SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for tiff-4.0.3-83.1.x86_64.rpm :
Wed Aug 21 14:00:00 2013 pgajdosAATTsuse.com
- security update

* CVE-2013-4232.patch [bnc#834477]

* CVE-2013-4231.patch [bnc#834477]

* CVE-2013-4244.patch [bnc#834788]

* CVE-2013-4243.patch [bnc#834779]

Wed Jun 26 14:00:00 2013 pgajdosAATTsuse.com
- tiff2pdf: introduced warning when the compression isn\'t lzw or
none [bnc#819142]
- tiff2pdf: fixed crash [bnc#821872]

Tue Apr 30 14:00:00 2013 pgajdosAATTsuse.com
- security update

* CVE-2013-1961.patch [bnc#818117]

* CVE-2013-1960.patch [bnc#817573]

Fri Apr 5 14:00:00 2013 idonmezAATTsuse.com
- Add Source URL, see https://en.opensuse.org/SourceUrls

Mon Nov 5 13:00:00 2012 pgajdosAATTsuse.com
- updated to 4.0.3:

* Add some TIFF/FX support in libtiff.

* Fix bug rewriting image tiles in a compressed file.

* Fix read past end of data buffer.

* etc., see ChangeLog
- removed upstreamed patches:

* bigendian.patch

* dont-fancy-upsampling.patch

* CVE-2012-3401.patch
- new patch:

* test-jpeg-turbo.patch

* CVE-2012-4564.patch [bnc#787892]

Mon Jul 23 14:00:00 2012 pgajdosAATTsuse.com
- fixed CVE-2012-3401 [bnc#770816]

Thu Jun 28 14:00:00 2012 meissnerAATTsuse.com
- RGBA is packed in host order, use the right macros to unpack
and verify in raw_decode test.

Wed Jun 20 14:00:00 2012 pgajdosAATTsuse.com
- updated to 4.0.2: [bnc#767852] [bnc#767854]
tif_getimage.c: added support for _SEPARATED CMYK images.
tif_getimage.c: Added support for greyscale + alpha.
Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory() functions.
tif_print.c: Lots of fixes around printing corrupt or hostile input.
Improve handling of corrupt ycbcrsubsampling values.
tif_unix.c: use strerror to get meaningful error messages.
tif_jpeg.c: fix serious bugs in JPEGDecodeRaw().
tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173).
tiff2pdf: Defend against integer overflows while calculating required
buffer sizes (CVE-2012-2113).

Tue Apr 10 14:00:00 2012 brianAATTaljex.com
- Fix building on older targets from SUSE 10.0 to current.
- Add jbig support

Thu Mar 29 14:00:00 2012 idonmezAATTsuse.com
- Add lzma support
- Implement %check
- Drop visibility patch because it breaks compilation

Wed Mar 28 14:00:00 2012 iAATTmarguerite.su
- change package name libtiff4 to libtiff5.
library number is 5 actually.

Wed Mar 28 14:00:00 2012 iAATTmarguerite.su
- Update to 4.0.1

* configure.ac
- Add libtiff private dependency on -llzma for pkg-config
- Add support for using library symbol versioning on
ELF systems with the GNU linker.

* libtiff/tif_win32.c: Eliminate some minor 64-bit warnings in
tif_win32.c

* libtiff/tif_jpeg.c: Extra caution for case where sp is NULL.

* libtiff/tif_dir.c, libtiff/tif_dirread.c: Extra caution around
assumption tag fetching is always successful.

* libtiff/tiffio.h: Use double-underbar syntax in GCC printf
attribute specification to lessen the risk of accidental macro
substitution.

* Update automake used to 1.11.3.

Wed Mar 28 14:00:00 2012 cfarrellAATTsuse.com
- license update: HPND
tiff license most akin to spdx recognised
http://www.spdx.org/licenses/HPND

Tue Jan 10 13:00:00 2012 crrodriguezAATTopensuse.org
- remove libjpeg-devel and zlib-devel from libtiff-devel
requires as they are _not_ required to use the library.
Now, this _will_ break packages with wrong buildrequires
for good.

Tue Jan 10 13:00:00 2012 crrodriguezAATTopensuse.org
- Hide private symbols using gcc visibility, this has been
applied only to functions that the source code clearly states
that are internal to the library.
- Run spec cleaner

Wed Nov 23 13:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to avoid implicit dependency

Fri Aug 5 14:00:00 2011 crrodriguezAATTopensuse.org
- Do not use -fno-strict-aliasing, no longer needed
and will probably slow down the code.
- Fix self-obsoletion warning

Thu Apr 14 14:00:00 2011 pgajdosAATTsuse.cz
- updated to 3.9.5:

* fixed integer overflow CVE-2010-4665

* fixed buffer overflow in ojpeg decoder

* upstreamed:
- oob-read.patch
- CVE-2011-0192.patch
- getimage-64bit.patch
- CVE-2011-1167.patch
- scanlinesize.patch

Thu Mar 31 14:00:00 2011 pgajdosAATTsuse.cz
- fixed regression caused by previous update [bnc#682871]

