|
|
@@ -4,10 +4,23 @@ Summary: A library of functions for manipulating TIFF format image files.
|
|
|
Summary(ja): TIFF フォーマットの画像ファイルを扱うライブラリ
|
|
|
Name: libtiff
|
|
|
Version: 4.0.3
|
|
|
-Release: 1%{_dist_release}
|
|
|
+Release: 2%{_dist_release}
|
|
|
License: distributable
|
|
|
Group: System Environment/Libraries
|
|
|
Source0: http://download.osgeo.org/libtiff/tiff-%{version}.tar.gz
|
|
|
+
|
|
|
+Patch1: libtiff-CVE-2012-4447.patch
|
|
|
+Patch2: libtiff-CVE-2012-4564.patch
|
|
|
+Patch3: libtiff-printdir-width.patch
|
|
|
+Patch4: libtiff-jpeg-test.patch
|
|
|
+Patch5: libtiff-CVE-2013-1960.patch
|
|
|
+Patch6: libtiff-CVE-2013-1961.patch
|
|
|
+Patch7: libtiff-manpage-update.patch
|
|
|
+Patch8: libtiff-CVE-2013-4231.patch
|
|
|
+Patch9: libtiff-CVE-2013-4232.patch
|
|
|
+Patch10: libtiff-CVE-2013-4244.patch
|
|
|
+Patch11: libtiff-make-check.patch
|
|
|
+
|
|
|
URL: http://www.remotesensing.org/libtiff/
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
BuildRequires: zlib-devel libjpeg-devel
|
|
|
@@ -102,6 +115,18 @@ install the libtiff package.
|
|
|
%prep
|
|
|
%setup -q -n tiff-%{version}
|
|
|
|
|
|
+%patch1 -p1 -b .CVE-2012-4447
|
|
|
+%patch2 -p1 -b .CVE-2012-4564
|
|
|
+%patch3 -p1 -b .printdir-width
|
|
|
+%patch4 -p1 -b .jpeg-test
|
|
|
+%patch5 -p1 -b .CVE-2013-1960
|
|
|
+%patch6 -p1 -b .CVE-2013-1961
|
|
|
+%patch7 -p1 -b .manpage-update
|
|
|
+%patch8 -p1 -b .CVE-2013-4231
|
|
|
+%patch9 -p1 -b .CVE-2013-4232
|
|
|
+%patch10 -p1 -b .CVE-2013-4244
|
|
|
+%patch11 -p1
|
|
|
+
|
|
|
%build
|
|
|
%configure --with-jpeg-lib-dir=%{_libdir} --disable-cxx
|
|
|
%__make %{?_smp_mflags}
|
|
|
@@ -158,7 +183,10 @@ rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
-* Mon Nov 12 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
|
|
|
+* Thu Dec 26 2013 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 4.0.3-2
|
|
|
+- add patch1-11 from fc21 to fix security issues
|
|
|
+
|
|
|
+* Mon Nov 12 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 4.0.3-1
|
|
|
- new upstream release with security fix (CVE-2012-4447)
|
|
|
- drop *.a files from -devel packages
|
|
|
|
|
|
@@ -275,7 +303,7 @@ rm -rf $RPM_BUILD_ROOT
|
|
|
--* Wed Oct 20 2004 - meissner@suse.de
|
|
|
--- Do not crash if we are using unsupported codecs (like OJPEG).
|
|
|
|
|
|
-* Sun Jan 15 2003 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 3.5.7-6vl2
|
|
|
+* Wed Jan 15 2003 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 3.5.7-6vl2
|
|
|
- rebuild with new toolchains
|
|
|
- to use License instead of Copyright
|
|
|
|
|
|
@@ -291,7 +319,7 @@ rm -rf $RPM_BUILD_ROOT
|
|
|
* Tue Dec 19 2000 Philipp Knirsch <pknirsch@redhat.de>
|
|
|
- rebuild
|
|
|
|
|
|
-* Tue Aug 7 2000 Crutcher Dunnavant <crutcher@redhat.com>
|
|
|
+* Mon Aug 7 2000 Crutcher Dunnavant <crutcher@redhat.com>
|
|
|
- added a tiff-to-ps.fpi filter for printing
|
|
|
|
|
|
* Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
|
iwamoto