wok view tiff/receipt @ rev 9544
tiff: Patched overflows that could lead to aribitrary code execution when parsing a malformed image file. Thanks slackware for having this.
| author | Christopher Rogers <slaxemulator@gmail.com> |
|---|---|
| date | Sat Apr 09 07:21:58 2011 +0000 (2011-04-09) |
| parents | 02bbaa9d12ba |
| children | 85e2616a7123 |
line source
1 # SliTaz package receipt.
3 PACKAGE="tiff"
4 VERSION="3.9.4"
5 CATEGORY="x-window"
6 SHORT_DESC="TIFF images libs. (Check tiff-apps for utilities)."
7 MAINTAINER="pankso@slitaz.org"
8 TARBALL="$PACKAGE-$VERSION.tar.gz"
9 DEPENDS="jpeg zlib gcc-lib-base"
10 WEB_SITE="http://www.remotesensing.org/libtiff/"
11 WGET_URL="ftp://ftp.remotesensing.org/pub/libtiff/$TARBALL"
13 # Rules to configure and make the package.
14 compile_rules()
15 {
16 cd $src
18 # Added patch to fix CVE-2009-2285
19 # Bufffer underflow in the LZWDecodeCompat function in libtiff 3.8.2
20 # allows context-dependent attackers to cause a denial of service
21 # (crash) via a crafted TIFF imag.
23 patch -Np1 -i $stuff/libtiff-CVE-2009-2285.patch
24 #http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
25 patch -Np1 -i $stuff/libtiff-CVE-2011-0192.patch
26 #http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167
27 patch -Np1 -i $stuff/libtiff-CVE-2011-1167.patch
28 ./configure &&
29 make &&
30 make install
31 }
33 # Rules to gen a SliTaz package suitable for Tazpkg.
34 genpkg_rules()
35 {
36 mkdir -p $fs/usr/lib
37 cp -a $_pkg/usr/lib/*.so* $fs/usr/lib
38 }