SECURITY: Update libtiff to 4.0.4beta to fix CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 (likely) Remaining unfixed vulnerabilities: CVE-2014-9655, CVE-2015-1547 (but these are unfixed upstream AFAICS). ok wizdiff -r1.117 -r1.118 pkgsrc/graphics/tiff/Makefile
(bsiegert)
@@ -1,17 +1,16 @@ | @@ -1,17 +1,16 @@ | |||
1 | # $NetBSD: Makefile,v 1.117 2014/10/09 14:06:37 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.118 2015/03/29 14:47:03 bsiegert Exp $ | |
2 | 2 | |||
3 | DISTNAME= tiff-4.0.3 | 3 | DISTNAME= tiff-4.0.4beta | |
4 | PKGREVISION= 6 | |||
5 | CATEGORIES= graphics | 4 | CATEGORIES= graphics | |
6 | MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \ | 5 | MASTER_SITES= ftp://ftp.remotesensing.org/pub/libtiff/ \ | |
7 | http://libtiff.maptools.org/dl/ | 6 | http://libtiff.maptools.org/dl/ | |
8 | 7 | |||
9 | MAINTAINER= pkgsrc-users@NetBSD.org | 8 | MAINTAINER= pkgsrc-users@NetBSD.org | |
10 | HOMEPAGE= http://www.remotesensing.org/libtiff/ | 9 | HOMEPAGE= http://www.remotesensing.org/libtiff/ | |
11 | COMMENT= Library and tools for reading and writing TIFF data files | 10 | COMMENT= Library and tools for reading and writing TIFF data files | |
12 | LICENSE= mit | 11 | LICENSE= mit | |
13 | 12 | |||
14 | EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} | 13 | EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} | |
15 | 14 | |||
16 | USE_LANGUAGES= c c++ | 15 | USE_LANGUAGES= c c++ | |
17 | USE_LIBTOOL= yes | 16 | USE_LIBTOOL= yes |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.17 2012/10/01 18:11:29 adam Exp $ | 1 | @comment $NetBSD: PLIST,v 1.18 2015/03/29 14:47:03 bsiegert Exp $ | |
2 | bin/bmp2tiff | 2 | bin/bmp2tiff | |
3 | bin/fax2ps | 3 | bin/fax2ps | |
4 | bin/fax2tiff | 4 | bin/fax2tiff | |
5 | bin/gif2tiff | 5 | bin/gif2tiff | |
6 | bin/pal2rgb | 6 | bin/pal2rgb | |
7 | bin/ppm2tiff | 7 | bin/ppm2tiff | |
8 | bin/ras2tiff | 8 | bin/ras2tiff | |
9 | bin/raw2tiff | 9 | bin/raw2tiff | |
10 | bin/rgb2ycbcr | 10 | bin/rgb2ycbcr | |
11 | bin/thumbnail | 11 | bin/thumbnail | |
12 | bin/tiff2bw | 12 | bin/tiff2bw | |
13 | bin/tiff2pdf | 13 | bin/tiff2pdf | |
14 | bin/tiff2ps | 14 | bin/tiff2ps | |
@@ -236,13 +236,15 @@ share/doc/tiff/html/v3.7.0beta2.html | @@ -236,13 +236,15 @@ share/doc/tiff/html/v3.7.0beta2.html | |||
236 | share/doc/tiff/html/v3.7.1.html | 236 | share/doc/tiff/html/v3.7.1.html | |
237 | share/doc/tiff/html/v3.7.2.html | 237 | share/doc/tiff/html/v3.7.2.html | |
238 | share/doc/tiff/html/v3.7.3.html | 238 | share/doc/tiff/html/v3.7.3.html | |
239 | share/doc/tiff/html/v3.7.4.html | 239 | share/doc/tiff/html/v3.7.4.html | |
240 | share/doc/tiff/html/v3.8.0.html | 240 | share/doc/tiff/html/v3.8.0.html | |
241 | share/doc/tiff/html/v3.8.1.html | 241 | share/doc/tiff/html/v3.8.1.html | |
242 | share/doc/tiff/html/v3.8.2.html | 242 | share/doc/tiff/html/v3.8.2.html | |
243 | share/doc/tiff/html/v3.9.0beta.html | 243 | share/doc/tiff/html/v3.9.0beta.html | |
244 | share/doc/tiff/html/v3.9.1.html | 244 | share/doc/tiff/html/v3.9.1.html | |
245 | share/doc/tiff/html/v3.9.2.html | 245 | share/doc/tiff/html/v3.9.2.html | |
246 | share/doc/tiff/html/v4.0.0.html | 246 | share/doc/tiff/html/v4.0.0.html | |
247 | share/doc/tiff/html/v4.0.1.html | 247 | share/doc/tiff/html/v4.0.1.html | |
248 | share/doc/tiff/html/v4.0.2.html | 248 | share/doc/tiff/html/v4.0.2.html | |
249 | share/doc/tiff/html/v4.0.3.html | |||
250 | share/doc/tiff/html/v4.0.4beta.html |
@@ -1,10 +1,6 @@ | @@ -1,10 +1,6 @@ | |||
1 | $NetBSD: distinfo,v 1.62 2013/09/21 18:47:05 dholland Exp $ | 1 | $NetBSD: distinfo,v 1.63 2015/03/29 14:47:03 bsiegert Exp $ | |
2 | 2 | |||
3 | SHA1 (tiff-4.0.3.tar.gz) = 652e97b78f1444237a82cbcfe014310e776eb6f0 | 3 | SHA1 (tiff-4.0.4beta.tar.gz) = 987568b81f6c40653eb79386fa0e163f3c6ab6fb | |
4 | RMD160 (tiff-4.0.3.tar.gz) = eacd725fb3c299682c1c2e508049d98acd170f31 | 4 | RMD160 (tiff-4.0.4beta.tar.gz) = 0f7c47bad8d6d9cd75d3bf42abf0a6133c1ea129 | |
5 | Size (tiff-4.0.3.tar.gz) = 2051630 bytes | 5 | Size (tiff-4.0.4beta.tar.gz) = 2098962 bytes | |
6 | SHA1 (patch-CVE-2012-4564) = bda3b26e431e8234e5afd984a086c980a8eb6c41 | |||
7 | SHA1 (patch-CVE-2013-1960_1961) = b815edbeeb1eb23ce2633060dd390985dec794f3 | |||
8 | SHA1 (patch-CVE-2013-4231) = bc1420583b9c4b0a34d26142bc35b6d0d26af529 | |||
9 | SHA1 (patch-CVE-2013-4243) = e5d37df64620451f9a34a3f6c14825873db9c1bd | |||
10 | SHA1 (patch-configure) = 1fb9ef790a59ac9c1396dd8e962c75946e2c998a | 6 | SHA1 (patch-configure) = 1fb9ef790a59ac9c1396dd8e962c75946e2c998a |