SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for tiff-4.4.0-1.1.x86_64.rpm :

* Mon Aug 01 2022 Michael Vetter - security update:
* CVE-2022-34526 [bsc#1202026] + tiff-CVE-2022-34526.patch
* Wed Jul 06 2022 Michael Vetter - security update
* CVE-2022-2056 [bsc#1201176]
* CVE-2022-2057 [bsc#1201175]
* CVE-2022-2058 [bsc#1201174] + tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch
* Sun May 29 2022 Dirk Müller - update to 4.4.0:
* TIFFIsBigTiff() function added.
* Functions TIFFFieldSetGetSize() and TIFFieldSetGetCountSize() added.
* LZWDecode(): major speed improvements (~30% faster)
* Predictor 2 (horizontal differenciation): support 64-bit
* Support libjpeg 9d
* avoid hang in TIFFRewriteDirectory() if a classic file > 4 GB is attempted to be created
* tif_jbig.c: fix crash when reading a file with multiple IFD in memory-mapped mode and when bit reversal is needed
* TIFFFetchNormalTag(): avoid calling memcpy() with a null source pointer and size of zero
* TIFFWriteDirectoryTagData(): turn assertion on data length into a runtime check
* TIFFFetchStripThing(): avoid calling memcpy() with a null source pointer and size of zero
* TIFFReadDirectory(): avoid calling memcpy() with a null source pointer and size of zero
* TIFFYCbCrToRGBInit(): avoid Integer-overflow
* TIFFGetField(TIFFTAG_STRIPBYTECOUNTS/TIFFTAG_STRIPOFFSETS): return error if returned pointer is NULL (fixes #342)
* OJPEG: avoid assertion when using TIFFReadScanline()
* TIFFReadDirectory: fix OJPEG hack
* LZW codec: fix support for strips/tiles > 2 GB on Windows
* TIFFAppendToStrip(): fix rewrite-in-place logic
* Fix TIFFRewriteDirectory discarding directories.
* TIFFReadCustomDirectory(): avoid crash when reading SubjectDistance tag on a non EXIF directory
* Fix Segmentation fault printing GPS directory if Altitude tag is present
* tif_jpeg.c: do not emit progressive scans with mozjpeg. (#266)
* _TIFFRewriteField(): fix when writing a IFD with a single tile that is a sparse one, on big endian hosts
* Fix all remaining uses of legacy Deflate compression id and warn on use.- drop tiff-CVE-2022-0907.patch, tiff-CVE-2022-0561.patch, tiff-CVE-2022-0562.patch, tiff-CVE-2022-0865.patch, tiff-CVE-2022-0909.patch, tiff-CVE-2022-0924.patch, tiff-CVE-2022-0908.patch, tiff-CVE-2022-1056,CVE-2022-0891.patch: all upstream- add signature validation, adds tiff.keyring
* Mon May 09 2022 Michael Vetter - security update:
* CVE-2022-0907 [bsc#1197070] + tiff-CVE-2022-0907.patch
* Mon May 09 2022 Michael Vetter - security update
* CVE-2022-0561 [bsc#1195964] + tiff-CVE-2022-0561.patch
* CVE-2022-0562 [bsc#1195965] + tiff-CVE-2022-0562.patch
* CVE-2022-0865 [bsc#1197066] + tiff-CVE-2022-0865.patch
* CVE-2022-0909 [bsc#1197072] + tiff-CVE-2022-0909.patch
* CVE-2022-0924 [bsc#1197073] + tiff-CVE-2022-0924.patch
* CVE-2022-0908 [bsc#1197074] + tiff-CVE-2022-0908.patch
* Fri May 06 2022 Michael Vetter - security update
* CVE-2022-1056 [bsc#1197631]
* CVE-2022-0891 [bsc#1197068] + tiff-CVE-2022-1056,CVE-2022-0891.patch
* Wed May 04 2022 Marcus Meissner - switch source url to https
* Mon Apr 26 2021 Paolo Stivanin - version update to 4.3.0
* Build and usage of the library and its utilities requires a C99 capable compiler.
* New optional codec for the LERC (Limited Error Raster Compression) compression scheme. To have it available, configure libtiff against the SDK available at https://github.com/esri/lerc
* Removal of unused, or now useless due to C99 availability, functions in port/
* tiffcmp: fix comparaison with pixels that are fractional number of bytes
* tiff2ps: exit the loop in case of error
* tiff2pdf: check that tiff_datasize fits in a signed tsize_t
* Mon Dec 28 2020 pgajdosAATTsuse.com- version update to 4.2.0 Major changes:
* Optional support for using libdeflate is added.
* Many of the tools now support a memory usage limit. See http://www.simplesystems.org/libtiff/v4.2.0.html for more.
