diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-12-06 05:03:11 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-12-06 07:07:29 +0100 |
commit | 6b991872e40a53e2168dba213ae8a8664aaf2c2e (patch) | |
tree | 7bcaf498fad9bfc9153f33f2cd04470d98c1c1f1 /source/l | |
parent | b9a6d331765cbea0579f93926035e6aadb41d125 (diff) | |
download | current-6b991872e40a53e2168dba213ae8a8664aaf2c2e.tar.gz current-6b991872e40a53e2168dba213ae8a8664aaf2c2e.tar.xz |
Wed Dec 6 05:03:11 UTC 202320231206050311
a/aaa_libraries-15.1-x86_64-23.txz: Rebuilt.
Upgraded: libelf-0.190.so, libcares.so.2.9.0, libglib-2.0.so.0.7800.2,
libgmodule-2.0.so.0.7800.2, libgobject-2.0.so.0.7800.2,
libgthread-2.0.so.0.7800.2.
Added: libtiff.so.6.0.2, libtiffxx.so.6.0.2.
a/util-linux-2.39.3-x86_64-1.txz: Upgraded.
ap/cups-filters-1.28.17-x86_64-3.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
ap/ghostscript-10.02.1-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
ap/rpm-4.19.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
e/emacs-29.1-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
kde/bluedevil-5.27.10-x86_64-1.txz: Upgraded.
kde/breeze-5.27.10-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.27.10-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.27.10-x86_64-1.txz: Upgraded.
kde/digikam-8.2.0-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
kde/drkonqi-5.27.10-x86_64-1.txz: Upgraded.
kde/gwenview-23.08.3-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
kde/kactivitymanagerd-5.27.10-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.27.10-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.27.10-x86_64-1.txz: Upgraded.
kde/kdecoration-5.27.10-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.27.10-x86_64-1.txz: Upgraded.
kde/kgamma5-5.27.10-x86_64-1.txz: Upgraded.
kde/khotkeys-5.27.10-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.27.10-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.27.10-x86_64-1.txz: Upgraded.
kde/kpipewire-5.27.10-x86_64-1.txz: Upgraded.
kde/krita-5.2.1-x86_64-3.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
kde/kscreen-5.27.10-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.27.10-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.27.10-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.27.10-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.27.10-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.27.10-x86_64-1.txz: Upgraded.
kde/kwin-5.27.10-x86_64-1.txz: Upgraded.
kde/kwrited-5.27.10-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.27.10-x86_64-1.txz: Upgraded.
kde/libkscreen-5.27.10-x86_64-1.txz: Upgraded.
kde/libksysguard-5.27.10-x86_64-1.txz: Upgraded.
kde/milou-5.27.10-x86_64-1.txz: Upgraded.
kde/okular-23.08.3-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
kde/oxygen-5.27.10-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.10-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.27.10-noarch-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.27.10-x86_64-1.txz: Upgraded.
kde/powerdevil-5.27.10-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.27.10-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.27.10-x86_64-1.txz: Upgraded.
kde/systemsettings-5.27.10-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.27.10-x86_64-1.txz: Upgraded.
l/SDL2_image-2.6.3-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/djvulibre-3.5.28-x86_64-4.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/gd-2.3.3-x86_64-3.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/gdk-pixbuf2-2.42.10-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/gegl-0.4.46-x86_64-3.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/glib2-2.78.2-x86_64-1.txz: Upgraded.
l/gtk4-4.12.4-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/imagemagick-7.1.1_22-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/lcms-1.19-x86_64-7.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/lcms2-2.16-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/libtiff-4.6.0-x86_64-1.txz: Upgraded.
Probably best to get this one out of the way...
From the release announcement:
Pay attention to the following warning:
This version removes a big number of utilities that have suffered from lack
of maintenance over the years and were the source of various reported
security issues. See "Removed functionality" below for the list of removed
utilities. Starting with libtiff v4.6.0, their source code, at this time,
will still be available in the source distribution, but they will no longer
be built by default, and issues related to them will no longer be accepted
in the libtiff bug tracker. The only remaining supported TIFF tools are
tiffinfo, tiffdump, tiffcp, tiffset and tiffsplit.