* modified CVE-2011-0192.patch
- fixed buffer overflow in thunder decoder [bnc#683337]

* added CVE-2011-1167.patch

Thu Feb 17 13:00:00 2011 pgajdosAATTsuse.cz
- fixed buffer overflow [bnc#672510]

* CVE-2011-0192.patch

Mon Sep 6 14:00:00 2010 pgajdosAATTsuse.cz
- fixed \"Possibly exploitable memory corruption issue in libtiff\"
(see http://bugzilla.maptools.org/show_bug.cgi?id=2228)
[bnc#624215]

* scanlinesize.patch
- fixed crash while using libjpeg7 and higher

* dont-fancy-upsampling.patch

Mon Jul 12 14:00:00 2010 pgajdosAATTsuse.cz
- updated to 3.9.4: fixes CVE-2010-2065 -- obsoletes

* integer-overflow.patch

* NULL-deref.patch
- fixes CVE-2010-2067

Wed Jun 23 14:00:00 2010 pgajdosAATTsuse.cz
- fixed CVE-2010-2065

* integer-overflow.patch

* NULL-deref.patch
- fixed out of bounds read

* oob-read.patch
- fixed CVE-2010-2233

* getimage-64bit.patch
- [bnc#612879]

Mon Apr 26 14:00:00 2010 pgajdosAATTsuse.cz
- fixed tiff2pdf output [bnc#599475]

Fri Mar 26 13:00:00 2010 pgajdosAATTsuse.cz
- fixed typo

Tue Mar 16 13:00:00 2010 pgajdosAATTsuse.cz
- updated to 3.9.2: fixed many CVE\'s and obsoletes almost all
our patches (see ChangeLog for details)

Tue Dec 15 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- enable parallel building

Thu Aug 6 14:00:00 2009 pgajdosAATTsuse.cz
- fixed integer overflows [bnc#519796]

* CVE-2009-2347.patch

Thu Jul 2 14:00:00 2009 nadvornikAATTsuse.cz
- fixed lzw overflow CVE-2009-2285 [bnc#518698]

Wed Feb 4 13:00:00 2009 nadvornikAATTsuse.cz
- fixed an endless loop on invalid images
(bnc#444079) CVE-2008-1586

Tue Jan 13 13:00:00 2009 olhAATTsuse.de
- obsolete old libtiff-64bit on ppc64 (bnc#437293)

Wed Jan 7 13:00:00 2009 olhAATTsuse.de
- obsolete old -XXbit packages (bnc#437293)

Sun Sep 7 14:00:00 2008 schwabAATTsuse.de
- Fix conflicting options.

Tue Aug 19 14:00:00 2008 nadvornikAATTsuse.cz
- fixed buffer overflows in LZW code (CVE-2008-2327) [bnc#414946]

Sun May 18 14:00:00 2008 cooloAATTsuse.de
- fix rename of xxbit packages

Thu Apr 10 14:00:00 2008 roAATTsuse.de
- added baselibs.conf file to build xxbit packages
for multilib support

Fri Jul 27 14:00:00 2007 roAATTsuse.de
- add provides and obsoletes for libtiff to libtiff3 package

Thu Jul 19 14:00:00 2007 nadvornikAATTsuse.cz
- renamed libtiff to libtiff3
- do not package static libraries
- added zlib-devel to BuildRequires

Mon Jun 12 14:00:00 2006 nadvornikAATTsuse.cz
- fixed a typo in the previous change [#179051]

Fri Jun 2 14:00:00 2006 nadvornikAATTsuse.cz
- fixed buffer overflow in tiffsplit (CVE-2006-2656) [#179051]
- fixed buffer overflow in tiff2pdf [#179587]

Wed Apr 12 14:00:00 2006 nadvornikAATTsuse.cz
- updated to 3.8.2 [#165237]

* bugfix release

* fixed several segfaults caused by incorrect tiff data

Tue Feb 7 13:00:00 2006 nadvornikAATTsuse.cz
- fixed crash on certain tiff images CVE-2006-0405 [#145757]

Wed Jan 25 13:00:00 2006 mlsAATTsuse.de
- converted neededforbuild to BuildRequires

Thu Jan 12 13:00:00 2006 nadvornikAATTsuse.cz
- compile with -fstack-protector

Tue Jan 3 13:00:00 2006 nadvornikAATTsuse.cz
- updated to 3.8.0:

* Read-only support for custom directories (e.g. EXIF directory)

* Preliminary support for MS MDI format

Mon Oct 10 14:00:00 2005 nadvornikAATTsuse.cz
- built with -fno-strict-aliasing

Fri Jul 15 14:00:00 2005 nadvornikAATTsuse.cz
- updated to 3.7.3

Tue May 24 14:00:00 2005 nadvornikAATTsuse.cz
- updated to 3.7.2
- fixed 64bit bug in ppm2tiff [#85440]
- fixed buffer overflow in BitsPerSample [#82787]

Thu Feb 17 13:00:00 2005 nadvornikAATTsuse.cz
- fixed reading of alpha channel

Sun Jan 16 13:00:00 2005 roAATTsuse.de
- added c++ to neededforbuild

Fri Jan 7 13:00:00 2005 nadvornikAATTsuse.cz
- use typedef int int32 on all architectures

