ++ const tmsize_t incr = 2 * (tmsize_t)toskew + w; + (void)y; + fromskew = (fromskew / 2) * (2 * 2 + 2); + cp2 = cp + w + toskew; +@@ -2615,7 +2615,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr12tile) + DECLAREContigPutFunc(putcontig8bitYCbCr12tile) + { + uint32_t *cp2; +- int32_t incr = 2 * toskew + w; ++ const tmsize_t incr = 2 * (tmsize_t)toskew + w; + (void)y; + fromskew = (fromskew / 1) * (1 * 2 + 2); + cp2 = cp + w + toskew;home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69da05a1.40011.457ff26e>