Shared library .so-version bump.
l/libwebp-1.3.2-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/netpbm-11.04.04-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/opencv-4.8.1-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/poppler-23.12.0-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/python-pillow-8.4.0-x86_64-3.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
l/qt5-5.15.11_20231125_4765fa1d-x86_64-1.txz: Upgraded.
Compiled against libtiff-4.6.0.
l/sdl-1.2.15-x86_64-15.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
n/links-2.29-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
t/xfig-3.2.9-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
xap/geeqie-2.1-x86_64-4.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
xap/gimp-2.10.36-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
xap/sane-1.2.1-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
xap/windowmaker-0.96.0-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
xap/xpaint-3.1.4-x86_64-2.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
xap/xsane-0.999-x86_64-6.txz: Rebuilt.
Recompiled against libtiff-4.6.0.
Diffstat (limited to 'source/l')
-rwxr-xr-x | source/l/SDL2_image/SDL2_image.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/djvulibre/djvulibre.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/gd/gd.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/gdk-pixbuf2/gdk-pixbuf2.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/gegl/gegl.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/gtk4/gtk4.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/imagemagick/imagemagick.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/lcms/lcms.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/lcms2/lcms2.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/libtiff/libtiff.SlackBuild | 2 | ||||
-rw-r--r-- | source/l/libtiff/patches/CVE-2022-2056_2057_2058.patch | 180 | ||||
-rw-r--r-- | source/l/libtiff/patches/CVE-2022-34526.patch | 28 | ||||
-rw-r--r-- | source/l/libtiff/patches/CVE-2022-3970.patch | 38 | ||||
-rwxr-xr-x | source/l/libwebp/libwebp.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/netpbm/netpbm.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/opencv/opencv.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/poppler/poppler.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/python-pillow/python-pillow.SlackBuild | 2 | ||||
-rwxr-xr-x | source/l/sdl/sdl.SlackBuild | 2 |
19 files changed, 16 insertions, 262 deletions
diff --git a/source/l/SDL2_image/SDL2_image.SlackBuild b/source/l/SDL2_image/SDL2_image.SlackBuild index 3df413b49..7eaf2d619 100755 --- a/source/l/SDL2_image/SDL2_image.SlackBuild +++ b/source/l/SDL2_image/SDL2_image.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=SDL2_image VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/djvulibre/djvulibre.SlackBuild b/source/l/djvulibre/djvulibre.SlackBuild index 9324688ac..0e38af123 100755 --- a/source/l/djvulibre/djvulibre.SlackBuild +++ b/source/l/djvulibre/djvulibre.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=djvulibre VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-3} +BUILD=${BUILD:-4} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/gd/gd.SlackBuild b/source/l/gd/gd.SlackBuild index 596b77507..ca3b7a8a0 100755 --- a/source/l/gd/gd.SlackBuild +++ b/source/l/gd/gd.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=gd VERSION=${VERSION:-$(echo libgd-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/gdk-pixbuf2/gdk-pixbuf2.SlackBuild b/source/l/gdk-pixbuf2/gdk-pixbuf2.SlackBuild index 959810d9e..1a8c6a2a6 100755 --- a/source/l/gdk-pixbuf2/gdk-pixbuf2.SlackBuild +++ b/source/l/gdk-pixbuf2/gdk-pixbuf2.