SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for tiff-4.0.2-1.16.1.i586.rpm :

* Tue Apr 30 2013 pgajdosAATTsuse.com- security update
* CVE-2013-1961.patch [bnc#818117]
* CVE-2013-1960.patch [bnc#817573]
* Mon Nov 12 2012 pgajdosAATTsuse.com- new patches
* tiff-4.0.2-CVE-2012-4447.patch [bnc#781995]
* tiff-4.0.2-CVE-2012-4564.patch [bnc#787892]
* Mon Jul 23 2012 pgajdosAATTsuse.com- fixed CVE-2012-3401 [bnc#770816]
* Thu Jun 28 2012 meissnerAATTsuse.com- RGBA is packed in host order, use the right macros to unpack and verify in raw_decode test.
* Wed Jun 20 2012 pgajdosAATTsuse.com- updated to 4.0.2: [bnc#767852] [bnc#767854] tif_getimage.c: added support for _SEPARATED CMYK images. tif_getimage.c: Added support for greyscale + alpha. Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory() functions. tif_print.c: Lots of fixes around printing corrupt or hostile input. Improve handling of corrupt ycbcrsubsampling values. tif_unix.c: use strerror to get meaningful error messages. tif_jpeg.c: fix serious bugs in JPEGDecodeRaw(). tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173). tiff2pdf: Defend against integer overflows while calculating required buffer sizes (CVE-2012-2113).
* Tue Apr 10 2012 brianAATTaljex.com- Fix building on older targets from SUSE 10.0 to current.- Add jbig support
* Thu Mar 29 2012 idonmezAATTsuse.com- Add lzma support- Implement %check- Drop visibility patch because it breaks compilation
* Wed Mar 28 2012 iAATTmarguerite.su- change package name libtiff4 to libtiff5. library number is 5 actually.
* Wed Mar 28 2012 iAATTmarguerite.su- Update to 4.0.1
* configure.ac - Add libtiff private dependency on -llzma for pkg-config - Add support for using library symbol versioning on ELF systems with the GNU linker.
* libtiff/tif_win32.c: Eliminate some minor 64-bit warnings in tif_win32.c
* libtiff/tif_jpeg.c: Extra caution for case where sp is NULL.
* libtiff/tif_dir.c, libtiff/tif_dirread.c: Extra caution around assumption tag fetching is always successful.
* libtiff/tiffio.h: Use double-underbar syntax in GCC printf attribute specification to lessen the risk of accidental macro substitution.
* Update automake used to 1.11.3.
* Wed Mar 28 2012 cfarrellAATTsuse.com- license update: HPND tiff license most akin to spdx recognised http://www.spdx.org/licenses/HPND
* Tue Jan 10 2012 crrodriguezAATTopensuse.org- remove libjpeg-devel and zlib-devel from libtiff-devel requires as they are _not_ required to use the library. Now, this _will_ break packages with wrong buildrequires for good.
* Tue Jan 10 2012 crrodriguezAATTopensuse.org- Hide private symbols using gcc visibility, this has been applied only to functions that the source code clearly states that are internal to the library.- Run spec cleaner
* Wed Nov 23 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency
* Fri Aug 05 2011 crrodriguezAATTopensuse.org- Do not use -fno-strict-aliasing, no longer needed and will probably slow down the code.- Fix self-obsoletion warning
* Thu Apr 14 2011 pgajdosAATTsuse.cz- updated to 3.9.5:
* fixed integer overflow CVE-2010-4665
* fixed buffer overflow in ojpeg decoder
* upstreamed: - oob-read.patch - CVE-2011-0192.patch - getimage-64bit.patch - CVE-2011-1167.patch - scanlinesize.patch
* Thu Mar 31 2011 pgajdosAATTsuse.cz- fixed regression caused by previous update [bnc#682871]
* modified CVE-2011-0192.patch- fixed buffer overflow in thunder decoder [bnc#683337]
* added CVE-2011-1167.patch
* Thu Feb 17 2011 pgajdosAATTsuse.cz- fixed buffer overflow [bnc#672510]
* CVE-2011-0192.patch
* Mon Sep 06 2010 pgajdosAATTsuse.cz- fixed \"Possibly exploitable memory corruption issue in libtiff\" (see http://bugzilla.maptools.org/show_bug.cgi?id=2228) [bnc#624215]
* scanlinesize.patch- fixed crash while using libjpeg7 and higher
* dont-fancy-upsampling.patch
* Mon Jul 12 2010 pgajdosAATTsuse.cz- updated to 3.9.4: fixes CVE-2010-2065 -- obsoletes
* integer-overflow.patch
* NULL-deref.patch- fixes CVE-2010-2067
* Wed Jun 23 2010 pgajdosAATTsuse.cz- fixed CVE-2010-2065
* integer-overflow.patch
* NULL-deref.patch- fixed out of bounds read
* oob-read.patch- fixed CVE-2010-2233
* getimage-64bit.patch- [bnc#612879]
* Mon Apr 26 2010 pgajdosAATTsuse.cz- fixed tiff2pdf output [bnc#599475]
* Fri Mar 26 2010 pgajdosAATTsuse.cz- fixed typo
* Tue Mar 16 2010 pgajdosAATTsuse.cz- updated to 3.9.2: fixed many CVE\'s and obsoletes almost all our patches (see ChangeLog for details)
* Tue Dec 15 2009 jengelhAATTmedozas.de- add baselibs.conf as a source- enable parallel building
* Thu Aug 06 2009 pgajdosAATTsuse.cz- fixed integer overflows [bnc#519796]
* CVE-2009-2347.patch
* Thu Jul 02 2009 nadvornikAATTsuse.cz- fixed lzw overflow CVE-2009-2285 [bnc#518698]
  
ICM