Subject: CVS commit: pkgsrc/graphics/tiff
From: Matthias Scheler
Date: 2010-08-04 19:48:22
Message id: 20100804174823.22E5E175DD@cvs.netbsd.org
Log Message:
Add patches from either libtiff's or Red Hat's Bugzilla which fix the
following vulnerabilities:
- CVE-2010-2233
- CVE-2010-2482
- CVE-2010-2483
- CVE-2010-2595
- CVE-2010-2597
There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion
gets triggered) and cannot be exploited after the above vulnerabilities
are fixed (at least if I understood correctly).

No butcher was involved in fixing this package.
Files:
RevisionActionfile
1.97modifypkgsrc/graphics/tiff/Makefile
1.49modifypkgsrc/graphics/tiff/distinfo
1.19addpkgsrc/graphics/tiff/patches/patch-aa
1.20addpkgsrc/graphics/tiff/patches/patch-ab
1.22addpkgsrc/graphics/tiff/patches/patch-ac
1.16addpkgsrc/graphics/tiff/patches/patch-ad
1.11addpkgsrc/graphics/tiff/patches/patch-ae