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=gdk-pixbuf VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/gegl/gegl.SlackBuild b/source/l/gegl/gegl.SlackBuild index 8f17c84aa..3f037bd23 100755 --- a/source/l/gegl/gegl.SlackBuild +++ b/source/l/gegl/gegl.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=gegl VERSION=${VERSION:-$(echo gegl-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/gtk4/gtk4.SlackBuild b/source/l/gtk4/gtk4.SlackBuild index 0e26a9b00..8b1dcea02 100755 --- a/source/l/gtk4/gtk4.SlackBuild +++ b/source/l/gtk4/gtk4.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=gtk4 VERSION=${VERSION:-$(echo gtk-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} diff --git a/source/l/imagemagick/imagemagick.SlackBuild b/source/l/imagemagick/imagemagick.SlackBuild index 64b04f335..f0acab198 100755 --- a/source/l/imagemagick/imagemagick.SlackBuild +++ b/source/l/imagemagick/imagemagick.SlackBuild @@ -23,7 +23,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=imagemagick -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # NOTE: This is to cope with ImageMagick version numbers such as 5.4.7-4, # which occur fairly often (but not always). If these numbers are all the same, diff --git a/source/l/lcms/lcms.SlackBuild b/source/l/lcms/lcms.SlackBuild index b4609fc7e..4bd50d511 100755 --- a/source/l/lcms/lcms.SlackBuild +++ b/source/l/lcms/lcms.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=lcms VERSION=${VERSION:-$(echo lcms-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-6} +BUILD=${BUILD:-7} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/lcms2/lcms2.SlackBuild b/source/l/lcms2/lcms2.SlackBuild index 6151d9e7a..82e74f89d 100755 --- a/source/l/lcms2/lcms2.SlackBuild +++ b/source/l/lcms2/lcms2.SlackBuild @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=lcms2 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} diff --git a/source/l/libtiff/libtiff.SlackBuild b/source/l/libtiff/libtiff.SlackBuild index 51a70bbba..4ef8eb2d4 100755 --- a/source/l/libtiff/libtiff.SlackBuild +++ b/source/l/libtiff/libtiff.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=libtiff VERSION=${VERSION:-$(echo tiff-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/libtiff/patches/CVE-2022-2056_2057_2058.patch b/source/l/libtiff/patches/CVE-2022-2056_2057_2058.patch deleted file mode 100644 index f62a41ad7..000000000 --- a/source/l/libtiff/patches/CVE-2022-2056_2057_2058.patch +++ /dev/null @@ -1,180 +0,0 @@ -From dd1bcc7abb26094e93636e85520f0d8f81ab0fab Mon Sep 17 00:00:00 2001 -From: 4ugustus <wangdw.augustus@qq.com> -Date: Sat, 11 Jun 2022 09:31:43 +0000 -Subject: [PATCH] fix the FPE in tiffcrop (#415, #427, and #428) - ---- - libtiff/tif_aux.c | 9 +++++++ - libtiff/tiffiop.h | 1 + - tools/tiffcrop.c | 62 ++++++++++++++++++++++++++--------------------- - 3 files changed, 44 insertions(+), 28 deletions(-) - -diff --git a/libtiff/tif_aux.c b/libtiff/tif_aux.c -index 140f26c7..5b88c8d0 100644 ---- a/libtiff/tif_aux.c -+++ b/libtiff/tif_aux.c -@@ -402,6 +402,15 @@ float _TIFFClampDoubleToFloat( double val ) - return (float)val; - } - -+uint32_t _TIFFClampDoubleToUInt32(double val) -+{ -+ if( val < 0 ) -+ return 0; -+ if( val > 0xFFFFFFFFU || val != val ) -+ return 0xFFFFFFFFU; -+ return (uint32_t)val; -+} -+ - int _TIFFSeekOK(TIFF* tif, toff_t off) - { - /* Huge offsets, especially -1 / UINT64_MAX, can cause issues */ -diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h -index e3af461d..4e8bdac2 100644 ---- a/libtiff/tiffiop.h -+++ b/libtiff/tiffiop.h -@@ -365,6 +365,7 @@ extern