tiff - security patching required
Paul Bredbury
brebs at sent.com
Sat Aug 8 02:33:37 CEST 2009
Hi, tiff has several bugs (including security), which are all unpatched
in Lunar. Here's my fix, which is too big for
http://foo-projects.org/~sofar/queue.php?p=tiff to accept:
My rolled-up patch is at http://devnull.lunar-linux.org/p/917
New BUILD:
(
# Apply all 6 patches from libtiff-3.8.2-15.fc12 -
http://koji.fedoraproject.org/koji/packageinfo?packageID=328
# http://www.gentoo.org/security/en/glsa/glsa-200908-03.xml
# Patch0: tiffsplit-overflow.patch
# Patch1: libtiff-3.8.2-ormandy.patch
# Patch2: libtiff-3.8.2-CVE-2006-2193.patch
# Patch3: libtiff-3.8.2-mantypo.patch
# Patch4: libtiff-3.8.2-lzw-bugs.patch
# Patch5: libtiff-3.8.2-CVE-2009-2347.patch
bzcat $SCRIPT_DIRECTORY/tiff-3.8.2-15fc12.patch.bz2 >
tiff-3.8.2-15fc12.patch &&
patch_it tiff-3.8.2-15fc12.patch 1 &&
default_build
) > $C_FIFO 2>&1
So, which Lunar dev wants to apply the security patches?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://foo-projects.org/pipermail/lunar-dev/attachments/20090808/516275bd/attachment.html>
More information about the Lunar-dev
mailing list