Wed Jun 20 21:07:15 2012 UTC ()

Update to 4.0.2 for CVE-2012-2113.

     * tif_getimage.c: added support for _SEPARATED CMYK images.
     * tif_getimage.c: Added support for greyscale + alpha.
     * Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory()
       functions.
     * tif_print.c: Lots of fixes around printing corrupt or hostile input.
     * Improve handling of corrupt ycbcrsubsampling values.
     * tif_unix.c: use strerror to get meaningful error messages.
     * tif_jpeg.c: fix serious bugs in JPEGDecodeRaw().
     * tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173).


(wiz)

diff -r1.104 -r1.105 pkgsrc/graphics/tiff/Makefile
diff -r1.15 -r1.16 pkgsrc/graphics/tiff/PLIST
diff -r1.55 -r1.56 pkgsrc/graphics/tiff/distinfo
diff -r1.1 -r0 pkgsrc/graphics/tiff/patches/patch-libtiff_tif__getimage.c
diff -r1.1 -r0 pkgsrc/graphics/tiff/patches/patch-libtiff_tiffiop.h

--- pkgsrc/graphics/tiff/Makefile 2012/04/10 14:13:04 1.104
+++ pkgsrc/graphics/tiff/Makefile 2012/06/20 21:07:14 1.105

 @@ -1,17 +1,16 @@
-# $NetBSD: Makefile,v 1.104 2012/04/10 14:13:04 taca Exp $
+# $NetBSD: Makefile,v 1.105 2012/06/20 21:07:14 wiz Exp $
-DISTNAME=	tiff-4.0.1
+DISTNAME=	tiff-4.0.2
 PKGREVISION=	1
 CATEGORIES=	graphics
 MASTER_SITES=	ftp://ftp.remotesensing.org/pub/libtiff/ \
 		http://libtiff.maptools.org/dl/
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://www.remotesensing.org/libtiff/
 COMMENT=	Library and tools for reading and writing TIFF data files
 EXTRACT_ONLY=	${DISTNAME}${EXTRACT_SUFX}
 PKG_INSTALLATION_TYPES=	overwrite pkgviews
 PKG_DESTDIR_SUPPORT=	user-destdir

--- pkgsrc/graphics/tiff/PLIST 2012/02/21 13:03:00 1.15
+++ pkgsrc/graphics/tiff/PLIST 2012/06/20 21:07:14 1.16

 @@ -1,14 +1,14 @@
-@comment $NetBSD: PLIST,v 1.15 2012/02/21 13:03:00 drochner Exp $
+@comment $NetBSD: PLIST,v 1.16 2012/06/20 21:07:14 wiz Exp $
 bin/bmp2tiff
 bin/fax2ps
 bin/fax2tiff
 bin/gif2tiff
 bin/pal2rgb
 bin/ppm2tiff
 bin/ras2tiff
 bin/raw2tiff
 bin/rgb2ycbcr
 bin/thumbnail
 bin/tiff2bw
 bin/tiff2pdf
 bin/tiff2ps
 @@ -221,13 +221,15 @@ share/doc/tiff/html/v3.7.0alpha.html
 share/doc/tiff/html/v3.7.0beta.html
 share/doc/tiff/html/v3.7.0beta2.html
 share/doc/tiff/html/v3.7.1.html
 share/doc/tiff/html/v3.7.2.html
 share/doc/tiff/html/v3.7.3.html
 share/doc/tiff/html/v3.7.4.html
 share/doc/tiff/html/v3.8.0.html
 share/doc/tiff/html/v3.8.1.html
 share/doc/tiff/html/v3.8.2.html
 share/doc/tiff/html/v3.9.0beta.html
 share/doc/tiff/html/v3.9.1.html
 share/doc/tiff/html/v3.9.2.html
 share/doc/tiff/html/v4.0.0.html
 share/doc/tiff/html/v4.0.1.html
 share/doc/tiff/html/v${PKGVERSION}.html

--- pkgsrc/graphics/tiff/distinfo 2012/04/10 14:13:04 1.55
+++ pkgsrc/graphics/tiff/distinfo 2012/06/20 21:07:14 1.56

 @@ -1,8 +1,6 @@
-$NetBSD: distinfo,v 1.55 2012/04/10 14:13:04 taca Exp $
+$NetBSD: distinfo,v 1.56 2012/06/20 21:07:14 wiz Exp $
-SHA1 (tiff-4.0.1.tar.gz) = 8baf382231c9051a1b3eb294581289aa21447171
+SHA1 (tiff-4.0.2.tar.gz) = d84b7b33a6cfb3d15ca386c8c16b05047f8b5352
-RMD160 (tiff-4.0.1.tar.gz) = abf98ab277edaee302b432dbcecfe68061dd91dc
+RMD160 (tiff-4.0.2.tar.gz) = 520c5a6d17d1b0c3957e3889b66eadce0accf53f
-Size (tiff-4.0.1.tar.gz) = 1991580 bytes
+Size (tiff-4.0.2.tar.gz) = 2022814 bytes
 SHA1 (patch-configure) = 0e86c6d69783333c03d6241e1824f68602f3c732
 SHA1 (patch-libtiff_tif__getimage.c) = fc1f63b669fb8871935d4bf12e09dc1c78150f91
 SHA1 (patch-libtiff_tiffiop.h) = 8729e474106a0edce4284004f6f6d95b97c4a544