summaryrefslogtreecommitdiffstats
path: root/package/tiff
Commit message (Collapse)AuthorAgeFilesLines
* tiff: add upstream security fix for CVE-2017-10688Peter Korsgaard2017-07-141-0/+70
| | | | | | | | | Fixes CVE-2017-10688 - n LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: bump version to 4.0.8Vicente Olivert Riera2017-05-2215-763/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch 0001 already included in this release: https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1 Patch 0002 already included in this release: https://github.com/vadz/libtiff/commit/43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec Patch 0003 already included in this release: https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86 Patch 0004 already included in this release: https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018 Patch 0005 already included in this release: https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7 Patch 0006 already included in this release: https://github.com/vadz/libtiff/commit/48780b4fcc425cddc4ef8ffdf536f96a0d1b313b Patch 0007 already included in this release: https://github.com/vadz/libtiff/commit/d60332057b9575ada4f264489582b13e30137be1 Patch 0008 already included in this release: https://github.com/vadz/libtiff/commit/2ea32f7372b65c24b2816f11c04bf59b5090d05b Patch 0009 already included in this release: https://github.com/vadz/libtiff/commit/8283e4d1b7e53340684d12932880cbcbaf23a8c1 Patch 0010 already included in this release: https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122 Patch 0011 already included in this release: https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8 Patch 0012 already included in this release: https://github.com/vadz/libtiff/commit/0a76a8c765c7b8327c59646284fa78c3c27e5490 Patch 0013 already included in this release: https://github.com/vadz/libtiff/commit/66e7bd59520996740e4df5495a830b42fae48bc4 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/t*/Config.in: fix ordering of statementsAdam Duskett2017-05-021-3/+3
| | | | | | | | | | | | | The check-package script when ran gives warnings on ordering issues on all of these Config files. This patch cleans up all warnings related to the ordering in the Config files for packages starting with the letter t in the package directory. The appropriate ordering is: type, default, depends on, select, help See http://nightly.buildroot.org/#_config_files for more information. Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: add upstream security fixesPeter Korsgaard2017-04-2713-0/+761
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add upstream post-4.0.7 commits (except for ChangeLog modifications) fixing the following security issues: CVE-2016-10266 - LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. CVE-2016-10267 - LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. CVE-2016-10269 - LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2. CVE-2016-10270 - LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22. CVE-2017-5225 - LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. CVE-2017-7592 - The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. CVE-2017-7593 - tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. CVE-2017-7594 - The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image. CVE-2017-7595 - The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. CVE-2017-7598 - tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. CVE-2017-7601 - LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. CVE-2017-7602 - LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package: remove trailing backslashRicardo Martincoski2017-04-061-1/+1
| | | | | | | | | | | Occurrences were searched using [1]: check-package --include-only TrailingBackslash $(find * -type f) and manually removed. [1] http://patchwork.ozlabs.org/patch/729669/ Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: bump version to 4.0.7 (security)Vicente Olivert Riera2016-11-212-2/+2
| | | | | | | | | | | | | | | | | | | | Fixed CVEs: - CVE-2016-3622 - CVE-2016-3623 - CVE-2016-5321 - CVE-2016-5323 - CVE-2016-5652 - CVE-2016-5875 - CVE-2014-8127 - CVE-2015-8665 - CVE-2015-8683 - CVE-2016-9273 - CVE-2016-9448 Release notes: http://www.simplesystems.org/libtiff/v4.0.7.html Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: fix website URLVicente Olivert Riera2016-11-181-1/+1
| | | | | Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/tiff: use 'menuconfig' instead of 'config'+'menu'Yann E. MORIN2016-07-041-3/+1
| | | | | | Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: update homepage linkBaruch Siach2016-05-051-1/+1
