wok annotate tiff/receipt @ rev 9544
tiff: Patched overflows that could lead to aribitrary code execution when parsing a malformed image file. Thanks slackware for having this.
author | Christopher Rogers <slaxemulator@gmail.com> |
---|---|
date | Sat Apr 09 07:21:58 2011 +0000 (2011-04-09) |
parents | 02bbaa9d12ba |
children | 85e2616a7123 |
rev | line source |
---|---|
pankso@23 | 1 # SliTaz package receipt. |
pankso@23 | 2 |
pankso@23 | 3 PACKAGE="tiff" |
pascal@6414 | 4 VERSION="3.9.4" |
pankso@23 | 5 CATEGORY="x-window" |
pankso@23 | 6 SHORT_DESC="TIFF images libs. (Check tiff-apps for utilities)." |
pankso@23 | 7 MAINTAINER="pankso@slitaz.org" |
pankso@23 | 8 TARBALL="$PACKAGE-$VERSION.tar.gz" |
pascal@5007 | 9 DEPENDS="jpeg zlib gcc-lib-base" |
pankso@23 | 10 WEB_SITE="http://www.remotesensing.org/libtiff/" |
pankso@23 | 11 WGET_URL="ftp://ftp.remotesensing.org/pub/libtiff/$TARBALL" |
pankso@23 | 12 |
pankso@23 | 13 # Rules to configure and make the package. |
pankso@23 | 14 compile_rules() |
pankso@23 | 15 { |
pankso@23 | 16 cd $src |
slaxemulator@6424 | 17 |
slaxemulator@6424 | 18 # Added patch to fix CVE-2009-2285 |
slaxemulator@6424 | 19 # Bufffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 |
slaxemulator@6424 | 20 # allows context-dependent attackers to cause a denial of service |
slaxemulator@6424 | 21 # (crash) via a crafted TIFF imag. |
slaxemulator@6424 | 22 |
slaxemulator@9544 | 23 patch -Np1 -i $stuff/libtiff-CVE-2009-2285.patch |
slaxemulator@9544 | 24 #http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 |
slaxemulator@9544 | 25 patch -Np1 -i $stuff/libtiff-CVE-2011-0192.patch |
slaxemulator@9544 | 26 #http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 |
slaxemulator@9544 | 27 patch -Np1 -i $stuff/libtiff-CVE-2011-1167.patch |
slaxemulator@9544 | 28 ./configure && |
pascal@2407 | 29 make && |
slaxemulator@9544 | 30 make install |
pankso@23 | 31 } |
pankso@23 | 32 |
pankso@23 | 33 # Rules to gen a SliTaz package suitable for Tazpkg. |
pankso@23 | 34 genpkg_rules() |
pankso@23 | 35 { |
slaxemulator@9544 | 36 mkdir -p $fs/usr/lib |
pankso@23 | 37 cp -a $_pkg/usr/lib/*.so* $fs/usr/lib |
pankso@23 | 38 } |