double _TIFFUInt64ToDouble(uint64_t); - extern float _TIFFUInt64ToFloat(uint64_t); - - extern float _TIFFClampDoubleToFloat(double); -+extern uint32_t _TIFFClampDoubleToUInt32(double); - - extern tmsize_t - _TIFFReadEncodedStripAndAllocBuffer(TIFF* tif, uint32_t strip, -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c -index 1f827b2b..90286a5e 100644 ---- a/tools/tiffcrop.c -+++ b/tools/tiffcrop.c -@@ -5268,17 +5268,17 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image, - { - if ((crop->res_unit == RESUNIT_INCH) || (crop->res_unit == RESUNIT_CENTIMETER)) - { -- x1 = (uint32_t) (crop->corners[i].X1 * scale * xres); -- x2 = (uint32_t) (crop->corners[i].X2 * scale * xres); -- y1 = (uint32_t) (crop->corners[i].Y1 * scale * yres); -- y2 = (uint32_t) (crop->corners[i].Y2 * scale * yres); -+ x1 = _TIFFClampDoubleToUInt32(crop->corners[i].X1 * scale * xres); -+ x2 = _TIFFClampDoubleToUInt32(crop->corners[i].X2 * scale * xres); -+ y1 = _TIFFClampDoubleToUInt32(crop->corners[i].Y1 * scale * yres); -+ y2 = _TIFFClampDoubleToUInt32(crop->corners[i].Y2 * scale * yres); - } - else - { -- x1 = (uint32_t) (crop->corners[i].X1); -- x2 = (uint32_t) (crop->corners[i].X2); -- y1 = (uint32_t) (crop->corners[i].Y1); -- y2 = (uint32_t) (crop->corners[i].Y2); -+ x1 = _TIFFClampDoubleToUInt32(crop->corners[i].X1); -+ x2 = _TIFFClampDoubleToUInt32(crop->corners[i].X2); -+ y1 = _TIFFClampDoubleToUInt32(crop->corners[i].Y1); -+ y2 = _TIFFClampDoubleToUInt32(crop->corners[i].Y2); - } - /* a) Region needs to be within image sizes 0.. width-1; 0..length-1 - * b) Corners are expected to be submitted as top-left to bottom-right. -@@ -5357,17 +5357,17 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image, - { - if (crop->res_unit != RESUNIT_INCH && crop->res_unit != RESUNIT_CENTIMETER) - { /* User has specified pixels as reference unit */ -- tmargin = (uint32_t)(crop->margins[0]); -- lmargin = (uint32_t)(crop->margins[1]); -- bmargin = (uint32_t)(crop->margins[2]); -- rmargin = (uint32_t)(crop->margins[3]); -+ tmargin = _TIFFClampDoubleToUInt32(crop->margins[0]); -+ lmargin = _TIFFClampDoubleToUInt32(crop->margins[1]); -+ bmargin = _TIFFClampDoubleToUInt32(crop->margins[2]); -+ rmargin = _TIFFClampDoubleToUInt32(crop->margins[3]); - } - else - { /* inches or centimeters specified */ -- tmargin = (uint32_t)(crop->margins[0] * scale * yres); -- lmargin = (uint32_t)(crop->margins[1] * scale * xres); -- bmargin = (uint32_t)(crop->margins[2] * scale * yres); -- rmargin = (uint32_t)(crop->margins[3] * scale * xres); -+ tmargin = _TIFFClampDoubleToUInt32(crop->margins[0] * scale * yres); -+ lmargin = _TIFFClampDoubleToUInt32(crop->margins[1] * scale * xres); -+ bmargin = _TIFFClampDoubleToUInt32(crop->margins[2] * scale * yres); -+ rmargin = _TIFFClampDoubleToUInt32(crop->margins[3] * scale * xres); - } - - if ((lmargin + rmargin) > image->width) -@@ -5397,24 +5397,24 @@ computeInputPixelOffsets(struct crop_mask *crop, struct image_data *image, - if (crop->res_unit != RESUNIT_INCH && crop->res_unit != RESUNIT_CENTIMETER) - { - if (crop->crop_mode & CROP_WIDTH) -- width = (uint32_t)crop->width; -+ width = _TIFFClampDoubleToUInt32(crop->width); - else - width = image->width - lmargin - rmargin; - - if (crop->crop_mode & CROP_LENGTH) -- length = (uint32_t)crop->length; -+ length = _TIFFClampDoubleToUInt32(crop->length); - else - length = image->length - tmargin - bmargin; - } - else - { - if (crop->crop_mode & CROP_WIDTH) -- width = (uint32_t)(crop->width * scale * image->xres); -+ width = _TIFFClampDoubleToUInt32(crop->width * scale * image->xres); - else - width = image->width - lmargin - rmargin; - - if (crop->crop_mode & CROP_LENGTH) -- length = (uint32_t)(crop->length * scale * image->yres); -+ length = _TIFFClampDoubleToUInt32(crop->length * scale * image->yres); - else - length = image->length - tmargin - bmargin; - } -@@ -5868,13 +5868,13 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image, - { - if (page->res_unit == RESUNIT_INCH || page->res_unit == RESUNIT_CENTIMETER) - { /* inches or centimeters specified */ -- hmargin = (uint32_t)(page->hmargin * scale * page->hres * ((image->bps + 7) / 8)); -- vmargin = (uint32_t)(page->vmargin * scale * page->vres * ((image->bps + 7) / 8)); -+ hmargin = _TIFFClampDoubleToUInt32(page->hmargin * scale * page->hres * ((image->bps + 7) / 8)); -+ vmargin = _TIFFClampDoubleToUInt32(page->vmargin * scale * page->vres * ((image->bps + 7) / 8)); - } - else - { /* Otherwise user has specified pixels as reference unit */ -- hmargin = (uint32_t)(page->hmargin * scale * ((image->bps + 7) / 8)); -- vmargin = (uint32_t)(page->vmargin * scale * ((image->bps + 7) / 8)); -+ hmargin = _TIFFClampDoubleToUInt32(page->hmargin * scale * ((image->bps + 7) / 8)); -+ vmargin = _TIFFClampDoubleToUInt32(page->vmargin * scale * ((image->bps + 7) / 8)); - } - - if ((hmargin * 2.0) > (pwidth * page->hres)) -@@ -5912,13 +5912,13 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image, - { - if (page->mode & PAGE_MODE_PAPERSIZE ) - { -- owidth = (uint32_t)((pwidth * page->hres) - (hmargin * 2)); -- olength = (uint32_t)((plength * page->vres) - (vmargin * 2)); -+ owidth = _TIFFClampDoubleToUInt32((pwidth * page->hres) - (hmargin * 2)); -+ olength = _TIFFClampDoubleToUInt32((plength * page->vres) - (vmargin * 2)); - } - else - { -- owidth = (uint32_t)(iwidth - (hmargin * 2 * page->hres)); -- olength = (uint32_t)(ilength - (vmargin * 2 * page->vres)); -+ owidth = _TIFFClampDoubleToUInt32(iwidth - (hmargin * 2 * page->hres)); -+ olength = _TIFFClampDoubleToUInt32(ilength - (vmargin * 2 * page->vres)); - } - } - -@@ -5927,6 +5927,12 @@ computeOutputPixelOffsets (struct crop_mask *crop, struct image_data *image, - if (olength > ilength) - olength = ilength; - -+ if (owidth == 0 || olength == 0) -+ { -+ TIFFError("computeOutputPixelOffsets", "Integer overflow when calculating the number of pages"); -+ exit(EXIT_FAILURE); -+ } -+ - /* Compute the number of pages required for Portrait or Landscape */ - switch (page->orient) - { --- -GitLab - diff --git a/source/l/libtiff/patches/CVE-2022-34526.patch b/source/l/libtiff/patches/CVE-2022-34526.patch deleted file mode 100644 index cb3a4d3c7..000000000 --- a/source/l/libtiff/patches/CVE-2022-34526.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 275735d0354e39c0ac1dc3c0db2120d6f31d1990 Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Mon, 27 Jun 2022 16:09:43 +0200 -Subject: [PATCH] _TIFFCheckFieldIsValidForCodec(): return FALSE when passed a - codec-specific tag and the codec is not configured (fixes #433) - -This avoids crashes when querying such tags ---- - libtiff/tif_dirinfo.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/libtiff/tif_dirinfo.c b/libtiff/tif_dirinfo.c -index c30f569b..3371cb5c 100644 ---- a/libtiff/tif_dirinfo.c -+++ b/libtiff/tif_dirinfo.c -@@ -1191,6 +1191,9 @@ _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag) - default: - return 1; - } -+ if( !TIFFIsCODECConfigured(tif->tif_dir.td_compression) ) { -+ return 0; -+ } - /* Check if codec specific tags are allowed for the current - * compression scheme (codec) */ - switch (tif->tif_dir.td_compression) { --- -GitLab - diff --git a/source/l/libtiff/patches/CVE-2022-3970.patch b/source/l/libtiff/patches/CVE-2022-3970.patch deleted file mode 100644 index e58a2624c..000000000 --- a/source/l/libtiff/patches/CVE-2022-3970.