This bumps libtiff's minor version from 9 to 10. In addition to the CVE
fixes that we already included this fixes:
CVE-2017-17095
CVE-2018-17101
CVE-2018-18557
The update is 100% backwards compatible, no symbol changes.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Backport Rosen's commit in master to 17.01 to address open CVEs. This
fixes:
CVE-2017-11613
CVE-2018-5784
CVE-2018-7456
CVE-2018-8905
CVE-2018-10963
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
- Version bump to 4.0.9, as otherwise ca. a dozen patches would need
to be added to fix the open CVEs. There have been no API/ABI
changes between 4.0.6 and 4.0.9, so this is OK.
- Adds patches copied from Debian for CVE-2017-18013 and CVE-2017-9935
on top.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The libtiff library declares an `ftell()` compat macro redirecting calls
to `ftello()` if such an implementation exists. The compat macro however
is declared with a wrong number of arguments, leading to the following
error on our buildbots:
In file included from .../usr/include/uClibc++/iostream:29:0,
from tif_stream.cxx:31:
.../usr/include/uClibc++/fstream:422:22: error: macro "ftell" requires 3 arguments, but only 1 given
retval = ftell(fp);
Add a patch to fix the macro definition in order to fix compilation of
the tiff package.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Sebastian Kemper