./graphics/tiff, Library and tools for reading and writing TIFF data files

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q3, Version: 4.0.10, Package name: tiff-4.0.10, Maintainer: pkgsrc-users

This is software provides support for the Tag Image Format (TIFF).
Included is a library, libtiff, for reading and writing TIFF, a
collection of tools for doing simple manipulations of TIFF images, and
documentation on the library and tools. A random assortment of
TIFF-related software contributed by others is also included.

The library, along with associated tool programs, should handle most of
your needs for reading and writing files that follow the 5.0 or 6.0
TIFF spec. There is also considerable support for some of the more
esoteric portions of the 6.0 TIFF spec.


Required to run:
[graphics/jbigkit] [graphics/jpeg]

Required to build:
[pkgtools/cwrappers]

Package options: lzw

Master sites:

SHA1: c783b80f05cdacf282aa022dc5f5b0ede5e021ae
RMD160: b25cc4002f2493e71763d0a465a50e9d6ee2aff0
Filesize: 2346.55 KB

Version history: (Expand)

CVS history: (Expand)


   2018-11-22 06:50:52 by S.P.Zeidler | Files touched by this commit (14) | Package removed
Log message:
Pullup ticket #5881 - requested by maya
graphics/tiff: security update

Revisions pulled up:
- graphics/tiff/Makefile                                        1.144
- graphics/tiff/PLIST                                           1.26
- graphics/tiff/distinfo                                        1.93
- graphics/tiff/patches/patch-CVE-2017-11613                    deleted
- graphics/tiff/patches/patch-CVE-2017-18013                    deleted
- graphics/tiff/patches/patch-CVE-2017-9935                     deleted
- graphics/tiff/patches/patch-CVE-2018-10963                    deleted
- graphics/tiff/patches/patch-CVE-2018-17100                    deleted
- graphics/tiff/patches/patch-CVE-2018-17101                    deleted
- graphics/tiff/patches/patch-CVE-2018-5784                     deleted
- graphics/tiff/patches/patch-CVE-2018-8905                     deleted
- graphics/tiff/patches/patch-libtiff_tif__jbig.c               deleted
- graphics/tiff/patches/patch-libtiff_tif__read.c               deleted
- graphics/tiff/patches/patch-tools_pal2rgb.c                   deleted

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Sat Nov 10 21:14:54 UTC 2018

   Modified Files:
   	pkgsrc/graphics/tiff: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/graphics/tiff/patches: patch-CVE-2017-11613 patch-CVE-2017-18013
   	    patch-CVE-2017-9935 patch-CVE-2018-10963 patch-CVE-2018-17100
   	    patch-CVE-2018-17101 patch-CVE-2018-5784 patch-CVE-2018-8905
   	    patch-libtiff_tif__jbig.c patch-libtiff_tif__read.c
   	    patch-tools_pal2rgb.c

   Log message:
   tiff: update to 4.0.10

   It has been a year since the previous release.  This is the first
   release made from the Git repository at
   https://gitlab.com/libtiff/libtiff using a collaborative process.

   Since the previous release, a number of security issues have been
   fixed, and some significant new features have been added.

   This release adds support for Zstd and WebP compression algorithms.
   In their own way, each of these compression algorithms is highly
   complimentary to TIFF.

   Zstd provides improved compression and decompression speed vs zlib's
   Deflate as well as a broader range of compression ratios.  Zstd is
   developed by Facebook and the implementation continues to be improved.

   WebP is optimized for small/medium 8-bit images while offering
   improved compression performance vs traditional JPEG.  WebP works well
   in strips or tiles to compress large images down to very small files,
   while preserving a good looking image.  WebP is developed by Google,
   and its implementation continues to be improved.

   Due to Adobe's TIFF tag registration interface going off-line, we have
   had to assign our own tags for Zstd and WebP.