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 227500897dfb07fb7d27f7aa570050e62617e3be Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Tue, 8 Nov 2022 15:16:58 +0100 -Subject: [PATCH] TIFFReadRGBATileExt(): fix (unsigned) integer overflow on - strips/tiles > 2 GB - -Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 ---- - libtiff/tif_getimage.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c -index a4d0c1d6..60b94d8e 100644 ---- a/libtiff/tif_getimage.c -+++ b/libtiff/tif_getimage.c -@@ -3016,15 +3016,15 @@ TIFFReadRGBATileExt(TIFF* tif, uint32_t col, uint32_t row, uint32_t * raster, in - return( ok ); - - for( i_row = 0; i_row < read_ysize; i_row++ ) { -- memmove( raster + (tile_ysize - i_row - 1) * tile_xsize, -- raster + (read_ysize - i_row - 1) * read_xsize, -+ memmove( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize, -+ raster + (size_t)(read_ysize - i_row - 1) * read_xsize, - read_xsize * sizeof(uint32_t) ); -- _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize+read_xsize, -+ _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize+read_xsize, - 0, sizeof(uint32_t) * (tile_xsize - read_xsize) ); - } - - for( i_row = read_ysize; i_row < tile_ysize; i_row++ ) { -- _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize, -+ _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize, - 0, sizeof(uint32_t) * tile_xsize ); - } - --- -GitLab - diff --git a/source/l/libwebp/libwebp.SlackBuild b/source/l/libwebp/libwebp.SlackBuild index 0cde53d37..043553ac5 100755 --- a/source/l/libwebp/libwebp.SlackBuild +++ b/source/l/libwebp/libwebp.SlackBuild @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=libwebp VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/netpbm/netpbm.SlackBuild b/source/l/netpbm/netpbm.SlackBuild index 7004a028a..d069acb0e 100755 --- a/source/l/netpbm/netpbm.SlackBuild +++ b/source/l/netpbm/netpbm.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=netpbm VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/opencv/opencv.SlackBuild b/source/l/opencv/opencv.SlackBuild index 01b969bba..179c7bfc4 100755 --- a/source/l/opencv/opencv.SlackBuild +++ b/source/l/opencv/opencv.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=opencv VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/poppler/poppler.SlackBuild b/source/l/poppler/poppler.SlackBuild index 3778b048e..11cd7abf9 100755 --- a/source/l/poppler/poppler.SlackBuild +++ b/source/l/poppler/poppler.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=poppler VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} QT6OPT=${QT6OPT:--DENABLE_QT6=OFF} # Automatically determine the architecture we're building on: diff --git a/source/l/python-pillow/python-pillow.SlackBuild b/source/l/python-pillow/python-pillow.SlackBuild index 33031c7f7..983e27bb8 100755 --- a/source/l/python-pillow/python-pillow.SlackBuild +++ b/source/l/python-pillow/python-pillow.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=python-pillow VERSION=${VERSION:-$(echo Pillow-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/l/sdl/sdl.SlackBuild b/source/l/sdl/sdl.SlackBuild index 6b1cfb4cf..cbbedaf3e 100755 --- a/source/l/sdl/sdl.SlackBuild +++ b/source/l/sdl/sdl.SlackBuild @@ -30,7 +30,7 @@ NET=${NET:-$(echo SDL_net-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev SOUND=${SOUND:-$(echo SDL_sound-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} TTF=${TTF:-$(echo SDL_ttf-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-14} +BUILD=${BUILD:-15} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then |