Wed Jan 5 13:00:00 2005 nadvornikAATTsuse.cz
- disabled c++ API as it would add a dependency on c++ libraries

Mon Jan 3 13:00:00 2005 nadvornikAATTsuse.cz
- updated to 3.7.1: bugfix release

Wed Dec 15 13:00:00 2004 nadvornikAATTsuse.cz
- added README.SUSE pointing to the documentation [#48601]
- moved man3 to devel subpackage

Fri Oct 22 14:00:00 2004 nadvornikAATTsuse.cz
- updated to 3.7.0 - security fixes are included in mainstream

Wed Oct 20 14:00:00 2004 meissnerAATTsuse.de
- Initialize ycbcrsubsampling to be not 0 in case
of bad tiffs to avoid denial of service by divison/0.

Tue Oct 12 14:00:00 2004 nadvornikAATTsuse.cz
- do not call TIFFTileSize with uninitialized values [#44635]

Thu Oct 7 14:00:00 2004 pmladekAATTsuse.cz
- fixed much more buffer overflows (the older tiff-alt-bound-CheckMalloc.patch
is included in the new libtiff-3.6.1-alt-bound.patch now) [#44635]

Thu Sep 30 14:00:00 2004 nadvornikAATTsuse.cz
- fixed more buffer overflows [#44635]

Tue Sep 21 14:00:00 2004 nadvornikAATTsuse.cz
- fixed multiple buffer overflows - CAN-2004-0803 [#44635]
- disabled old jpeg support because of security problems [#45116]

Tue Aug 31 14:00:00 2004 nadvornikAATTsuse.cz
- added LZW support

Wed Aug 25 14:00:00 2004 kukukAATTsuse.de
- Create -devel subpackage
- Add libjpeg-devel to neededforbuild
- Avoid /bin/sh in PreRequires

Fri Jul 2 14:00:00 2004 maxAATTsuse.de
- port.h is needed as well.

Thu May 6 14:00:00 2004 maxAATTsuse.de
- Install private headers (tif_dir.h, tiffiop.h).

Tue Apr 27 14:00:00 2004 nadvornikAATTsuse.cz
- fixed tif_fax3 from cvs [#39515]

Mon Feb 9 13:00:00 2004 nadvornikAATTsuse.cz
- updated to 3.6.1
- fixed dangerous compiler warnings

Sat Jan 10 13:00:00 2004 adrianAATTsuse.de
- add %defattr and %run_ldconfig

Tue May 20 14:00:00 2003 roAATTsuse.de
- remove cvs subdirs

Sat Jul 27 14:00:00 2002 kukukAATTsuse.de
- Provide libtiff-devel in libtiff [Bug #17260]

Fri Jul 26 14:00:00 2002 adrianAATTsuse.de
- fix neededforbuild

Wed Jul 3 14:00:00 2002 nadvornikAATTsuse.cz
- fixed segfault in fax2tiff [bug #16818]
- fixed size of int32 on 64bit architectures

Tue Jun 25 14:00:00 2002 roAATTsuse.de
- fixed directory permissions

Wed Jun 19 14:00:00 2002 nadvornikAATTsuse.cz
- compiled with OJPEG_SUPPORT [bug #16408]

Thu Apr 18 14:00:00 2002 kukukAATTsuse.de
- Fix to compile on lib64 architectures

Wed Feb 6 13:00:00 2002 cooloAATTsuse.de
- use %_libdir

Thu Jan 24 13:00:00 2002 okirAATTsuse.de
- Fixed a tempfile race in fax2ps

Tue Dec 11 13:00:00 2001 nadvornikAATTsuse.cz
- updated to 3.5.7: bugfix release

Wed May 9 14:00:00 2001 mfabianAATTsuse.de
- bzip2 sources

Thu Mar 15 13:00:00 2001 schwabAATTsuse.de
- Fix for ia64.

Fri May 26 14:00:00 2000 bubnikvAATTsuse.cz
- sorted

Thu May 25 14:00:00 2000 schwabAATTsuse.de
- Fix dso configure check for ia64.

Thu May 11 14:00:00 2000 nadvornikAATTsuse.cz
- update to 3.5.5
- added BuildRoot

Tue Jan 25 13:00:00 2000 roAATTsuse.de
- manpages to /usr/share using macro

Mon Jan 3 13:00:00 2000 schwabAATTsuse.de
- Update to 3.5.4 (Y2K fix)

Mon Sep 13 14:00:00 1999 bsAATTsuse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.

Wed Jan 13 13:00:00 1999 roAATTsuse.de
- respect systems where libc is libc.so.6.1 (alpha)

Wed Nov 25 13:00:00 1998 roAATTsuse.de
- update to 3.4 (final) named 3.4.final for rpm
- moved from /usr/X11R6 to /usr

Wed Jul 29 14:00:00 1998 wernerAATTsuse.de
- Link shared libs explicit with -lc

Tue May 12 14:00:00 1998 roAATTsuse.de
- extracted package from libgr / build from own sources


  
ICM