Subject: CVS commit: pkgsrc/graphics/tiff
From: Maya Rashish
Date: 2018-10-26 00:58:05
Message id: 20181025225805.79B9AFBEE@cvs.NetBSD.org

Log Message:
tiff: apply fix for CVE-2018-18557

From 681748ec2f5ce88da5f9fa6831e1653e46af8a66 Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Sun, 14 Oct 2018 16:38:29 +0200
Subject: [PATCH 1/1] JBIG: fix potential out-of-bounds write in JBIGDecode()

JBIGDecode doesn't check if the user provided buffer is large enough
to store the JBIG decoded image, which can potentially cause out-of-bounds
write in the buffer.
This issue was reported and analyzed by Thomas Dullien.

Also fixes a (harmless) potential use of uninitialized memory when
tif->tif_rawsize > tif->tif_rawcc

And in case libtiff is compiled with CHUNKY_STRIP_READ_SUPPORT, make sure
that whole strip data is provided to JBIGDecode()

The last part (CHUNKY_STRIP_READ_SUPPORT) was adapted by myself to fit
the libtiff release.

Bump PKGREVISION.

Files:
RevisionActionfile
1.142modifypkgsrc/graphics/tiff/Makefile
1.91modifypkgsrc/graphics/tiff/distinfo
1.1addpkgsrc/graphics/tiff/patches/patch-libtiff_tif__jbig.c
1.1addpkgsrc/graphics/tiff/patches/patch-libtiff_tif__read.c