diff --git a/libtiff-CVE-2013-4231.patch b/libtiff-CVE-2013-4231.patch new file mode 100644 index 0000000..8ae1e12 --- /dev/null +++ b/libtiff-CVE-2013-4231.patch @@ -0,0 +1,15 @@ +diff --git a/tools/gif2tiff.c b/tools/gif2tiff.c +index 17f7a19..375b152 100644 +--- a/tools/gif2tiff.c ++++ b/tools/gif2tiff.c +@@ -333,6 +333,10 @@ readraster(void) + int status = 1; + + datasize = getc(infile); ++ ++ if (datasize > 12) ++ return 0; ++ + clear = 1 << datasize; + eoi = clear + 1; + avail = clear + 2; diff --git a/libtiff-CVE-2013-4232.patch b/libtiff-CVE-2013-4232.patch new file mode 100644 index 0000000..cec322f --- /dev/null +++ b/libtiff-CVE-2013-4232.patch @@ -0,0 +1,12 @@ +diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c +index 92a1a3d..312a946 100644 +--- a/tools/tiff2pdf.c ++++ b/tools/tiff2pdf.c +@@ -2462,6 +2462,7 @@ tsize_t t2p_readwrite_pdf_image(T2P* t2p, TIFF* input, TIFF* output){ + TIFFFileName(input)); + t2p->t2p_error = T2P_ERR_ERROR; + _TIFFfree(buffer); ++ return(0); + } else { + buffer=samplebuffer; + t2p->tiff_datasize *= t2p->tiff_samplesperpixel; diff --git a/libtiff.spec b/libtiff.spec index 5693f4e..8609bce 100644 --- a/libtiff.spec +++ b/libtiff.spec @@ -1,7 +1,7 @@ Summary: Library of functions for manipulating TIFF format image files Name: libtiff Version: 4.0.3 -Release: 8%{?dist} +Release: 9%{?dist} License: libtiff Group: System Environment/Libraries @@ -17,6 +17,8 @@ Patch4: libtiff-jpeg-test.patch Patch5: libtiff-CVE-2013-1960.patch Patch6: libtiff-CVE-2013-1961.patch Patch7: libtiff-manpage-update.patch +Patch8: libtiff-CVE-2013-4231.patch +Patch9: libtiff-CVE-2013-4232.patch BuildRequires: zlib-devel libjpeg-devel jbigkit-devel BuildRequires: libtool automake autoconf pkgconfig @@ -75,6 +77,8 @@ image files using the libtiff library. %patch5 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 +%patch9 -p1 # Use build system's libtool.m4, not the one in the package. rm -f libtool.m4 @@ -178,6 +182,10 @@ find html -name 'Makefile*' | xargs rm %{_mandir}/man1/* %changelog +* Wed Aug 14 2013 Petr Hracek 4.0.3-9 +- Add upstream patches for CVE-2013-4231 CVE-2013-4232 +Resolves: #995965 #995975 + * Mon Aug 12 2013 Petr Hracek - 4.0.3-8 - Manpage fixing (#510240, #510258)