[libtiff] Add upstream patches for CVE-2013-4231 CVE-2013-4232

Petr Hracek phracek at fedoraproject.org
Wed Aug 14 08:33:59 UTC 2013 

commit 9db3acd0d071ea81f4a72ed6955d62f469246fb6
Author: Petr Hracek <phracek at redhat.com>
Date:   Wed Aug 14 10:33:30 2013 +0200

    Add upstream patches for CVE-2013-4231 CVE-2013-4232

 libtiff-CVE-2013-4231.patch |   15 +++++++++++++++
 libtiff-CVE-2013-4232.patch |   12 ++++++++++++
 libtiff.spec                |   10 +++++++++-
 3 files changed, 36 insertions(+), 1 deletions(-)
---
diff --git a/libtiff-CVE-2013-4231.patch b/libtiff-CVE-2013-4231.patch
new file mode 100644
index 0000000..8ae1e12
--- /dev/null
+++ b/libtiff-CVE-2013-4231.patch
@@ -0,0 +1,15 @@
+diff --git a/tools/gif2tiff.c b/tools/gif2tiff.c
+index 17f7a19..375b152 100644
+--- a/tools/gif2tiff.c
++++ b/tools/gif2tiff.c
+@@ -333,6 +333,10 @@ readraster(void)
+     int status = 1;
+ 
+     datasize = getc(infile);
++
++    if (datasize > 12)
++        return 0;
++
+     clear = 1 << datasize;
+     eoi = clear + 1;
+     avail = clear + 2;
diff --git a/libtiff-CVE-2013-4232.patch b/libtiff-CVE-2013-4232.patch
new file mode 100644
index 0000000..cec322f
--- /dev/null
+++ b/libtiff-CVE-2013-4232.patch
@@ -0,0 +1,12 @@
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index 92a1a3d..312a946 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -2462,6 +2462,7 @@ tsize_t t2p_readwrite_pdf_image(T2P* t2p, TIFF* input, TIFF* output){
+ 					TIFFFileName(input));
+ 				t2p->t2p_error = T2P_ERR_ERROR;
+ 			  _TIFFfree(buffer);
++			  return(0);
+ 			} else {
+ 				buffer=samplebuffer;
+ 				t2p->tiff_datasize *= t2p->tiff_samplesperpixel;
diff --git a/libtiff.spec b/libtiff.spec
index 5693f4e..8609bce 100644
--- a/libtiff.spec
+++ b/libtiff.spec
@@ -1,7 +1,7 @@
 Summary: Library of functions for manipulating TIFF format image files
 Name: libtiff
 Version: 4.0.3
-Release: 8%{?dist}
+Release: 9%{?dist}
 
 License: libtiff
 Group: System Environment/Libraries
@@ -17,6 +17,8 @@ Patch4: libtiff-jpeg-test.patch
 Patch5: libtiff-CVE-2013-1960.patch
 Patch6: libtiff-CVE-2013-1961.patch
 Patch7: libtiff-manpage-update.patch
+Patch8: libtiff-CVE-2013-4231.patch
+Patch9: libtiff-CVE-2013-4232.patch
 
 BuildRequires: zlib-devel libjpeg-devel jbigkit-devel
 BuildRequires: libtool automake autoconf pkgconfig
@@ -75,6 +77,8 @@ image files using the libtiff library.
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
+%patch9 -p1
 
 # Use build system's libtool.m4, not the one in the package.
 rm -f libtool.m4
@@ -178,6 +182,10 @@ find html -name 'Makefile*' | xargs rm
 %{_mandir}/man1/*
 
 %changelog
+* Wed Aug 14 2013 Petr Hracek <phracek at redhat.com> 4.0.3-9
+- Add upstream patches for CVE-2013-4231 CVE-2013-4232
+Resolves: #995965 #995975
+
 * Mon Aug 12 2013 Petr Hracek <phracek at redhat.com> - 4.0.3-8
 - Manpage fixing (#510240, #510258)

More information about the scm-commits mailing list