* Wed Apr 01 2020 Martin Pluskal - Drop webp support as it would introduce build cycle
* Mon Mar 30 2020 Martin Pluskal - Enable zstd and webp support
* Wed Nov 06 2019 pgajdosAATTsuse.com- version update to 4.1.0
* fixes several CVEs mentioned below and more, see ChangeLog- deleted patches - tiff-CVE-2018-12900.patch (upstreamed) - tiff-CVE-2018-17000,19210.patch (upstreamed) - tiff-CVE-2019-6128.patch (upstreamed) - tiff-CVE-2019-7663.patch (upstreamed)
* Tue Feb 12 2019 mvetterAATTsuse.com- security update
* CVE-2019-7663 [bsc#1125113] + tiff-CVE-2019-7663.patch
* Mon Feb 04 2019 mvetterAATTsuse.com- security update
* CVE-2019-6128 [bsc#1121626] + tiff-CVE-2019-6128.patch
* Wed Jan 30 2019 Petr Gajdos - extend tiff-CVE-2018-19210.patch and rename it to tiff-CVE-2018-17000,19210.patch [bsc#1108606c#11]
* solves CVE-2018-19210 [bsc#1115717] and CVE-2018-17000 [bsc#1108606]
* Wed Jan 30 2019 Petr Gajdos - amend tiff-CVE-2018-12900.patch: fix wrong error message [bsc#1099257]
* Mon Nov 19 2018 Petr Gajdos - security update
* CVE-2018-19210 [bsc#1115717] + tiff-CVE-2018-19210.patch
* Tue Nov 13 2018 Tomáš Chvátal - Support only SLE12+ and remove the no longer needed conditions
* Tue Nov 13 2018 Petr Gajdos - security update
* CVE-2018-12900 [bsc#1099257] + tiff-CVE-2018-12900.patch
* Mon Nov 12 2018 Petr Gajdos - upddated to 4.0.10:
* fixes several CVEs mentioned below plus CVE-2018-18557 and CVE-2018-18661 and more- removed patches
* tiff-CVE-2017-11613,CVE-2018-16335,15209.patch
* tiff-CVE-2017-18013.patch
* tiff-CVE-2017-9935,CVE-2018-17795.patch
* tiff-CVE-2018-10779.patch
* tiff-CVE-2018-10963.patch
* tiff-CVE-2018-17100.patch
* tiff-CVE-2018-17101.patch
* tiff-CVE-2018-7456.patch
* tiff-CVE-2018-8905.patch
* tiff-4.0.9-bsc1081690-CVE-2018-5784.patch
* Fri Oct 19 2018 Petr Gajdos - security update
* CVE-2018-17795 [bsc#1110358] % tiff-4.0.9-bsc1046077-CVE-2017-9935.patch renamed to tiff-CVE-2017-9935,CVE-2018-17795.patch
* CVE-2018-16335 [bsc#1106853] % tiff-CVE-2017-11613.patch renamed to tiff-CVE-2017-11613,CVE-2018-16335,15209.patch- add a possibility to build with ASAN
* Wed Oct 17 2018 Petr Gajdos - security update
* CVE-2018-17100 [bsc#1108637] + tiff-CVE-2018-17100.patch
* CVE-2018-17101 [bsc#1108627] + tiff-CVE-2018-17101.patch
* Fri Aug 24 2018 pgajdosAATTsuse.com- remove pal2rgb tool [bsc#1071031]
* Wed Aug 15 2018 pgajdosAATTsuse.com- security update
* CVE-2018-10779 [bsc#1092480] + tiff-CVE-2018-10779.patch
* Tue Jun 05 2018 pgajdosAATTsuse.com- security update
* CVE-2018-8905 [bsc#1086408] + tiff-CVE-2018-8905.patch
* Mon Jun 04 2018 pgajdosAATTsuse.com- security update
* CVE-2017-11613 [bsc#1082332] + tiff-CVE-2017-11613.patch
* Mon Jun 04 2018 pgajdosAATTsuse.com- security update
* CVE-2018-7456 [bsc#1082825] + tiff-CVE-2018-7456.patch
* Fri May 18 2018 pgajdosAATTsuse.com- security update
* CVE-2017-18013 [bsc#1074317] + tiff-CVE-2017-18013.patch
* Tue May 15 2018 pgajdosAATTsuse.com- security update
* CVE-2018-10963 [bsc#1092949] + tiff-CVE-2018-10963.patch
* Tue Feb 20 2018 mvetterAATTsuse.com- bsc#1081690: Add tiff-4.0.9-bsc1081690-CVE-2018-5784.patch Fix uncontrolled resource consumption in TIFFSetDirectory
* Fri Feb 16 2018 mvetterAATTsuse.com- bsc#1046077: Add tiff-4.0.9-bsc1046077-CVE-2017-9935.patch Fix Heap-based buffer overflow in t2p_write_pdf
  
ICM