[gnome-continuous-yocto/gnomeostree-3.28-rocko: 3704/8267] libtiff: Update to 4.0.7



commit a63b53841b2d7d0c360d3c6813a19317216f85d0
Author: Armin Kuster <akuster808 gmail com>
Date:   Sat Dec 10 09:38:43 2016 -0800

    libtiff: Update to 4.0.7
    
    Major changes:
    The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from 
the distribution, used for demos.
    
    CVEs fixed:
    CVE-2016-9297
    CVE-2016-9448
    CVE-2016-9273
    CVE-2014-8127
    CVE-2016-3658
    CVE-2016-5875
    CVE-2016-5652
    CVE-2016-3632
    
    plus more that are not identified in the changelog.
    
    removed patches integrated into update.
    more info: http://libtiff.maptools.org/v4.0.7.html
    
    (From OE-Core rev: 9945cbccc4c737c84ad441773061acbf90c7baed)
    
    Signed-off-by: Armin Kuster <akuster808 gmail com>
    Signed-off-by: Ross Burton <ross burton intel com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 .../libtiff/files/CVE-2015-8665_8683.patch         |  137 -------
 .../libtiff/files/CVE-2015-8781.patch              |  195 ---------
 .../libtiff/files/CVE-2015-8784.patch              |   73 ----
 .../libtiff/files/CVE-2016-3186.patch              |   24 --
 .../libtiff/files/CVE-2016-3622.patch              |  129 ------
 .../libtiff/files/CVE-2016-3623.patch              |   52 ---
 .../libtiff/files/CVE-2016-3632.patch              |   34 --
 .../libtiff/files/CVE-2016-3658.patch              |  111 -----
 .../libtiff/files/CVE-2016-3945.patch              |  118 ------
 .../libtiff/files/CVE-2016-3990.patch              |   66 ---
 .../libtiff/files/CVE-2016-3991.patch              |  147 -------
 .../libtiff/files/CVE-2016-5321.patch              |   49 ---
 .../libtiff/files/CVE-2016-5323.patch              |  107 -----
 .../libtiff/files/CVE-2016-9535-1.patch            |  423 --------------------
 .../libtiff/files/CVE-2016-9535-2.patch            |   67 ---
 .../libtiff/files/CVE-2016-9538.patch              |   67 ---
 .../libtiff/files/CVE-2016-9539.patch              |   60 ---
 .../libtiff/files/CVE-2016-9540.patch              |   60 ---
 .../libtiff/files/Fix_several_CVE_issues.patch     |  281 -------------
 .../libtiff/{tiff_4.0.6.bb => tiff_4.0.7.bb}       |   23 +-
 20 files changed, 2 insertions(+), 2221 deletions(-)
---
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
similarity index 65%
rename from meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
rename to meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
index 963d4b3..7296782 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.7.bb
@@ -6,29 +6,10 @@ CVE_PRODUCT = "libtiff"
 
 SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
            file://libtool2.patch \
-           file://CVE-2015-8665_8683.patch \
-           file://CVE-2015-8781.patch \
-           file://CVE-2015-8784.patch \
-           file://CVE-2016-3186.patch \
-           file://CVE-2016-5321.patch \
-           file://CVE-2016-5323.patch \
-           file://CVE-2016-3945.patch \
-           file://CVE-2016-3990.patch \
-           file://CVE-2016-3991.patch \
-           file://CVE-2016-3623.patch \
-           file://CVE-2016-3622.patch \
-           file://CVE-2016-3658.patch \
-           file://CVE-2016-3632.patch \
-           file://CVE-2016-9540.patch \
-           file://CVE-2016-9539.patch \
-           file://CVE-2016-9535-1.patch \
-           file://CVE-2016-9535-2.patch \
-           file://CVE-2016-9538.patch \
-           file://Fix_several_CVE_issues.patch \
           "
 
-SRC_URI[md5sum] = "d1d2e940dea0b5ad435f21f03d96dd72"
-SRC_URI[sha256sum] = "4d57a50907b510e3049a4bba0d7888930fdfc16ce49f1bf693e5b6247370d68c"
+SRC_URI[md5sum] = "77ae928d2c6b7fb46a21c3a29325157b"
+SRC_URI[sha256sum] = "9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019"
 
 # exclude betas
 UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]