| | | | | | | | | The current linked website is not up to date, since the libtiff.org domain was apparently hijacked years ago. See http://www.asmail.be/msg0055472296.html. Correct this. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* tiff: add host variantGustavo Zacarias2016-04-151-0/+9
| | | | | | | | Add host variant to be used by host-gdk-pixbuf to update the loaders cache. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/tiff: add optional support for xzBernd Kuhls2016-02-162-0/+10
| | | | | | | | | | | | | | When xz was compiled before, tiff will use it as optional dependency: $ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/libtiff.so.5.2.4 | grep NEEDED 0x00000001 (NEEDED) Shared library: [liblzma.so.5] 0x00000001 (NEEDED) Shared library: [libjpeg.so.9] 0x00000001 (NEEDED) Shared library: [libz.so.1] 0x00000001 (NEEDED) Shared library: [libm.so.1] 0x00000001 (NEEDED) Shared library: [libc.so.1] Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: bump to version 4.0.6Gustavo Zacarias2015-10-022-2/+2
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: bump to version 4.0.5Gustavo Zacarias2015-09-042-2/+2
| | | | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* tiff: security bump to version 4.0.4Gustavo Zacarias2015-06-222-2/+2
| | | | | | | | | Fixes: CVE-2014-8128 - Check memory allocations for failure. Also check multiplication overflow. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* tiff: add hashBaruch Siach2015-05-221-0/+2
| | | | | Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/tiff: Rework tiff utilities handlingBernd Kuhls2015-04-252-42/+8
| | | | | | | | | | | | | | | | Remove all utility-specific options in favour of a generic option which select either all or no packages. If users want something more fine-grained than that, they can always remove the unnecessary tools in a post-build script. Since tiff has no configure option or Makefile target to prevent the build/install of its utilities specific Makefile targets are called to build the libtiff and, optionally, the utilities. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> [Arnout: more compact implementation, slightly extend help text] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* packages: indentation cleanupJerzy Grzegorek2015-03-311-16/+16
| | | | | | | This commit doesn't touch infra packages. Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* packages: rename FOO_CONF_OPT into FOO_CONF_OPTSThomas De Schampheleire2014-10-041-13/+13
| | | | | | | | | | | | To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS, make the same change for FOO_CONF_OPT. Sed command used: find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g' Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: fix prefer-static build by using default installDanomi Manchego2014-09-281-11/+31
| | | | | | | | Replace hand-coded .so install with default install, plus tiff bins fixup to remove unwanted tools. Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Config.in files: use if/endif instead of 'depends on' for main symbolThomas De Schampheleire2013-12-251-4/+2
| | | | | | | | | | | | | | | | | | | | | | | In the Config.in file of package foo, it often happens that there are other symbols besides BR2_PACKAGE_FOO. Typically, these symbols only make sense when foo itself is enabled. There are two ways to express this: with depends on BR2_PACKAGE_FOO in each extra symbol, or with if BR2_PACKAGE_FOO ... endif around the entire set of extra symbols. The if/endif approach avoids the repetition of 'depends on' statements on multiple symbols, so this is clearly preferred. But even when there is only one extra symbol, if/endif is a more logical choice: - it is future-proof for when extra symbols are added - it allows to have just one strategy instead of two (less confusion) This patch modifies the Config.in files accordingly. Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* Normalize separator size to 80Alexandre Belloni2013-06-061-2/+2
| | | | | Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* tiff: add license infoDanomi Manchego2013-06-041-0/+2
| | | | | Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* packages: switch to host-pkgconfGustavo Zacarias2012-10-291-1/+1
| | | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* tiff: security bump to version 4.0.3Gustavo Zacarias2012-09-251-3/+3
| | | | | | | Fixes CVE-2012-3401 and CVE-2012-3386. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* all packages: rename XXXTARGETS to xxx-packageArnout Vandecappelle (Essensium/Mind)2012-07-171-1/+1
| | | | | | | | | | | | | Also remove the redundant $(call ...). This is a purely mechanical change, performed with find package linux toolchain boot -name \*.mk | \ xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \ -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \ -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/' Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tiff: bump to 4.0.1Yegor Yefremov2012-03-111-4/+3
| | | | | Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* tiff: add utility commands and library optionsFrank Hunleth2012-01-122-3/+134
| | | | | | | | | | | Added support for compiling tiffcp and tiff2pdf. Added options for compiling out various libtiff features. By default, all libtiff features are built so that the result is the same as before this change. Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* package: remove useless arguments from AUTOTARGETSThomas Petazzoni2011-09-291-1/+1
| | | | | | | | | | Thanks to the pkgparentdir and pkgname functions, we can rewrite the AUTOTARGETS macro in a way that avoids the need for each package to repeat its name and the directory in which it is present. [Peter: pkgdir->pkgparentdir] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* packages: remove --{enable,disable}-{shared,static} from autotools packagesThomas Petazzoni2011-06-121-2/+0
| | | | | | | | Now that those values are passed at the autotools infrastructure level, there's no need for every package to pass inconsistent values. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* package: apply libtool patch where possiblePeter Korsgaard2011-02-171-1/+0
| | | | | | | | | | Now that we have libtool-2.2.x patch support, we can get rid of a bunch of _LIBTOOL_PATH = NO, fixing (potential) cross link issues. Notice: php not changed, as it uses a very old 1.5 version for the embedded sqlite, where our buildroot-libtool-v1.5.patch doesn't apply. Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* tiff: bump to 3.9.4Chih-Min Chao2010-09-261-1/+1
| | | | | Signed-off-by: Chih-Min Chao <cmchao@gmail.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* tiff: use correct construct to override target installationThomas Petazzoni2010-09-121-6/+4
| | | | | | We also remove the stripping, as it is already done globally. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* host-pkgconfig is now host-pkg-configThomas Petazzoni2009-12-151-1/+1
| | | | Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package: Remove unnecessary dependencies on uclibc.Will Newton2009-09-031-1/+1
| | | | | | | | A C library will have been built by the toolchain makefiles, so there is no need for packages to explicitly depend on uclibc. Signed-off-by: Will Newton <will.newton@gmail.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* pkgconfig: add pkgconfig package for targetPeter Korsgaard2009-03-181-1/+1
| | | | | | | | | | | | | The host versions shouldn't be visible in Kconfig, so remove the reference to BR2_PACKAGE_PKGCONFIG everywhere and prefix the host targets with host-. At the same time add pkgconfig for the target (E.G. for development) and let BR2_PACKAGE_PKGCONFIG control that package. Notice: all defconfigs in the tree have been updated, but make sure to disable the pkgconfig package (unless you want it) if you use an external config, otherwise you'll end up with pkgconfig and glib2 in the target.
* Over-ride the target-install target rather than installing as a post-buildHamish Moffatt2008-12-081-2/+2
| | | | | hook. Otherwise the wrong stamps are used and the library won't be reinstalled if you clean out $(TARGET_DIR).
* package/tiff/tiff.mk: Change to Autotools.in formatDaniel Laird2008-11-111-81/+19
| | | | | | | | | Bounce tiff into Autotools.in format. Did not use install to target as this puts loads of executables into TARGET. So just copied tiff.so instead. Signed-off-by: Daniel Laird <daniel.j.laird@nxp.com>
* Kconfig: remove 'default n'Peter Korsgaard2008-07-171-1/+0
| | | | 'default n' is the default, so there's no need to say it explicitly.
* tiff: zlib and jpeg are needed at configure timePeter Korsgaard2008-07-171-2/+3
|
* tiff: cleanup and fix -clean targetPeter Korsgaard2008-07-171-6/+8
|
* fixes for tiff makefileJohn Voltz2008-03-061-8/+8
|
* Added BR2_DEBIAN_MIRRORThomas Lundquist2007-12-271-1/+1
|
* - just use the strip binary to avoid confusing libtool (quotes)Bernhard Reutner-Fischer2007-10-011-1/+1
| | | | - use $(STRIPCMD) in packages to avoid clashes with $(STRIP)
* - sed -i -e "/;$/s/;$//g" $(egrep ";$" package/* package/*/*.mk toolchain/* ↵Bernhard Reutner-Fischer2007-08-211-1/+1
| | | | toolchain/*/*.mk */Makefile.in -l)
* Remove switches if sstrip is runUlf Samuelsson2007-08-211-1/+1
|
* Use STAGING_DIR/usr/lib instead of STAGING_DIR/libUlf Samuelsson2007-08-111-3/+3
|
* fixup compileEric Andersen2007-08-101-0/+2
|
* - download times out; use debian insteadBernhard Reutner-Fischer2007-08-051-2/+2
|
* Update config for tiff packageUlf Samuelsson2007-07-231-0/+1
|
* Use <package>_VERSION in all <package>.mk instead of <package>_VERUlf Samuelsson2007-07-111-8/+8
|
OpenPOWER on IntegriCloud