SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for tiff-4.0.3-81.5.i586.rpm :
Wed Aug 21 14:00:00 2013 pgajdosAATTsuse.com
- security update

* CVE-2013-4232.patch [bnc#834477]

* CVE-2013-4231.patch [bnc#834477]

* CVE-2013-4244.patch [bnc#834788]

* CVE-2013-4243.patch [bnc#834779]

Wed Jun 26 14:00:00 2013 pgajdosAATTsuse.com
- tiff2pdf: introduced warning when the compression isn\'t lzw or
none [bnc#819142]
- tiff2pdf: fixed crash [bnc#821872]

Tue Apr 30 14:00:00 2013 pgajdosAATTsuse.com
- security update

* CVE-2013-1961.patch [bnc#818117]

* CVE-2013-1960.patch [bnc#817573]

Fri Apr 5 14:00:00 2013 idonmezAATTsuse.com
- Add Source URL, see https://en.opensuse.org/SourceUrls

Mon Nov 5 13:00:00 2012 pgajdosAATTsuse.com
- updated to 4.0.3:

* Add some TIFF/FX support in libtiff.

* Fix bug rewriting image tiles in a compressed file.

* Fix read past end of data buffer.

* etc., see ChangeLog
- removed upstreamed patches:

* bigendian.patch

* dont-fancy-upsampling.patch

* CVE-2012-3401.patch
- new patch:

* test-jpeg-turbo.patch

* CVE-2012-4564.patch [bnc#787892]

Mon Jul 23 14:00:00 2012 pgajdosAATTsuse.com
- fixed CVE-2012-3401 [bnc#770816]

Thu Jun 28 14:00:00 2012 meissnerAATTsuse.com
- RGBA is packed in host order, use the right macros to unpack
and verify in raw_decode test.

Wed Jun 20 14:00:00 2012 pgajdosAATTsuse.com
- updated to 4.0.2: [bnc#767852] [bnc#767854]
tif_getimage.c: added support for _SEPARATED CMYK images.
tif_getimage.c: Added support for greyscale + alpha.
Added TIFFCreateCustomDirectory() and TIFFCreateEXIFDirectory() functions.
tif_print.c: Lots of fixes around printing corrupt or hostile input.
Improve handling of corrupt ycbcrsubsampling values.
tif_unix.c: use strerror to get meaningful error messages.
tif_jpeg.c: fix serious bugs in JPEGDecodeRaw().
tif_jpeg.c: Fix size overflow (zdi-can-1221,CVE-2012-1173).
tiff2pdf: Defend against integer overflows while calculating required
buffer sizes (CVE-2012-2113).

Tue Apr 10 14:00:00 2012 brianAATTaljex.com
- Fix building on older targets from SUSE 10.0 to current.
- Add jbig support

Thu Mar 29 14:00:00 2012 idonmezAATTsuse.com
- Add lzma support
- Implement %check
- Drop visibility patch because it breaks compilation

Wed Mar 28 14:00:00 2012 iAATTmarguerite.su
- change package name libtiff4 to libtiff5.
library number is 5 actually.

Wed Mar 28 14:00:00 2012 iAATTmarguerite.su
- Update to 4.0.1

* configure.ac
- Add libtiff private dependency on -llzma for pkg-config
- Add support for using library symbol versioning on
ELF systems with the GNU linker.

* libtiff/tif_win32.c: Eliminate some minor 64-bit warnings in
tif_win32.c

* libtiff/tif_jpeg.c: Extra caution for case where sp is NULL.

* libtiff/tif_dir.c, libtiff/tif_dirread.c: Extra caution around
assumption tag fetching is always successful.

* libtiff/tiffio.h: Use double-underbar syntax in GCC printf
attribute specification to lessen the risk of accidental macro
substitution.

* Update automake used to 1.11.3.

Wed Mar 28 14:00:00 2012 cfarrellAATTsuse.com
- license update: HPND
tiff license most akin to spdx recognised
http://www.spdx.org/licenses/HPND

Tue Jan 10 13:00:00 2012 crrodriguezAATTopensuse.org
- remove libjpeg-devel and zlib-devel from libtiff-devel
requires as they are _not_ required to use the library.
Now, this _will_ break packages with wrong buildrequires
for good.