   To generate a diff of this commit:
   cvs rdiff -u -r1.143 -r1.144 pkgsrc/graphics/tiff/Makefile
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/graphics/tiff/PLIST
   cvs rdiff -u -r1.92 -r1.93 pkgsrc/graphics/tiff/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/tiff/patches/patch-CVE-2017-11613 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2017-18013 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2017-9935 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-10963 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-17100 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-17101 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-5784 \
       pkgsrc/graphics/tiff/patches/patch-CVE-2018-8905 \
       pkgsrc/graphics/tiff/patches/patch-libtiff_tif__jbig.c \
       pkgsrc/graphics/tiff/patches/patch-libtiff_tif__read.c \
       pkgsrc/graphics/tiff/patches/patch-tools_pal2rgb.c
   2018-10-29 15:49:32 by Benny Siegert | Files touched by this commit (8) 
Log message:
Pullup ticket #5867 - requested by spz
graphics/tiff: security fix

Revisions pulled up:
- graphics/tiff/Makefile                                        1.143
- graphics/tiff/distinfo                                        1.92
- graphics/tiff/patches/patch-CVE-2017-11613                    1.1
- graphics/tiff/patches/patch-CVE-2017-18013                    1.1
- graphics/tiff/patches/patch-CVE-2018-10963                    1.1
- graphics/tiff/patches/patch-CVE-2018-17100                    1.1
- graphics/tiff/patches/patch-CVE-2018-17101                    1.1
- graphics/tiff/patches/patch-CVE-2018-5784                     1.1

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Sun Oct 28 09:45:07 UTC 2018

   Modified Files:
   	pkgsrc/graphics/tiff: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/tiff/patches: patch-CVE-2017-11613 patch-CVE-2017-18013
   	    patch-CVE-2018-10963 patch-CVE-2018-17100 patch-CVE-2018-17101
   	    patch-CVE-2018-5784

   Log message:
   patches from upstream for
   CVE-2017-11613 CVE-2017-18013 CVE-2018-5784 CVE-2018-10963
   CVE-2018-17100 CVE-2018-17101
   2018-10-26 09:02:56 by S.P.Zeidler | Files touched by this commit (4) 
Log message:
Pullup ticket #5853 - requested by maya
graphics/tiff: security patch

Revisions pulled up:
- graphics/tiff/Makefile                                        1.142
- graphics/tiff/distinfo                                        1.91
- graphics/tiff/patches/patch-libtiff_tif__jbig.c               1.1
- graphics/tiff/patches/patch-libtiff_tif__read.c               1.1

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Thu Oct 25 22:58:05 UTC 2018

   Modified Files:
   	pkgsrc/graphics/tiff: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/tiff/patches: patch-libtiff_tif__jbig.c
   	    patch-libtiff_tif__read.c

   Log message:
   tiff: apply fix for CVE-2018-18557

   >From 681748ec2f5ce88da5f9fa6831e1653e46af8a66 Mon Sep 17 00:00:00 2001
   From: Even Rouault <even.rouault@spatialys.com>
   Date: Sun, 14 Oct 2018 16:38:29 +0200
   Subject: [PATCH 1/1] JBIG: fix potential out-of-bounds write in JBIGDecode()

   JBIGDecode doesn't check if the user provided buffer is large enough
   to store the JBIG decoded image, which can potentially cause out-of-bounds
   write in the buffer.
   This issue was reported and analyzed by Thomas Dullien.

   Also fixes a (harmless) potential use of uninitialized memory when
   tif->tif_rawsize > tif->tif_rawcc

   And in case libtiff is compiled with CHUNKY_STRIP_READ_SUPPORT, make sure
   that whole strip data is provided to JBIGDecode()

   The last part (CHUNKY_STRIP_READ_SUPPORT) was adapted by myself to fit
   the libtiff release.

   Bump PKGREVISION.

   To generate a diff of this commit:
   cvs rdiff -u -r1.141 -r1.142 pkgsrc/graphics/tiff/Makefile
   cvs rdiff -u -r1.90 -r1.91 pkgsrc/graphics/tiff/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/tiff/patches/patch-libtiff_tif__jbig.c \
       pkgsrc/graphics/tiff/patches/patch-libtiff_tif__read.c