[gnome-continuous-yocto/gnomeostree-3.28-rocko: 3704/8267] libtiff: Update to 4.0.7
- From: Emmanuele Bassi <ebassi src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-continuous-yocto/gnomeostree-3.28-rocko: 3704/8267] libtiff: Update to 4.0.7
- Date: Sun, 17 Dec 2017 01:00:25 +0000 (UTC)
commit a63b53841b2d7d0c360d3c6813a19317216f85d0
Author: Armin Kuster <akuster808 gmail com>
Date: Sat Dec 10 09:38:43 2016 -0800
libtiff: Update to 4.0.7
Major changes:
The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from
the distribution, used for demos.
CVEs fixed:
CVE-2016-9297
CVE-2016-9448
CVE-2016-9273
CVE-2014-8127
CVE-2016-3658
CVE-2016-5875
CVE-2016-5652
CVE-2016-3632
plus more that are not identified in the changelog.
removed patches integrated into update.
more info: http://libtiff.maptools.org/v4.0.7.html
(From OE-Core rev: 9945cbccc4c737c84ad441773061acbf90c7baed)
Signed-off-by: Armin Kuster <akuster808 gmail com>
Signed-off-by: Ross Burton <ross burton intel com>
Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>
.../libtiff/files/CVE-2015-8665_8683.patch | 137 -------
.../libtiff/files/CVE-2015-8781.patch | 195 ---------
.../libtiff/files/CVE-2015-8784.patch | 73 ----
.../libtiff/files/CVE-2016-3186.patch | 24 --
.../libtiff/files/CVE-2016-3622.patch | 129 ------
.../libtiff/files/CVE-2016-3623.patch | 52 ---
.../libtiff/files/CVE-2016-3632.patch | 34 --
.../libtiff/files/CVE-2016-3658.patch | 111 -----
.../libtiff/files/CVE-2016-3945.patch | 118 ------
.../libtiff/files/CVE-2016-3990.patch | 66 ---
.../libtiff/files/CVE-2016-3991.patch | 147 -------
.../libtiff/files/CVE-2016-5321.patch | 49 ---
.../libtiff/files/CVE-2016-5323.patch | 107 -----
.../libtiff/files/CVE-2016-9535-1.patch | 423 --------------------
.../libtiff/files/CVE-2016-9535-2.patch | 67 ---
.../libtiff/files/CVE-2016-9538.patch | 67 ---
.../libtiff/files/CVE-2016-9539.patch | 60 ---
.../libtiff/files/CVE-2016-9540.patch | 60 ---
.../libtiff/files/Fix_several_CVE_issues.patch | 281 -------------
.../libtiff/{tiff_4.0.6.bb => tiff_4.0.7.bb} | 23 +-
20 files changed, 2 insertions(+), 2221 deletions(-)
---
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
similarity index 65%
rename from meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
rename to meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
index 963d4b3..7296782 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
@@ -6,29 +6,10 @@ CVE_PRODUCT = "libtiff"
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://libtool2.patch \
- file://CVE-2015-8665_8683.patch \
- file://CVE-2015-8781.patch \
- file://CVE-2015-8784.patch \
- file://CVE-2016-3186.patch \
- file://CVE-2016-5321.patch \
- file://CVE-2016-5323.patch \
- file://CVE-2016-3945.patch \
- file://CVE-2016-3990.patch \
- file://CVE-2016-3991.patch \
- file://CVE-2016-3623.patch \
- file://CVE-2016-3622.patch \
- file://CVE-2016-3658.patch \
- file://CVE-2016-3632.patch \
- file://CVE-2016-9540.patch \
- file://CVE-2016-9539.patch \
- file://CVE-2016-9535-1.patch \
- file://CVE-2016-9535-2.patch \
- file://CVE-2016-9538.patch \
- file://Fix_several_CVE_issues.patch \
"
-SRC_URI[md5sum] = "d1d2e940dea0b5ad435f21f03d96dd72"
-SRC_URI[sha256sum] = "4d57a50907b510e3049a4bba0d7888930fdfc16ce49f1bf693e5b6247370d68c"
+SRC_URI[md5sum] = "77ae928d2c6b7fb46a21c3a29325157b"
+SRC_URI[sha256sum] = "9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019"
# exclude betas
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]