projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7d2337a) | patch
tiff: version bump to address open CVEs 5542/head
authorSebastian Kemper <sebastian_ml@gmx.net>
Tue, 30 Jan 2018 14:32:47 +0000 (15:32 +0100)
committerSebastian Kemper <sebastian_ml@gmx.net>
Tue, 30 Jan 2018 14:32:49 +0000 (15:32 +0100)
commitbdfe75a5cd3e71654a860e6513b3a5d34ca223df
tree3a93d11f768eb2162aeca00626fc0406a4812c5etree | snapshot
parent7d2337a17f4a1b765a49d1f0d930b889d5a8a414commit | diff
tiff: version bump to address open CVEs

- Bumps version to 4.0.9. Otherwise about two dozen packages would need
  to be backported. There were no ABI/API changes between 4.0.3 and
  4.0.9, so this is OK.
- Adds a patch from Jow that addresses a macro issue (already in
  master/lede-17.01)
- Adds patches copied from Debian for CVE-2017-18013 and CVE-2017-9935
  on top.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
13 files changed:
libs/tiff/Makefile diff | blob | history
libs/tiff/patches/001-autoconf-compat.patch diff | blob | history
libs/tiff/patches/005-fix-ftell-macro.patch [new file with mode: 0644] blob
libs/tiff/patches/010-CVE-2012-4564.patch [deleted file] blob | history
libs/tiff/patches/011-CVE-2013-1960.patch [deleted file] blob | history
libs/tiff/patches/012-CVE-2013-1961.patch [deleted file] blob | history
libs/tiff/patches/013-CVE-2013-4231.patch [deleted file] blob | history
libs/tiff/patches/014-CVE-2013-4232.patch [deleted file] blob | history
libs/tiff/patches/015-CVE-2013-4244.patch [deleted file] blob | history
libs/tiff/patches/016-CVE-2013-4243.patch [deleted file] blob | history
libs/tiff/patches/017-CVE-2014-9330.patch [deleted file] blob | history
libs/tiff/patches/019-CVE-2017-18013.patch [new file with mode: 0644] blob
libs/tiff/patches/020-CVE-2017-9935.patch [new file with mode: 0644] blob
Mirror of packages feed