Tue Jan 10 13:00:00 2012 crrodriguezAATTopensuse.org
- Hide private symbols using gcc visibility, this has been
applied only to functions that the source code clearly states
that are internal to the library.
- Run spec cleaner

Wed Nov 23 13:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to avoid implicit dependency

Fri Aug 5 14:00:00 2011 crrodriguezAATTopensuse.org
- Do not use -fno-strict-aliasing, no longer needed
and will probably slow down the code.
- Fix self-obsoletion warning

Thu Apr 14 14:00:00 2011 pgajdosAATTsuse.cz
- updated to 3.9.5:

* fixed integer overflow CVE-2010-4665

* fixed buffer overflow in ojpeg decoder

* upstreamed:
- oob-read.patch
- CVE-2011-0192.patch
- getimage-64bit.patch
- CVE-2011-1167.patch
- scanlinesize.patch

Thu Mar 31 14:00:00 2011 pgajdosAATTsuse.cz
- fixed regression caused by previous update [bnc#682871]

* modified CVE-2011-0192.patch
- fixed buffer overflow in thunder decoder [bnc#683337]

* added CVE-2011-1167.patch

Thu Feb 17 13:00:00 2011 pgajdosAATTsuse.cz
- fixed buffer overflow [bnc#672510]

* CVE-2011-0192.patch

Mon Sep 6 14:00:00 2010 pgajdosAATTsuse.cz
- fixed \"Possibly exploitable memory corruption issue in libtiff\"
(see http://bugzilla.maptools.org/show_bug.cgi?id=2228)
[bnc#624215]

* scanlinesize.patch
- fixed crash while using libjpeg7 and higher

* dont-fancy-upsampling.patch

Mon Jul 12 14:00:00 2010 pgajdosAATTsuse.cz
- updated to 3.9.4: fixes CVE-2010-2065 -- obsoletes

* integer-overflow.patch

* NULL-deref.patch
- fixes CVE-2010-2067

Wed Jun 23 14:00:00 2010 pgajdosAATTsuse.cz
- fixed CVE-2010-2065

* integer-overflow.patch

* NULL-deref.patch
- fixed out of bounds read

* oob-read.patch
- fixed CVE-2010-2233

* getimage-64bit.patch
- [bnc#612879]

Mon Apr 26 14:00:00 2010 pgajdosAATTsuse.cz
- fixed tiff2pdf output [bnc#599475]

Fri Mar 26 13:00:00 2010 pgajdosAATTsuse.cz
- fixed typo

Tue Mar 16 13:00:00 2010 pgajdosAATTsuse.cz
- updated to 3.9.2: fixed many CVE\'s and obsoletes almost all
our patches (see ChangeLog for details)

Tue Dec 15 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- enable parallel building

Thu Aug 6 14:00:00 2009 pgajdosAATTsuse.cz
- fixed integer overflows [bnc#519796]

* CVE-2009-2347.patch

Thu Jul 2 14:00:00 2009 nadvornikAATTsuse.cz
- fixed lzw overflow CVE-2009-2285 [bnc#518698]

Wed Feb 4 13:00:00 2009 nadvornikAATTsuse.cz
- fixed an endless loop on invalid images
(bnc#444079) CVE-2008-1586

Tue Jan 13 13:00:00 2009 olhAATTsuse.de
- obsolete old libtiff-64bit on ppc64 (bnc#437293)

Wed Jan 7 13:00:00 2009 olhAATTsuse.de
- obsolete old -XXbit packages (bnc#437293)

Sun Sep 7 14:00:00 2008 schwabAATTsuse.de
- Fix conflicting options.

Tue Aug 19 14:00:00 2008 nadvornikAATTsuse.cz
- fixed buffer overflows in LZW code (CVE-2008-2327) [bnc#414946]

Sun May 18 14:00:00 2008 cooloAATTsuse.de
- fix rename of xxbit packages

Thu Apr 10 14:00:00 2008 roAATTsuse.de
- added baselibs.conf file to build xxbit packages
for multilib support

Fri Jul 27 14:00:00 2007 roAATTsuse.de
- add provides and obsoletes for libtiff to libtiff3 package

Thu Jul 19 14:00:00 2007 nadvornikAATTsuse.cz
- renamed libtiff to libtiff3
- do not package static libraries
- added zlib-devel to BuildRequires


  
ICM