Fix for CVE-2009-2285

2009-07-01 14:53:40 +00:00 · 2009-07-01 14:53:40 +00:00 · ace255dfdb
commit ace255dfdb
parent 12222047a3
2 changed files with 10 additions and 5 deletions
--- a/libtiff-3.8.2-lzw-bugs.patch
+++ b/libtiff-3.8.2-lzw-bugs.patch
@ -1,4 +1,4 @@
-Fixes for CVE-2008-2327
+Fixes for CVE-2008-2327 and CVE-2009-2285


 diff -Naur tiff-3.8.2.orig/libtiff/tif_lzw.c tiff-3.8.2/libtiff/tif_lzw.c
@ -27,7 +27,7 @@ diff -Naur tiff-3.8.2.orig/libtiff/tif_lzw.c tiff-3.8.2/libtiff/tif_lzw.c
 			NextCode(tif, sp, bp, code, GetNextCode);
 			if (code == CODE_EOI)
 				break;
-+			if (code == CODE_CLEAR) {
+			if (code >= CODE_CLEAR) {
 +				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
 +				"LZWDecode: Corrupted LZW table at scanline %d",
 +				tif->tif_row);
@ -47,7 +47,7 @@ diff -Naur tiff-3.8.2.orig/libtiff/tif_lzw.c tiff-3.8.2/libtiff/tif_lzw.c
 			NextCode(tif, sp, bp, code, GetNextCodeCompat);
 			if (code == CODE_EOI)
 				break;
-+			if (code == CODE_CLEAR) {
+			if (code >= CODE_CLEAR) {
 +				TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
 +				"LZWDecodeCompat: Corrupted LZW table at scanline %d",
 +				tif->tif_row);
--- a/libtiff.spec
+++ b/libtiff.spec
@ -1,10 +1,10 @@
 Summary: Library of functions for manipulating TIFF format image files
 Name: libtiff
 Version: 3.8.2
-Release: 12%{?dist}
+Release: 13%{?dist}
 License: libtiff
 Group: System Environment/Libraries
-URL: http://www.libtiff.org/
+URL: http://www.remotesensing.org/libtiff/

 Source: ftp://ftp.remotesensing.org/pub/libtiff/tiff-%{version}.tar.gz
 Patch0: tiffsplit-overflow.patch
@ -157,6 +157,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/*.a

 %changelog
+* Wed Jul  1 2009 Tom Lane <tgl@redhat.com> 3.8.2-13
+- Fix some more LZW decoding vulnerabilities (CVE-2009-2285)
+Related: #507465
+- Update upstream URL
+
 * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8.2-12
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild