debian/0000755000000000000000000000000012256047746007203 5ustar debian/libtiff-doc.install0000644000000000000000000000005212256047746012752 0ustar debian/tmp/usr/share/doc/libtiff-doc/html debian/libtiffxx5.shlibs0000644000000000000000000000004512256047746012474 0ustar libtiffxx 5 libtiffxx5 (>> 4.0.0-1~) debian/copyright0000644000000000000000000000357212256047746011145 0ustar libtiff was originally debianized by Guy Maor and later maintained by Josip Rodin . Jay Berkenbilt repackaged it in conjunction with the 3.7.0 release and is now the primary maintainer. Original source can be found at: http://www.remotesensing.org/libtiff/ Copyright (C) 1988-1997 Sam Leffler Copyright (C) 1991-1997 Silicon Graphics, Inc. Portions Copyright (C) 1985-1987, 1990 Regents of the University of California Portions Copyright (C) 1990, 1991 Digital Equipment Corporation Portions Copyright (C) 1990 Sun Microsystems, Inc. Portions Copyright (C) 1990, 1995 Frank D. Cringle Portions Copyright (C) 1996 BancTec AB Portions Copyright (C) 1996 Mike Johnson Portions Copyright (C) 1996 Pixar Portions Copyright (C) 1997 Greg Ward Larson Portions Copyright (C) 2000 Frank Warmerdam Permission to use, copy, modify, distribute, and sell this software and its documentation for any purpose is hereby granted without fee, provided that (i) the above copyright notices and this permission notice appear in all copies of the software and related documentation, and (ii) the names of Sam Leffler and Silicon Graphics may not be used in any advertising or publicity relating to the software without the specific, prior written permission of Sam Leffler and Silicon Graphics. THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL SAM LEFFLER OR SILICON GRAPHICS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. debian/libtiff5-alt-dev.lintian-overrides0000644000000000000000000000027412256047746015624 0ustar # # The synopsis line starts with a capital letter because of the TIFF # acronym, not because it contains a sentence. # libtiff5-alt-dev: description-synopsis-starts-with-a-capital-letter debian/libtiff5-dev.lintian-overrides0000644000000000000000000000027012256047746015042 0ustar # # The synopsis line starts with a capital letter because of the TIFF # acronym, not because it contains a sentence. # libtiff5-dev: description-synopsis-starts-with-a-capital-letter debian/changelog0000644000000000000000000007734012256047746011070 0ustar tiff (4.0.3-7) unstable; urgency=medium * Use dh-autoreconf to support new architectures in Ubuntu. -- Jay Berkenbilt Mon, 23 Dec 2013 09:58:47 -0500 tiff (4.0.3-6) unstable; urgency=low * Update standards to 3.9.5. No changes required. * libtiff4 -> libtiff5 transition. libtiff5-dev now provides libtiff-dev. libtiff5-alt-dev and libtiff4-dev are transitional packages that depend on libtiff5-dev. They will both be removed before jessie. -- Jay Berkenbilt Wed, 04 Dec 2013 14:36:36 -0500 tiff (4.0.3-5) unstable; urgency=low * Replace shlibs file with symbols file * Update standards to 3.9.4 -- Jay Berkenbilt Sun, 15 Sep 2013 08:31:41 -0400 tiff (4.0.3-4) unstable; urgency=low * Complete Multi-Arch conversion for dev packages. (Closes: #689085) -- Jay Berkenbilt Sat, 24 Aug 2013 11:50:20 -0400 tiff (4.0.3-3) unstable; urgency=high * Incorporated fixes to security issues CVE-2013-4244. -- Jay Berkenbilt Sat, 24 Aug 2013 11:20:00 -0400 tiff (4.0.3-2) unstable; urgency=high * Incorporated fixes to security issues CVE-2013-4231, CVE-2013-4232. (Closes: #719303) -- Jay Berkenbilt Thu, 22 Aug 2013 11:52:58 -0400 tiff (4.0.3-1) unstable; urgency=low * Acknowledge/incorporate NMU. Thanks! * New upstream version. Patches incorporated: CVE-2012-3401.patch CVE-2012-4447.patch * Add build dependency on autotools-dev to help porters. -- Jay Berkenbilt Sun, 23 Jun 2013 10:39:04 -0400 tiff (4.0.2-6+nmu1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix cve-2013-1960: heap-based buffer overlow in tiff2pdf (closes: #706675). * Fix cve-2013-1961: stack-based buffer overflow in tiff2pdf (closes: #706674). -- Michael Gilbert Mon, 17 Jun 2013 01:27:17 +0000 tiff (4.0.2-6) unstable; urgency=high * Fix /usr/share/doc symlink to directory transition. When upgrading from very old versions (pre 3.8.2-8), /usr/share/doc may contain symbolic links that should be removed. (Closes: #687645) -- Jay Berkenbilt Sat, 26 Jan 2013 12:28:19 -0500 tiff (4.0.2-5) unstable; urgency=high * Add fix for CVE-2012-4564, a heap-buffer overflow. Thanks Adrian La Duca for doing all the work to prepare this upload. (Closes: #692345) -- Jay Berkenbilt Sat, 17 Nov 2012 12:40:25 -0500 tiff (4.0.2-4) unstable; urgency=high * Previous change was uploaded with the wrong CVE number. I updated the last changelog entry. The correct CVE number is CVE-2012-4447. -- Jay Berkenbilt Fri, 05 Oct 2012 17:33:44 -0400 tiff (4.0.2-3) unstable; urgency=high * Add fix for CVE-2012-4447, a buffer overrun. (Closes: #688944) -- Jay Berkenbilt Fri, 05 Oct 2012 17:04:38 -0400 tiff (4.0.2-2) unstable; urgency=high * SECURITY UPDATE: possible arbitrary code execution via heap overflow in tiff2pdf. (Closes: #682115) - debian/patches/CVE-2012-3401.patch: properly set t2p->t2p_error in tools/tiff2pdf.c. - CVE-2012-3401 Changes prepared by Marc Deslauriers for Ubuntu. Thanks! -- Jay Berkenbilt Sat, 21 Jul 2012 21:27:34 -0400 tiff (4.0.2-1) unstable; urgency=low * New upstream release -- Jay Berkenbilt Sun, 24 Jun 2012 13:45:42 -0400 tiff (4.0.1-8) unstable; urgency=low * Call glFlush() in tiffgt to fix display problems. From https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/797166. -- Jay Berkenbilt Sat, 16 Jun 2012 21:20:04 -0400 tiff (4.0.1-7) unstable; urgency=low * Add new temporary package libtiff5-alt-dev, which provides libtiff5 development files in a location that doesn't conflict with libtiff4-dev. See README.Debian for details. -- Jay Berkenbilt Thu, 24 May 2012 15:24:36 -0400 tiff (4.0.1-6) unstable; urgency=low * Include pkg-config files -- Jay Berkenbilt Sun, 13 May 2012 12:53:38 -0400 tiff (4.0.1-5) unstable; urgency=low * Fix shlibs again. -- Jay Berkenbilt Sun, 22 Apr 2012 11:41:44 -0400 tiff (4.0.1-4) unstable; urgency=low * Use >= instead of > in shlibs file. -- Jay Berkenbilt Sun, 22 Apr 2012 10:57:02 -0400 tiff (4.0.1-3) unstable; urgency=low * Support JBIG now that patents have expired. (Closes: #667835) * Support LZMA. -- Jay Berkenbilt Sat, 14 Apr 2012 19:03:04 -0400 tiff (4.0.1-2) unstable; urgency=high * Incorporated fix to CVE-2012-1173, a problem in the parsing of the TileSize entry, which could result in the execution of arbitrary code if a malformed image is opened. * Updated standards to 3.9.3 -- Jay Berkenbilt Fri, 06 Apr 2012 10:10:48 -0400 tiff (4.0.1-1) unstable; urgency=low * New upstream release * Point watch file to new download location -- Jay Berkenbilt Mon, 20 Feb 2012 09:43:54 -0500 tiff (4.0.0-2) experimental; urgency=low * Rename libtiff-dev -> libtiff5-dev to avoid premature transition for packages that explicitly depend on libtiff-dev. At some future time, libtiff5-dev will provide or be renamed back to libtiff-dev. -- Jay Berkenbilt Sat, 04 Feb 2012 09:41:19 -0500 tiff (4.0.0-1) experimental; urgency=low * New upstream release * Enable versioned symbols -- Jay Berkenbilt Sat, 28 Jan 2012 10:56:23 -0500 tiff (4.0.0~beta7-2) experimental; urgency=low * Incorporated changes from 3.9.5-2: security hardening and multiarch -- Jay Berkenbilt Sat, 17 Sep 2011 10:28:53 -0400 tiff (4.0.0~beta7-1) experimental; urgency=low * New upstream release including many security fixes and other improvements * Updated changelog with changes from 3.x series. * Updated standards version to 3.9.2. No changes required. -- Jay Berkenbilt Sat, 16 Apr 2011 13:45:33 -0400 tiff (4.0.0~beta6-3) experimental; urgency=low * Incorporated fix to CVE-2010-2483, "fix crash on OOB reads in putcontig8bitYCbCr11tile", from 3.9.4-4. -- Jay Berkenbilt Sat, 02 Oct 2010 13:31:41 -0400 tiff (4.0.0~beta6-2) experimental; urgency=low * Incorporate changes from 3.9.4-{2,3} including updating standards version to 3.9.1 along with associated fixes. (CVE-2010-2233 was already fixed in this version.) -- Jay Berkenbilt Sat, 14 Aug 2010 16:36:44 -0400 tiff (4.0.0~beta6-1) experimental; urgency=low * New upstream release -- Jay Berkenbilt Fri, 18 Jun 2010 21:42:57 -0400 tiff (4.0.0~beta5-2) experimental; urgency=low * Depend on libjpeg-dev instead of libjpeg62-dev. * Change source format to '3.0 (quilt)' * Update standards version to 3.8.4. No changes required. -- Jay Berkenbilt Wed, 10 Feb 2010 19:36:43 -0500 tiff (4.0.0~beta5-1) experimental; urgency=low * New upstream release -- Jay Berkenbilt Fri, 06 Nov 2009 22:58:07 -0500 tiff (4.0.0~beta4-1) experimental; urgency=low * New upstream release. All debian patches incorporated among many other fixes and enhancements. -- Jay Berkenbilt Fri, 28 Aug 2009 11:30:09 -0400 tiff (4.0.0~beta3-2) experimental; urgency=low * Fixed previously incorrect patch to lzw problem. -- Jay Berkenbilt Mon, 24 Aug 2009 14:45:10 -0400 tiff (4.0.0~beta3-1) experimental; urgency=low * New upstream release. This version is not binary compatible with the 3.x series, nor is it entirely source compatible, but most applications should port easily. -- Jay Berkenbilt Fri, 21 Aug 2009 13:39:37 -0400 tiff (3.9.5-2) unstable; urgency=low * Implemented mulitarch and and PIE build for security hardening by integrating the changes from the Ubuntu tiff packages. Thanks to Marc Deslauriers and anyone else who did the actual work. -- Jay Berkenbilt Sat, 17 Sep 2011 10:15:39 -0400 tiff (3.9.5-1) unstable; urgency=low * New upstream release. All security patches are fully incorporated into this version, as are many other bug fixes. * Updated standards version to 3.9.2. No changes needed. -- Jay Berkenbilt Sat, 16 Apr 2011 13:15:51 -0400 tiff (3.9.4-9) unstable; urgency=high * CVE-2011-1167: correct potential buffer overflow with thunder encoded files with wrong bitspersample set. (Closes: #619614) -- Jay Berkenbilt Sat, 02 Apr 2011 10:59:38 -0400 tiff (3.9.4-8) unstable; urgency=low * Enable PIE (position independent executable) build for security hardening. Patch from Ubuntu. (Closes: #613759) -- Jay Berkenbilt Sat, 19 Mar 2011 10:22:32 -0400 tiff (3.9.4-7) unstable; urgency=high * Incorporate revised fix to CVE-2011-0192. -- Jay Berkenbilt Sun, 13 Mar 2011 14:33:38 -0400 tiff (3.9.4-6) unstable; urgency=high * Incorporated fix to CVE-2011-0192, "Buffer overflow in Fax4Decode". -- Jay Berkenbilt Sat, 26 Feb 2011 18:44:23 -0500 tiff (3.9.4-5) unstable; urgency=high * Incorporated fix to CVE-2010-3087, a potential denial of service exploitable with a specially crafted TIFF file. (Closes: #600188) -- Jay Berkenbilt Sun, 17 Oct 2010 16:44:08 -0400 tiff (3.9.4-4) unstable; urgency=high * Incorporated fix to CVE-2010-2483, "fix crash on OOB reads in putcontig8bitYCbCr11tile". (Closes: #595064) -- Jay Berkenbilt Sat, 02 Oct 2010 13:17:12 -0400 tiff (3.9.4-3) unstable; urgency=low * Updated control file to remove obsolete Conflicts/Replaces for ancient packages. * Empty dependency_libs in all .la files as part of the .la file. This also resolves the problem of having hard-coded paths in the .la file. (Closes: #509016) * Updated standards version to 3.9.1. -- Jay Berkenbilt Sat, 14 Aug 2010 16:28:49 -0400 tiff (3.9.4-2) unstable; urgency=high * Incorporated patch to fix CVE-2010-2233, which fixes a specific failure of tif_getimage on 64-bit platforms. -- Jay Berkenbilt Fri, 13 Aug 2010 20:16:29 -0400 tiff (3.9.4-1) unstable; urgency=low * New upstream release -- Jay Berkenbilt Fri, 18 Jun 2010 21:28:11 -0400 tiff (3.9.2-3) unstable; urgency=low * Depend on libjpeg-dev instead of libjpeg62-dev. (Closes: #569242) * Change source format to '3.0 (quilt)' * Update standards version to 3.8.4. No changes required. -- Jay Berkenbilt Wed, 10 Feb 2010 19:20:20 -0500 tiff (3.9.2-2) unstable; urgency=low * Include patch from upstream to fix problems with TIFFReadScanline() and ycbcr-encoded JPEG images. (Closes: #510792) * Fix some manual page spelling errors found by lintian. -- Jay Berkenbilt Sun, 10 Jan 2010 10:56:32 -0500 tiff (3.9.2-1) unstable; urgency=low * New upstream release -- Jay Berkenbilt Fri, 06 Nov 2009 22:52:06 -0500 tiff (3.9.1-1) unstable; urgency=low * New upstream release -- Jay Berkenbilt Fri, 28 Aug 2009 15:44:23 -0400 tiff (3.9.0-2) unstable; urgency=low * Fix critical bug that could cause corrupt files to be written in some cases. (Closes: #543079) -- Jay Berkenbilt Fri, 28 Aug 2009 13:38:03 -0400 tiff (3.9.0-1) unstable; urgency=low * New upstream release. All previous security patches have been integrated. -- Jay Berkenbilt Fri, 21 Aug 2009 11:40:49 -0400 tiff (3.9.0beta+deb1-1) experimental; urgency=low * New upstream release (binary compatible with 3.8.2) -- release based on 3.9 branch from upstream CVS; see README.Debian for details. (Closes: #537118) * Updated standards to 3.8.3; no changes required. * Stopped using tarball in tarball packaging. (Closes: #538565) -- Jay Berkenbilt Wed, 19 Aug 2009 20:33:10 -0400 tiff (3.8.2-13) unstable; urgency=high * Apply patches to fix CVE-2009-2347, which covers two integer overflow conditions. * LZW patch from last update addressed CVE-2009-2285. Renamed the patch to make this clearer. -- Jay Berkenbilt Sun, 12 Jul 2009 18:03:33 -0400 tiff (3.8.2-12) unstable; urgency=low * Apply patch to fix crash in lzw decoder that can be caused by certain invalid image files. (Closes: #534137) * No longer ignore errors in preinst * Fixed new lintian warnings; updated standards version to 3.8.2. -- Jay Berkenbilt Sun, 28 Jun 2009 13:17:44 -0400 tiff (3.8.2-11) unstable; urgency=high * Apply security patches (CVE-2008-2327) * Convert patch system to quilt * Create README.source * Set standards version to 3.8.0 -- Jay Berkenbilt Sun, 17 Aug 2008 13:16:37 -0400 tiff (3.8.2-10+lenny1) testing-security; urgency=high * Apply patches from Drew Yao of Apple Product Security to fix CVE-2008-2327, a potential buffer underflow in the LZW decoder (tif_lzw.c). -- Jay Berkenbilt Sun, 17 Aug 2008 11:56:01 -0400 tiff (3.8.2-10) unstable; urgency=low * Fix segmentation fault on subsequent parts of a file with an invalid directory tag. (Closes: #475489) -- Jay Berkenbilt Mon, 09 Jun 2008 11:02:53 -0400 tiff (3.8.2-9) unstable; urgency=low * Backported tiff2pdf from 4.0.0 beta 2. This fixes many tiff2pdf bugs, though unfortunately none of the ones opened in the debian bug database! * Added upstream homepage to debian control file. -- Jay Berkenbilt Sat, 07 Jun 2008 22:52:27 -0400 tiff (3.8.2-8) unstable; urgency=low * Accepted tmpfile patch tiff2pdf to fix bug that has been fixed upstream since upstream release appears stalled. Thanks Jesse Long. (Closes: #419773) * Update standards version to 3.7.3; no changes required. * ${Source-Version} -> ${binary:Version} in control * Split documentation into separate libtiff-doc package. (Closes: #472189) -- Jay Berkenbilt Sat, 22 Mar 2008 12:30:38 -0400 tiff (3.8.2-7+etch1) stable-security; urgency=high * Apply patches from Drew Yao of Apple Product Security to fix CVE-2008-2327, a potential buffer underflow in the LZW decoder (tif_lzw.c). -- Jay Berkenbilt Sun, 17 Aug 2008 11:56:01 -0400 tiff (3.8.2-7) unstable; urgency=high * Replace empty directories in /usr/share/doc with links during package upgrade. (Closes: #404631) -- Jay Berkenbilt Tue, 2 Jan 2007 15:50:50 -0500 tiff (3.8.2-6) unstable; urgency=high * Add watch file * Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library. The Common Vulnerabilities and Exposures project identifies the following issues: - CVE-2006-3459: a stack buffer overflow via TIFFFetchShortPair() in tif_dirread.c - CVE-2006-3460: A heap overflow vulnerability was discovered in the jpeg decoder - CVE-2006-3461: A heap overflow exists in the PixarLog decoder - CVE-2006-3462: The NeXT RLE decoder was also vulnerable to a heap overflow - CVE-2006-3463: An infinite loop was discovered in EstimateStripByteCounts() - CVE-2006-3464: Multiple unchecked arithmetic operations were uncovered, including a number of the range checking operations deisgned to ensure the offsets specified in tiff directories are legitimate. - A number of codepaths were uncovered where assertions did not hold true, resulting in the client application calling abort() - CVE-2006-3465: A flaw was also uncovered in libtiffs custom tag support -- Jay Berkenbilt Mon, 31 Jul 2006 18:14:59 -0400 tiff (3.8.2-5) unstable; urgency=low * Fix logic error that caused -q flag to be ignored when doing jpeg compression with tiff2pdf. (Closes: #373102) -- Jay Berkenbilt Mon, 19 Jun 2006 18:55:38 -0400 tiff (3.8.2-4) unstable; urgency=high * SECURITY UPDATE: Arbitrary command execution with crafted TIF files. Thanks to Martin Pitt. (Closes: #371064) * Add debian/patches/tiff2pdf-octal-printf.patch: - tools/tiff2pdf.c: Fix buffer overflow due to wrong printf for octal signed char (it printed a signed integer, which overflew the buffer and was wrong anyway). - CVE-2006-2193 -- Jay Berkenbilt Wed, 7 Jun 2006 17:52:12 -0400 tiff (3.8.2-3) unstable; urgency=high * SECURITY UPDATE: Arbitrary command execution with crafted long file names. Thanks to Martin Pitt for forwarding this. Add debian/patches/tiffsplit-fname-overflow.patch: - tools/tiffsplit.c: Use snprintf instead of strcpy for copying the user-specified file name into a statically sized buffer. CVE-2006-2656. (Closes: #369819) * Update standards version to 3.7.2. No changes required. * Moved doc-base information to libtiff4 instead of libtiff4-dev. -- Jay Berkenbilt Thu, 1 Jun 2006 21:24:21 -0400 tiff (3.8.2-2) unstable; urgency=low * Fix build dependencies to get OpenGL utility libraries after new Xorg packaging. (Closes: #365722) * Updated standards version to 3.7.0; no changes required to package. -- Jay Berkenbilt Tue, 2 May 2006 10:10:45 -0400 tiff (3.8.2-1) unstable; urgency=low * New upstream release -- Jay Berkenbilt Tue, 28 Mar 2006 21:42:33 -0500 tiff (3.8.0-3) unstable; urgency=low * Switched build dependency from xlibmesa-gl-dev to libgl1-mesa-dev (incorporating Ubunutu patch) * Incorporated patch from upstream to fix handling of RGBA tiffs in tiff2pdf. (Closes: #352849) -- Jay Berkenbilt Sun, 26 Feb 2006 13:21:17 -0500 tiff (3.8.0-2) unstable; urgency=low * Applied fixes from upstream to address a memory access violation [CVE-2006-0405]. (Closes: #350715, #351223) -- Jay Berkenbilt Fri, 3 Feb 2006 21:48:39 -0500 tiff (3.8.0-1) unstable; urgency=low * New upstream release. (Closes: #349921) * NOTE: The debian version of 3.8.0 includes a patch to correct a binary incompatibility in the original 3.8.0 release. This libtiff package is binary compatible with 3.7.4 and will be binary compatible with the upcoming 3.8.1 release. -- Jay Berkenbilt Fri, 27 Jan 2006 21:38:58 -0500 tiff (3.7.4-1) unstable; urgency=low * New upstream release * Fix typos in manual page (Closes: #327921, #327922, #327923, #327924) -- Jay Berkenbilt Fri, 7 Oct 2005 10:25:49 -0400 tiff (3.7.3-1) unstable; urgency=low * New upstream release * g++ 4.0 transition: libtiffxx0 is now libtiffxx0c2. -- Jay Berkenbilt Sat, 9 Jul 2005 12:00:44 -0400 tiff (3.7.2-3) unstable; urgency=high * Fix for exploitable segmentation fault on files with bad BitsPerSample values. (Closes: #309739) [libtiff/tif_dirread.c, CAN-2005-1544] Thanks to Martin Pitt for the report. -- Jay Berkenbilt Thu, 19 May 2005 05:41:28 -0400 tiff (3.7.2-2) unstable; urgency=high * Fix zero pagesize bug with tiff2ps -a2 and tiff2ps -a3. Thanks to Patrice Fournier for the patch. (Closes: #303583) * Note: uploading with urgency=high since this very small fix impacts tools only (not the library), and we don't want to block tiff's many reverse dependencies from transitioning to sarge. -- Jay Berkenbilt Sun, 10 Apr 2005 10:12:37 -0400 tiff (3.7.2-1) unstable; urgency=low * New upstream release -- Jay Berkenbilt Sat, 19 Mar 2005 14:51:06 -0500 tiff (3.7.1-4) unstable; urgency=low * Fix from upstream: include a better workaround for tiff files with invalid strip byte counts. (Closes: #183268) -- Jay Berkenbilt Tue, 22 Feb 2005 19:20:14 -0500 tiff (3.7.1-3) unstable; urgency=low * Disable C++ new experimental interfaces for now; will reappear in a future version in the separate libtiffxx0 package. -- Jay Berkenbilt Sat, 29 Jan 2005 13:32:37 -0500 tiff (3.7.1+pre3.7.2-1) experimental; urgency=low * New upstream release * Separate experimental C++ interface into separate libtiffxx library. -- Jay Berkenbilt Sat, 29 Jan 2005 13:03:19 -0500 tiff (3.7.1-2) unstable; urgency=low * Make -dev package depend upon other -dev packages referenced in the .la file created by libtool. (Closes: #291136) * tiff2ps: Allow one of -w and -h without the other. (Closes: #244247) -- Jay Berkenbilt Wed, 19 Jan 2005 10:45:00 -0500 tiff (3.7.1-1) unstable; urgency=low * New upstream release * Correct error in doc-base file (Closes: #285652) -- Jay Berkenbilt Wed, 5 Jan 2005 16:54:12 -0500 tiff (3.7.0-2) experimental; urgency=low * Replace hard-coded libc6-dev dependency with something friendlier to porters (libc6-dev | libc-dev). (Closes: #179727) * Fixed upstream: proper netbsdelf*-gnu support in configure. Actually fixed in 3.7.0-1 but left out of changelog. (Closes: #179728) * Include opengl support; adds new libtiff-opengl package. (Closes: #219456) * Fixed upstream: fax2ps now allows access to first page. (Closes: #244251) -- Jay Berkenbilt Sat, 11 Dec 2004 09:51:52 -0500 tiff (3.7.0-1) experimental; urgency=low * New upstream release (Closes: #276996) * New maintainer (Thanks Joy!) * Repackage using cdbs and simple-patchsys to fix some errors and simplify patch management * Fixed upstream: tiff2pdf ignores -z and -j (Closes: #280682) * Fixed upstream: Memory leak in TIFFClientOpen (Closes: #256657) -- Jay Berkenbilt Fri, 26 Nov 2004 13:50:13 -0500 tiff (3.6.1-5) unstable; urgency=high * New maintainer (thanks Joy!) * Applied patch by Dmitry V. Levin to fix a segmentation fault [tools/tiffdump.c, CAN-2004-1183] Thanks to Martin Schulze for forwarding the patch. * Fixed section of -dev package (devel -> libdevel) -- Jay Berkenbilt Wed, 5 Jan 2005 16:27:26 -0500 tiff (3.6.1-4) unstable; urgency=high * Fix heap overflow security bug [CAN-2004-1308]. (Closes: #286815) -- Jay Berkenbilt Wed, 22 Dec 2004 10:20:52 -0500 tiff (3.6.1-3) unstable; urgency=medium * Patches from upstream to fix zero-size tile and integer overflow problems created by previous security patches, closes: #276783. * Added Jay Berkenbilt as co-maintainer. Jay thanks Joy for letting him help and eventually take over maintenance of these packages! -- Josip Rodin Mon, 01 Nov 2004 12:28:27 +0100 tiff (3.6.1-2) unstable; urgency=low * Included security fixes for: + CAN-2004-0803 - libtiff/tif_luv.c - libtiff/tif_next.c - libtiff/tif_thunder.c + CAN-2004-0804 (but this one is already applied upstream, it seems) - libtiff/tif_dirread.c + CAN-2004-0886 - libtiff/tif_aux.c - libtiff/tif_compress.c - libtiff/tif_dir.c - libtiff/tif_dirinfo.c - libtiff/tif_dirread.c - libtiff/tif_dirwrite.c - libtiff/tif_extension.c - libtiff/tif_fax3.c - libtiff/tiffiop.h - libtiff/tif_getimage.c - libtiff/tif_luv.c - libtiff/tif_pixarlog.c - libtiff/tif_strip.c - libtiff/tif_tile.c - libtiff/tif_write.c Thanks to Martin Schulze for forwarding the patches. -- Josip Rodin Thu, 14 Oct 2004 16:13:11 +0200 tiff (3.6.1-1.1) unstable; urgency=medium * Non-maintainer upload; thanks to Jay Berkenbilt for preparing the patches * Rename shared library and development packages to resolve accidental upstream ABI change. Closes: #236247 * Include patch from upstream to fix multistrip g3 fax bug. Closes: #243405 * Include LZW support. Closes: #260242, #248490 * Fix URL in copyright file. Closes: #261357 * Install missing documentation files. Closes: #261356 -- Steve Langasek Sun, 25 Jul 2004 10:28:06 -0400 tiff (3.6.1-1) unstable; urgency=low * New upstream version, closes: #231977. * Slightly fixed up the static lib build rules so that the build process does the normal stuff for the dynamic lib and then does the static with the same tiffvers.h. -- Josip Rodin Mon, 23 Feb 2004 18:23:34 +0100 tiff (3.5.7-2) unstable; urgency=high * Added back the patch that used -src static/libtiff.a in the install rule. Wonder how that disappeared... closes: #170914. * Fake it's a GNU system in order for the configure script to use our toolchain stuff on the NetBSD port, thanks to Joel Baker, closes: #130636. -- Josip Rodin Tue, 10 Dec 2002 17:18:28 +0100 tiff (3.5.7-1) unstable; urgency=low * New upstream version, closes: #144940. * A whole new set of patches for the breakage in the build system :) -- Josip Rodin Sun, 6 Oct 2002 22:54:08 +0200 tiff (3.5.5-6) unstable; urgency=low * It appears that the general 64-bit detection code, isn't. We have to include all of those three conditions, feh. This really closes: #106706. -- Josip Rodin Wed, 8 Aug 2001 23:09:55 +0200 tiff (3.5.5-5) unstable; urgency=low * Changed two Alpha/Mips-isms into general 64-bit detection code, patch from John Daily , closes: #106706. * Patched man/Makefile.in to generate a manual page file for TIFFClientOpen(3t), as a .so link to TIFFOpen(3t), closes: #99577. * Used /usr/share/doc in the doc-base file, closes: #74122. * Changed libtiff3g-dev's section back to devel, since graphics was, according to elmo, "hysterical raisins". :)) -- Josip Rodin Fri, 27 Jul 2001 01:43:04 +0200 tiff (3.5.5-4) unstable; urgency=low * Updated config.* files, closes: #94696. * Fixed libtiff3g-dev's section, closes: #85533. -- Josip Rodin Wed, 20 Jun 2001 18:29:24 +0200 tiff (3.5.5-3) unstable; urgency=low * Build shared library on Hurd, too, closes: #72482. * Upped Standards-Version to 3.5.0. -- Josip Rodin Sat, 30 Sep 2000 17:42:13 +0200 tiff (3.5.5-2) unstable; urgency=low * Make `dynamic shared object' on Linux unconditionally, fixes the problem with libc.so.6.1 on alpha, thanks Chris C. Chimelis. -- Josip Rodin Wed, 13 Sep 2000 21:44:00 +0200 tiff (3.5.5-1) unstable; urgency=low * New upstream version. * The upstream build system sucks. There, I said it. Back to work now. :) * Added a build dependencies on make (>= 3.77) (closes: #67747) and debhelper. * Standards-Version: 3.2.1: + added DEB_BUILD_OPTIONS checks in debian/rules -- Josip Rodin Tue, 29 Aug 2000 14:06:02 +0200 tiff (3.5.4-5) frozen unstable; urgency=low * Fixed 16-bit/32-bit values bug in fax2ps from libtiff-tools, that also breaks printing from hylafax, using provided oneliner patch from Bernd Herd (accepted upstream), closes: #49232 and probably #62235. -- Josip Rodin Mon, 27 Mar 2000 17:12:10 +0200 tiff (3.5.4-4) frozen unstable; urgency=low * Weird dpkg-shlibdeps from dpkg 1.6.8-pre has done it again, this time with libz.so, making the packages depend on zlib1 (instead of zlib1g). Closes: #56134, #56137, #56140, #56155. -- Josip Rodin Tue, 25 Jan 2000 18:05:28 +0100 tiff (3.5.4-3) frozen unstable; urgency=low * Included libtiff.so file in libtiff3g-dev, dammit :( My eye hurts, a lot, but this was easy to fix, thank goodness :) (closes: #55814). This bugfix deserves to get into frozen because the bug cripples libtiff3g-dev, a lot. -- Josip Rodin Fri, 21 Jan 2000 19:02:22 +0100 tiff (3.5.4-2) unstable; urgency=low * Fixed upstream build system to use ${DESTDIR}, and with that working, created install: rule in debian/rules and used it. * Fixed the way rules file gets the version from upstream sources, and fixed dist/tiff.alpha, it didn't work. * Removed README file from libtiff3g binary package, useless. * Fixed configure script not to emit the wrong warning about zlib/jpeg dirs not specified (they're in /usr/include, stupid :). -- Josip Rodin Thu, 30 Dec 1999 01:17:32 +0100 tiff (3.5.4-1) unstable; urgency=low * New upstream version, closes: #50338. * Disabled libc5 build, it wouldn't compile. :( -- Josip Rodin Fri, 3 Dec 1999 20:49:25 +0100 tiff (3.5.2-4) unstable; urgency=low * Castrated the rules file, to make it actually work on !(i386 m68k). Closes: #49316. -- Josip Rodin Sat, 6 Nov 1999 13:22:54 +0100 tiff (3.5.2-3) unstable; urgency=low * Removed sparc from the libtiff3 arches list, as BenC advised. -- Josip Rodin Fri, 29 Oct 1999 23:29:23 +0200 tiff (3.5.2-2) unstable; urgency=low * Changed Architecture: line for libtiff3 from "any" to "i386 m68k sparc" as it is actually only built on those. Changed description a little bit. * Minor fixes to the rules file. -- Josip Rodin Thu, 28 Oct 1999 14:00:02 +0200 tiff (3.5.2-1) unstable; urgency=low * New upstream version. * Renamed source package to just "tiff", like upstream tarball name. * New maintainer (thanks Guy!). Renewed packaging, with debhelper, using Joey's nifty multi2 example, with several adjustments. * Ditched libtiff3-altdev, nobody's using that and nobody should be using that. Packaging for it still exists, it's just commented out. * Uses doc-base for -dev docs now. Uncompressed HTML docs, 100kb space saved is pointless when you can't use any links between documents. -- Josip Rodin Tue, 26 Oct 1999 16:20:46 +0200 libtiff3 (3.4beta037-8) unstable; urgency=low * Argh, same bug in the prerm, closes: #36990, #36850, #36855, #36866, #36988. -- Guy Maor Sat, 1 May 1999 10:12:23 -0700 libtiff3 (3.4beta037-7) unstable; urgency=low * Don't error when dhelp is not installed, closes: #36879, #36922. -- Guy Maor Thu, 29 Apr 1999 19:17:55 -0700 libtiff3 (3.4beta037-6) unstable; urgency=low * Only build libc5 packages on appropriate archs, closes: #27083, #32007. * Apply NMU patch, closes: #26413, #26887. * Add dhelp support, closes: #35154. * Recompile removes invalid dependency, closes: #30961. -- Guy Maor Sat, 24 Apr 1999 15:17:51 -0700 libtiff3 (3.4beta037-5.1) frozen unstable; urgency=low * NMU to not use install -s to strip static .a libraries. Fixes: #26413 * Build with recent libjpeg. Fixes: #26887 * Add Section: and Priority: headers to debian/control. -- Ben Gertzfield Mon, 26 Oct 1998 22:44:33 -0800 libtiff3 (3.4beta037-5) unstable; urgency=low * Explicit link with -lm (and don't need -lc now), fixes: #19167, #22180. -- Guy Maor Tue, 11 Aug 1998 22:27:56 -0700 libtiff3 (3.4beta037-4) unstable; urgency=low * libtiff3-tools conflicts & replaces with libtiff3-gif (13521,15107). -- Guy Maor Sun, 11 Jan 1998 13:09:28 -0800 libtiff3 (3.4beta037-3) unstable; urgency=low * New libjpegg contains shlibs file, so don't need shlibs.local. * Compile with -D_REENTRANT. * Add shlibs for libtiff3g (13423). -- Guy Maor Sat, 27 Sep 1997 13:17:45 -0500 libtiff3 (3.4beta037-2) unstable; urgency=low * Add libjpegg6a to shlibs.local to correct for broken dependency. -- Guy Maor Fri, 26 Sep 1997 11:23:55 -0500 libtiff3 (3.4beta037-1) unstable; urgency=low * New upstream version, libc6 compile, policy 2.3.0.0 (5136, 7470, 7627, 8166 8312, 9479, 9492, 9531, 11700, 11702). * Fix check for shared lib support (10805). -- Guy Maor Tue, 23 Sep 1997 16:55:56 -0500 debian/libtiff-tools.lintian-overrides0000644000000000000000000000027112256047746015340 0ustar # # The synopsis line starts with a capital letter because of the TIFF # acronym, not because it contains a sentence. # libtiff-tools: description-synopsis-starts-with-a-capital-letter debian/patches/0000755000000000000000000000000012256047746010632 5ustar debian/patches/CVE-2013-1961.patch0000644000000000000000000007757712256047746013300 0ustar Index: tiff-4.0.3/contrib/dbs/xtiff/xtiff.c =================================================================== --- tiff-4.0.3.orig/contrib/dbs/xtiff/xtiff.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/contrib/dbs/xtiff/xtiff.c 2013-06-23 10:36:51.147629484 -0400 @@ -512,9 +512,9 @@ Arg args[1]; if (tfMultiPage) - sprintf(buffer, "%s - page %d", fileName, tfDirectory); + snprintf(buffer, sizeof(buffer), "%s - page %d", fileName, tfDirectory); else - strcpy(buffer, fileName); + snprintf(buffer, sizeof(buffer), "%s", fileName); XtSetArg(args[0], XtNlabel, buffer); XtSetValues(labelWidget, args, 1); } Index: tiff-4.0.3/libtiff/tif_dirinfo.c =================================================================== --- tiff-4.0.3.orig/libtiff/tif_dirinfo.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/libtiff/tif_dirinfo.c 2013-06-23 10:36:51.147629484 -0400 @@ -711,7 +711,7 @@ * note that this name is a special sign to TIFFClose() and * _TIFFSetupFields() to free the field */ - sprintf(fld->field_name, "Tag %d", (int) tag); + snprintf(fld->field_name, 32, "Tag %d", (int) tag); return fld; } Index: tiff-4.0.3/libtiff/tif_codec.c =================================================================== --- tiff-4.0.3.orig/libtiff/tif_codec.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/libtiff/tif_codec.c 2013-06-23 10:36:51.151629482 -0400 @@ -108,7 +108,8 @@ const TIFFCodec* c = TIFFFindCODEC(tif->tif_dir.td_compression); char compression_code[20]; - sprintf( compression_code, "%d", tif->tif_dir.td_compression ); + snprintf(compression_code, sizeof(compression_code), "%d", + tif->tif_dir.td_compression ); TIFFErrorExt(tif->tif_clientdata, tif->tif_name, "%s compression support is not configured", c ? c->name : compression_code ); Index: tiff-4.0.3/tools/tiffdither.c =================================================================== --- tiff-4.0.3.orig/tools/tiffdither.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/tools/tiffdither.c 2013-06-23 10:36:51.151629482 -0400 @@ -260,7 +260,7 @@ TIFFSetField(out, TIFFTAG_FILLORDER, fillorder); else CopyField(TIFFTAG_FILLORDER, shortv); - sprintf(thing, "Dithered B&W version of %s", argv[optind]); + snprintf(thing, sizeof(thing), "Dithered B&W version of %s", argv[optind]); TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing); CopyField(TIFFTAG_PHOTOMETRIC, shortv); CopyField(TIFFTAG_ORIENTATION, shortv); Index: tiff-4.0.3/tools/rgb2ycbcr.c =================================================================== --- tiff-4.0.3.orig/tools/rgb2ycbcr.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/tools/rgb2ycbcr.c 2013-06-23 10:36:51.151629482 -0400 @@ -332,7 +332,8 @@ TIFFSetField(out, TIFFTAG_PLANARCONFIG, PLANARCONFIG_CONTIG); { char buf[2048]; char *cp = strrchr(TIFFFileName(in), '/'); - sprintf(buf, "YCbCr conversion of %s", cp ? cp+1 : TIFFFileName(in)); + snprintf(buf, sizeof(buf), "YCbCr conversion of %s", + cp ? cp+1 : TIFFFileName(in)); TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, buf); } TIFFSetField(out, TIFFTAG_SOFTWARE, TIFFGetVersion()); Index: tiff-4.0.3/tools/tiff2pdf.c =================================================================== --- tiff-4.0.3.orig/tools/tiff2pdf.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/tools/tiff2pdf.c 2013-06-23 10:36:51.151629482 -0400 @@ -3630,7 +3630,9 @@ char buffer[16]; int buflen=0; - buflen=sprintf(buffer, "%%PDF-%u.%u ", t2p->pdf_majorversion&0xff, t2p->pdf_minorversion&0xff); + buflen = snprintf(buffer, sizeof(buffer), "%%PDF-%u.%u ", + t2p->pdf_majorversion&0xff, + t2p->pdf_minorversion&0xff); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t)"\n%\342\343\317\323\n", 7); @@ -3644,10 +3646,10 @@ tsize_t t2p_write_pdf_obj_start(uint32 number, TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; - buflen=sprintf(buffer, "%lu", (unsigned long)number); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number); written += t2pWriteFile(output, (tdata_t) buffer, buflen ); written += t2pWriteFile(output, (tdata_t) " 0 obj\n", 7); @@ -3686,13 +3688,13 @@ written += t2pWriteFile(output, (tdata_t) "/", 1); for (i=0;i 0x7E){ - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); nextchar=1; @@ -3700,57 +3702,57 @@ if (nextchar==0){ switch (name[i]){ case 0x23: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x25: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x28: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x29: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x2F: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x3C: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x3E: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x5B: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x5D: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x7B: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; case 0x7D: - sprintf(buffer, "#%.2X", name[i]); + snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); buffer[sizeof(buffer) - 1] = '\0'; written += t2pWriteFile(output, (tdata_t) buffer, 3); break; @@ -3865,14 +3867,14 @@ tsize_t t2p_write_pdf_stream_dict(tsize_t len, uint32 number, TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; written += t2pWriteFile(output, (tdata_t) "/Length ", 8); if(len!=0){ written += t2p_write_pdf_stream_length(len, output); } else { - buflen=sprintf(buffer, "%lu", (unsigned long)number); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); } @@ -3913,10 +3915,10 @@ tsize_t t2p_write_pdf_stream_length(tsize_t len, TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; - buflen=sprintf(buffer, "%lu", (unsigned long)len); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)len); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "\n", 1); @@ -3930,7 +3932,7 @@ tsize_t t2p_write_pdf_catalog(T2P* t2p, TIFF* output) { tsize_t written = 0; - char buffer[16]; + char buffer[32]; int buflen = 0; written += t2pWriteFile(output, @@ -3969,7 +3971,6 @@ written += t2p_write_pdf_string(t2p->pdf_datetime, output); } written += t2pWriteFile(output, (tdata_t) "\n/Producer ", 11); - _TIFFmemset((tdata_t)buffer, 0x00, sizeof(buffer)); snprintf(buffer, sizeof(buffer), "libtiff / tiff2pdf - %d", TIFFLIB_VERSION); written += t2p_write_pdf_string(buffer, output); written += t2pWriteFile(output, (tdata_t) "\n", 1); @@ -4110,7 +4111,7 @@ { tsize_t written=0; tdir_t i=0; - char buffer[16]; + char buffer[32]; int buflen=0; int page=0; @@ -4118,7 +4119,7 @@ (tdata_t) "<< \n/Type /Pages \n/Kids [ ", 26); page = t2p->pdf_pages+1; for (i=0;itiff_pagecount;i++){ - buflen=sprintf(buffer, "%d", page); + buflen=snprintf(buffer, sizeof(buffer), "%d", page); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); if ( ((i+1)%8)==0 ) { @@ -4133,8 +4134,7 @@ } } written += t2pWriteFile(output, (tdata_t) "] \n/Count ", 10); - _TIFFmemset(buffer, 0x00, 16); - buflen=sprintf(buffer, "%d", t2p->tiff_pagecount); + buflen=snprintf(buffer, sizeof(buffer), "%d", t2p->tiff_pagecount); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " \n>> \n", 6); @@ -4149,28 +4149,28 @@ unsigned int i=0; tsize_t written=0; - char buffer[16]; + char buffer[256]; int buflen=0; written += t2pWriteFile(output, (tdata_t) "<<\n/Type /Page \n/Parent ", 24); - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_pages); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_pages); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); written += t2pWriteFile(output, (tdata_t) "/MediaBox [", 11); - buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x1); + buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x1); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " ", 1); - buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y1); + buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y1); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " ", 1); - buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x2); + buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x2); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " ", 1); - buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y2); + buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y2); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "] \n", 3); written += t2pWriteFile(output, (tdata_t) "/Contents ", 10); - buflen=sprintf(buffer, "%lu", (unsigned long)(object + 1)); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(object + 1)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); written += t2pWriteFile(output, (tdata_t) "/Resources << \n", 15); @@ -4178,15 +4178,13 @@ written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12); for(i=0;itiff_tiles[t2p->pdf_page].tiles_tilecount;i++){ written += t2pWriteFile(output, (tdata_t) "/Im", 3); - buflen = sprintf(buffer, "%u", t2p->pdf_page+1); + buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "_", 1); - buflen = sprintf(buffer, "%u", i+1); + buflen = snprintf(buffer, sizeof(buffer), "%u", i+1); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " ", 1); - buflen = sprintf( - buffer, - "%lu", + buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); @@ -4198,12 +4196,10 @@ } else { written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12); written += t2pWriteFile(output, (tdata_t) "/Im", 3); - buflen = sprintf(buffer, "%u", t2p->pdf_page+1); + buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " ", 1); - buflen = sprintf( - buffer, - "%lu", + buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); @@ -4212,9 +4208,7 @@ if(t2p->tiff_transferfunctioncount != 0) { written += t2pWriteFile(output, (tdata_t) "/ExtGState <<", 13); t2pWriteFile(output, (tdata_t) "/GS1 ", 5); - buflen = sprintf( - buffer, - "%lu", + buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(object + 3)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); @@ -4587,7 +4581,7 @@ if(t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount>0){ for(i=0;itiff_tiles[t2p->pdf_page].tiles_tilecount; i++){ box=t2p->tiff_tiles[t2p->pdf_page].tiles_tiles[i].tile_box; - buflen=sprintf(buffer, + buflen=snprintf(buffer, sizeof(buffer), "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d_%ld Do Q\n", t2p->tiff_transferfunctioncount?"/GS1 gs ":"", box.mat[0], @@ -4602,7 +4596,7 @@ } } else { box=t2p->pdf_imagebox; - buflen=sprintf(buffer, + buflen=snprintf(buffer, sizeof(buffer), "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d Do Q\n", t2p->tiff_transferfunctioncount?"/GS1 gs ":"", box.mat[0], @@ -4627,59 +4621,48 @@ TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; written += t2p_write_pdf_stream_dict(0, t2p->pdf_xrefcount+1, output); written += t2pWriteFile(output, (tdata_t) "/Type /XObject \n/Subtype /Image \n/Name /Im", 42); - buflen=sprintf(buffer, "%u", t2p->pdf_page+1); + buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); written += t2pWriteFile(output, (tdata_t) buffer, buflen); if(tile != 0){ written += t2pWriteFile(output, (tdata_t) "_", 1); - buflen=sprintf(buffer, "%lu", (unsigned long)tile); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)tile); written += t2pWriteFile(output, (tdata_t) buffer, buflen); } written += t2pWriteFile(output, (tdata_t) "\n/Width ", 8); - _TIFFmemset((tdata_t)buffer, 0x00, 16); if(tile==0){ - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_width); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_width); } else { if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){ - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth); } else { - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth); } } written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "\n/Height ", 9); - _TIFFmemset((tdata_t)buffer, 0x00, 16); if(tile==0){ - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_length); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_length); } else { if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){ - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength); } else { - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength); } } written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "\n/BitsPerComponent ", 19); - _TIFFmemset((tdata_t)buffer, 0x00, 16); - buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample); + buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "\n/ColorSpace ", 13); written += t2p_write_pdf_xobject_cs(t2p, output); @@ -4723,11 +4706,10 @@ t2p->pdf_colorspace ^= T2P_CS_PALETTE; written += t2p_write_pdf_xobject_cs(t2p, output); t2p->pdf_colorspace |= T2P_CS_PALETTE; - buflen=sprintf(buffer, "%u", (0x0001 << t2p->tiff_bitspersample)-1 ); + buflen=snprintf(buffer, sizeof(buffer), "%u", (0x0001 << t2p->tiff_bitspersample)-1 ); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " ", 1); - _TIFFmemset(buffer, 0x00, 16); - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_palettecs ); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_palettecs ); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ]\n", 7); return(written); @@ -4761,10 +4743,10 @@ X_W /= Y_W; Z_W /= Y_W; Y_W = 1.0F; - buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "/Range ", 7); - buflen=sprintf(buffer, "[%d %d %d %d] \n", + buflen=snprintf(buffer, sizeof(buffer), "[%d %d %d %d] \n", t2p->pdf_labrange[0], t2p->pdf_labrange[1], t2p->pdf_labrange[2], @@ -4780,26 +4762,26 @@ tsize_t t2p_write_pdf_transfer(T2P* t2p, TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; written += t2pWriteFile(output, (tdata_t) "<< /Type /ExtGState \n/TR ", 25); if(t2p->tiff_transferfunctioncount == 1){ - buflen=sprintf(buffer, "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); } else { written += t2pWriteFile(output, (tdata_t) "[ ", 2); - buflen=sprintf(buffer, "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); - buflen=sprintf(buffer, "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 2)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); - buflen=sprintf(buffer, "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 3)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); @@ -4821,7 +4803,7 @@ written += t2pWriteFile(output, (tdata_t) "/FunctionType 0 \n", 17); written += t2pWriteFile(output, (tdata_t) "/Domain [0.0 1.0] \n", 19); written += t2pWriteFile(output, (tdata_t) "/Range [0.0 1.0] \n", 18); - buflen=sprintf(buffer, "/Size [%u] \n", (1<tiff_bitspersample)); + buflen=snprintf(buffer, sizeof(buffer), "/Size [%u] \n", (1<tiff_bitspersample)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "/BitsPerSample 16 \n", 19); written += t2p_write_pdf_stream_dict(((tsize_t)1)<<(t2p->tiff_bitspersample+1), 0, output); @@ -4848,7 +4830,7 @@ tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){ tsize_t written=0; - char buffer[128]; + char buffer[256]; int buflen=0; float X_W=0.0; @@ -4916,16 +4898,16 @@ written += t2pWriteFile(output, (tdata_t) "<< \n", 4); if(t2p->pdf_colorspace & T2P_CS_CALGRAY){ written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12); - buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "/Gamma 2.2 \n", 12); } if(t2p->pdf_colorspace & T2P_CS_CALRGB){ written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12); - buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "/Matrix ", 8); - buflen=sprintf(buffer, "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n", + buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n", X_R, Y_R, Z_R, X_G, Y_G, Z_G, X_B, Y_B, Z_B); @@ -4944,11 +4926,11 @@ tsize_t t2p_write_pdf_xobject_icccs(T2P* t2p, TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; written += t2pWriteFile(output, (tdata_t) "[/ICCBased ", 11); - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_icccs); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_icccs); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " 0 R] \n", 7); @@ -4958,11 +4940,11 @@ tsize_t t2p_write_pdf_xobject_icccs_dict(T2P* t2p, TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; written += t2pWriteFile(output, (tdata_t) "/N ", 3); - buflen=sprintf(buffer, "%u \n", t2p->tiff_samplesperpixel); + buflen=snprintf(buffer, sizeof(buffer), "%u \n", t2p->tiff_samplesperpixel); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) "/Alternate ", 11); t2p->pdf_colorspace ^= T2P_CS_ICCBASED; @@ -5027,7 +5009,7 @@ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output){ tsize_t written=0; - char buffer[16]; + char buffer[32]; int buflen=0; if(t2p->pdf_compression==T2P_COMPRESS_NONE){ @@ -5042,41 +5024,33 @@ written += t2pWriteFile(output, (tdata_t) "<< /K -1 ", 9); if(tile==0){ written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); - buflen=sprintf(buffer, "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_width); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); - buflen=sprintf(buffer, "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_length); written += t2pWriteFile(output, (tdata_t) buffer, buflen); } else { if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){ written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth); written += t2pWriteFile(output, (tdata_t) buffer, buflen); } else { written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth); written += t2pWriteFile(output, (tdata_t) buffer, buflen); } if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){ written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength); written += t2pWriteFile(output, (tdata_t) buffer, buflen); } else { written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); - buflen=sprintf( - buffer, - "%lu", + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength); written += t2pWriteFile(output, (tdata_t) buffer, buflen); } @@ -5103,21 +5077,17 @@ if(t2p->pdf_compressionquality%100){ written += t2pWriteFile(output, (tdata_t) "/DecodeParms ", 13); written += t2pWriteFile(output, (tdata_t) "<< /Predictor ", 14); - _TIFFmemset(buffer, 0x00, 16); - buflen=sprintf(buffer, "%u", t2p->pdf_compressionquality%100); + buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_compressionquality%100); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " /Columns ", 10); - _TIFFmemset(buffer, 0x00, 16); - buflen = sprintf(buffer, "%lu", + buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_width); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " /Colors ", 9); - _TIFFmemset(buffer, 0x00, 16); - buflen=sprintf(buffer, "%u", t2p->tiff_samplesperpixel); + buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_samplesperpixel); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " /BitsPerComponent ", 19); - _TIFFmemset(buffer, 0x00, 16); - buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample); + buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) ">>\n", 3); } @@ -5137,16 +5107,16 @@ tsize_t t2p_write_pdf_xreftable(T2P* t2p, TIFF* output){ tsize_t written=0; - char buffer[21]; + char buffer[64]; int buflen=0; uint32 i=0; written += t2pWriteFile(output, (tdata_t) "xref\n0 ", 7); - buflen=sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); written += t2pWriteFile(output, (tdata_t) " \n0000000000 65535 f \n", 22); for (i=0;ipdf_xrefcount;i++){ - sprintf(buffer, "%.10lu 00000 n \n", + snprintf(buffer, sizeof(buffer), "%.10lu 00000 n \n", (unsigned long)t2p->pdf_xrefoffsets[i]); written += t2pWriteFile(output, (tdata_t) buffer, 20); } @@ -5170,17 +5140,14 @@ snprintf(t2p->pdf_fileid + i, 9, "%.8X", rand()); written += t2pWriteFile(output, (tdata_t) "trailer\n<<\n/Size ", 17); - buflen = sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount+1)); + buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount+1)); written += t2pWriteFile(output, (tdata_t) buffer, buflen); - _TIFFmemset(buffer, 0x00, 32); written += t2pWriteFile(output, (tdata_t) "\n/Root ", 7); - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_catalog); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_catalog); written += t2pWriteFile(output, (tdata_t) buffer, buflen); - _TIFFmemset(buffer, 0x00, 32); written += t2pWriteFile(output, (tdata_t) " 0 R \n/Info ", 12); - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_info); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_info); written += t2pWriteFile(output, (tdata_t) buffer, buflen); - _TIFFmemset(buffer, 0x00, 32); written += t2pWriteFile(output, (tdata_t) " 0 R \n/ID[<", 11); written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid, sizeof(t2p->pdf_fileid) - 1); @@ -5188,9 +5155,8 @@ written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid, sizeof(t2p->pdf_fileid) - 1); written += t2pWriteFile(output, (tdata_t) ">]\n>>\nstartxref\n", 16); - buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_startxref); + buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_startxref); written += t2pWriteFile(output, (tdata_t) buffer, buflen); - _TIFFmemset(buffer, 0x00, 32); written += t2pWriteFile(output, (tdata_t) "\n%%EOF\n", 7); return(written); Index: tiff-4.0.3/tools/tiff2ps.c =================================================================== --- tiff-4.0.3.orig/tools/tiff2ps.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/tools/tiff2ps.c 2013-06-23 10:36:51.155629481 -0400 @@ -1781,8 +1781,8 @@ imageOp = "imagemask"; (void)strcpy(im_x, "0"); - (void)sprintf(im_y, "%lu", (long) h); - (void)sprintf(im_h, "%lu", (long) h); + (void)snprintf(im_y, sizeof(im_y), "%lu", (long) h); + (void)snprintf(im_h, sizeof(im_h), "%lu", (long) h); tile_width = w; tile_height = h; if (TIFFIsTiled(tif)) { @@ -1803,7 +1803,7 @@ } if (tile_height < h) { fputs("/im_y 0 def\n", fd); - (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h); + (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h); } } else { repeat_count = tf_numberstrips; @@ -1815,7 +1815,7 @@ fprintf(fd, "/im_h %lu def\n", (unsigned long) tile_height); (void)strcpy(im_h, "im_h"); - (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h); + (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h); } } Index: tiff-4.0.3/tools/tiffcrop.c =================================================================== --- tiff-4.0.3.orig/tools/tiffcrop.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/tools/tiffcrop.c 2013-06-23 10:36:51.159629481 -0400 @@ -2077,7 +2077,7 @@ return 1; } - sprintf (filenum, "-%03d%s", findex, export_ext); + snprintf(filenum, sizeof(filenum), "-%03d%s", findex, export_ext); filenum[14] = '\0'; strncat (exportname, filenum, 15); } @@ -2230,8 +2230,8 @@ /* dump.infilename is guaranteed to be NUL termimated and have 20 bytes fewer than PATH_MAX */ - memset (temp_filename, '\0', PATH_MAX + 1); - sprintf (temp_filename, "%s-read-%03d.%s", dump.infilename, dump_images, + snprintf(temp_filename, sizeof(temp_filename), "%s-read-%03d.%s", + dump.infilename, dump_images, (dump.format == DUMP_TEXT) ? "txt" : "raw"); if ((dump.infile = fopen(temp_filename, dump.mode)) == NULL) { @@ -2249,8 +2249,8 @@ /* dump.outfilename is guaranteed to be NUL termimated and have 20 bytes fewer than PATH_MAX */ - memset (temp_filename, '\0', PATH_MAX + 1); - sprintf (temp_filename, "%s-write-%03d.%s", dump.outfilename, dump_images, + snprintf(temp_filename, sizeof(temp_filename), "%s-write-%03d.%s", + dump.outfilename, dump_images, (dump.format == DUMP_TEXT) ? "txt" : "raw"); if ((dump.outfile = fopen(temp_filename, dump.mode)) == NULL) { Index: tiff-4.0.3/tools/tiff2bw.c =================================================================== --- tiff-4.0.3.orig/tools/tiff2bw.c 2013-06-23 10:36:51.163629483 -0400 +++ tiff-4.0.3/tools/tiff2bw.c 2013-06-23 10:36:51.159629481 -0400 @@ -205,7 +205,7 @@ } } TIFFSetField(out, TIFFTAG_PHOTOMETRIC, PHOTOMETRIC_MINISBLACK); - sprintf(thing, "B&W version of %s", argv[optind]); + snprintf(thing, sizeof(thing), "B&W version of %s", argv[optind]); TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing); TIFFSetField(out, TIFFTAG_SOFTWARE, "tiff2bw"); outbuf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); debian/patches/CVE-2013-1960.patch0000644000000000000000000001011712256047746013250 0ustar Index: tiff-4.0.3/tools/tiff2pdf.c =================================================================== --- tiff-4.0.3.orig/tools/tiff2pdf.c 2013-06-23 10:36:50.979629486 -0400 +++ tiff-4.0.3/tools/tiff2pdf.c 2013-06-23 10:36:50.975629486 -0400 @@ -3341,33 +3341,56 @@ uint32 height){ tsize_t i=0; - uint16 ri =0; - uint16 v_samp=1; - uint16 h_samp=1; - int j=0; - - i++; - - while(i<(*striplength)){ + + while (i < *striplength) { + tsize_t datalen; + uint16 ri; + uint16 v_samp; + uint16 h_samp; + int j; + int ncomp; + + /* marker header: one or more FFs */ + if (strip[i] != 0xff) + return(0); + i++; + while (i < *striplength && strip[i] == 0xff) + i++; + if (i >= *striplength) + return(0); + /* SOI is the only pre-SOS marker without a length word */ + if (strip[i] == 0xd8) + datalen = 0; + else { + if ((*striplength - i) <= 2) + return(0); + datalen = (strip[i+1] << 8) | strip[i+2]; + if (datalen < 2 || datalen >= (*striplength - i)) + return(0); + } switch( strip[i] ){ - case 0xd8: - /* SOI - start of image */ + case 0xd8: /* SOI - start of image */ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), 2); *bufferoffset+=2; - i+=2; break; - case 0xc0: - case 0xc1: - case 0xc3: - case 0xc9: - case 0xca: + case 0xc0: /* SOF0 */ + case 0xc1: /* SOF1 */ + case 0xc3: /* SOF3 */ + case 0xc9: /* SOF9 */ + case 0xca: /* SOF10 */ if(no==0){ - _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); - for(j=0;j>4) > h_samp) - h_samp = (buffer[*bufferoffset+11+(2*j)]>>4); - if( (buffer[*bufferoffset+11+(2*j)] & 0x0f) > v_samp) - v_samp = (buffer[*bufferoffset+11+(2*j)] & 0x0f); + _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); + ncomp = buffer[*bufferoffset+9]; + if (ncomp < 1 || ncomp > 4) + return(0); + v_samp=1; + h_samp=1; + for(j=0;j>4) > h_samp) + h_samp = (samp>>4); + if( (samp & 0x0f) > v_samp) + v_samp = (samp & 0x0f); } v_samp*=8; h_samp*=8; @@ -3381,45 +3404,43 @@ (unsigned char) ((height>>8) & 0xff); buffer[*bufferoffset+6]= (unsigned char) (height & 0xff); - *bufferoffset+=strip[i+2]+2; - i+=strip[i+2]+2; - + *bufferoffset+=datalen+2; + /* insert a DRI marker */ buffer[(*bufferoffset)++]=0xff; buffer[(*bufferoffset)++]=0xdd; buffer[(*bufferoffset)++]=0x00; buffer[(*bufferoffset)++]=0x04; buffer[(*bufferoffset)++]=(ri >> 8) & 0xff; buffer[(*bufferoffset)++]= ri & 0xff; - } else { - i+=strip[i+2]+2; } break; - case 0xc4: - case 0xdb: - _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); - *bufferoffset+=strip[i+2]+2; - i+=strip[i+2]+2; + case 0xc4: /* DHT */ + case 0xdb: /* DQT */ + _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); + *bufferoffset+=datalen+2; break; - case 0xda: + case 0xda: /* SOS */ if(no==0){ - _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); - *bufferoffset+=strip[i+2]+2; - i+=strip[i+2]+2; + _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); + *bufferoffset+=datalen+2; } else { buffer[(*bufferoffset)++]=0xff; buffer[(*bufferoffset)++]= (unsigned char)(0xd0 | ((no-1)%8)); - i+=strip[i+2]+2; } - _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), (*striplength)-i-1); - *bufferoffset+=(*striplength)-i-1; + i += datalen + 1; + /* copy remainder of strip */ + _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i]), *striplength - i); + *bufferoffset+= *striplength - i; return(1); default: - i+=strip[i+2]+2; + /* ignore any other marker */ + break; } + i += datalen + 1; } - + /* failed to find SOS marker */ return(0); } #endif debian/patches/CVE-2013-4232.patch0000644000000000000000000000123612256047746013245 0ustar Description: use after free in tiff2pdf Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2449 Bug-Debian: http://bugs.debian.org/719303 Index: tiff-4.0.3/tools/tiff2pdf.c =================================================================== --- tiff-4.0.3.orig/tools/tiff2pdf.c 2013-08-22 11:46:37.292847242 -0400 +++ tiff-4.0.3/tools/tiff2pdf.c 2013-08-22 11:46:37.292847242 -0400 @@ -2461,7 +2461,8 @@ (unsigned long) t2p->tiff_datasize, TIFFFileName(input)); t2p->t2p_error = T2P_ERR_ERROR; - _TIFFfree(buffer); + _TIFFfree(buffer); + return(0); } else { buffer=samplebuffer; t2p->tiff_datasize *= t2p->tiff_samplesperpixel; debian/patches/CVE-2013-4231.patch0000644000000000000000000000106612256047746013245 0ustar Description: Buffer overflow in gif2tiff Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2450 Bug-Debian: http://bugs.debian.org/719303 Index: tiff-4.0.3/tools/gif2tiff.c =================================================================== --- tiff-4.0.3.orig/tools/gif2tiff.c 2013-08-22 11:46:11.960846910 -0400 +++ tiff-4.0.3/tools/gif2tiff.c 2013-08-22 11:46:11.956846910 -0400 @@ -333,6 +333,8 @@ int status = 1; datasize = getc(infile); + if (datasize > 12) + return 0; clear = 1 << datasize; eoi = clear + 1; avail = clear + 2; debian/patches/CVE-2012-4564.patch0000644000000000000000000000175212256047746013257 0ustar Index: tiff-4.0.3/tools/ppm2tiff.c =================================================================== --- tiff-4.0.3.orig/tools/ppm2tiff.c 2013-06-23 10:36:50.779629492 -0400 +++ tiff-4.0.3/tools/ppm2tiff.c 2013-06-23 10:36:50.775629494 -0400 @@ -89,6 +89,7 @@ int c; extern int optind; extern char* optarg; + tmsize_t scanline_size; if (argc < 2) { fprintf(stderr, "%s: Too few arguments\n", argv[0]); @@ -237,8 +238,16 @@ } if (TIFFScanlineSize(out) > linebytes) buf = (unsigned char *)_TIFFmalloc(linebytes); - else - buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); + else { + scanline_size = TIFFScanlineSize(out); + if (scanline_size != 0) + buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); + else { + fprintf(stderr, "%s: scanline size overflow\n",infile); + (void) TIFFClose(out); + exit(-2); + } + } if (resolution > 0) { TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution); TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution); debian/patches/series0000644000000000000000000000020512256047746012044 0ustar opengl.patch CVE-2012-4564.patch CVE-2013-1960.patch CVE-2013-1961.patch CVE-2013-4231.patch CVE-2013-4232.patch CVE-2013-4244.patch debian/patches/opengl.patch0000644000000000000000000000113312256047746013135 0ustar Description: call glFlush() in tiffgt Author: Micksa (micksa-launchpad) Bug: http://bugzilla.maptools.org/show_bug.cgi?id=2401 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/797166 Index: tiff-4.0.3/tools/tiffgt.c =================================================================== --- tiff-4.0.3.orig/tools/tiffgt.c 2013-06-23 10:36:50.575629499 -0400 +++ tiff-4.0.3/tools/tiffgt.c 2013-06-23 10:36:50.571629497 -0400 @@ -287,6 +287,7 @@ raster_draw(void) { glDrawPixels(img.width, img.height, GL_RGBA, GL_UNSIGNED_BYTE, (const GLvoid *) raster); + glFlush(); } static void debian/patches/CVE-2013-4244.patch0000644000000000000000000000116012256047746013244 0ustar Description: OOB write in gif2tiff Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=996468 Index: tiff-4.0.3/tools/gif2tiff.c =================================================================== --- tiff-4.0.3.orig/tools/gif2tiff.c 2013-08-24 11:17:13.546447901 -0400 +++ tiff-4.0.3/tools/gif2tiff.c 2013-08-24 11:17:13.546447901 -0400 @@ -400,6 +400,10 @@ } if (oldcode == -1) { + if (code >= clear) { + fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear); + return 0; + } *(*fill)++ = suffix[code]; firstchar = oldcode = code; return 1; debian/libtiff-opengl.lintian-overrides0000644000000000000000000000027212256047746015465 0ustar # # The synopsis line starts with a capital letter because of the TIFF # acronym, not because it contains a sentence. # libtiff-opengl: description-synopsis-starts-with-a-capital-letter debian/all-preinst0000644000000000000000000000012212256047746011353 0ustar #!/bin/sh set -e if [ -h /usr/share/doc/PKG ]; then rm -f /usr/share/doc/PKG fi debian/libtiff5.symbols0000644000000000000000000002164112256047746012325 0ustar libtiff.so.5 libtiff5 #MINVER# LIBTIFF_4.0@LIBTIFF_4.0 4.0.3 LogL10fromY@LIBTIFF_4.0 4.0.3 LogL10toY@LIBTIFF_4.0 4.0.3 LogL16fromY@LIBTIFF_4.0 4.0.3 LogL16toY@LIBTIFF_4.0 4.0.3 LogLuv24fromXYZ@LIBTIFF_4.0 4.0.3 LogLuv24toXYZ@LIBTIFF_4.0 4.0.3 LogLuv32fromXYZ@LIBTIFF_4.0 4.0.3 LogLuv32toXYZ@LIBTIFF_4.0 4.0.3 TIFFAccessTagMethods@LIBTIFF_4.0 4.0.3 TIFFCIELabToRGBInit@LIBTIFF_4.0 4.0.3 TIFFCIELabToXYZ@LIBTIFF_4.0 4.0.3 TIFFCheckTile@LIBTIFF_4.0 4.0.3 TIFFCheckpointDirectory@LIBTIFF_4.0 4.0.3 TIFFCleanup@LIBTIFF_4.0 4.0.3 TIFFClientOpen@LIBTIFF_4.0 4.0.3 TIFFClientdata@LIBTIFF_4.0 4.0.3 TIFFClose@LIBTIFF_4.0 4.0.3 TIFFComputeStrip@LIBTIFF_4.0 4.0.3 TIFFComputeTile@LIBTIFF_4.0 4.0.3 TIFFCreateCustomDirectory@LIBTIFF_4.0 4.0.3 TIFFCreateDirectory@LIBTIFF_4.0 4.0.3 TIFFCreateEXIFDirectory@LIBTIFF_4.0 4.0.3 TIFFCurrentDirOffset@LIBTIFF_4.0 4.0.3 TIFFCurrentDirectory@LIBTIFF_4.0 4.0.3 TIFFCurrentRow@LIBTIFF_4.0 4.0.3 TIFFCurrentStrip@LIBTIFF_4.0 4.0.3 TIFFCurrentTile@LIBTIFF_4.0 4.0.3 TIFFDataWidth@LIBTIFF_4.0 4.0.3 TIFFDefaultDirectory@LIBTIFF_4.0 4.0.3 TIFFDefaultStripSize@LIBTIFF_4.0 4.0.3 TIFFDefaultTileSize@LIBTIFF_4.0 4.0.3 TIFFError@LIBTIFF_4.0 4.0.3 TIFFErrorExt@LIBTIFF_4.0 4.0.3 TIFFFaxBlackCodes@LIBTIFF_4.0 4.0.3 TIFFFaxBlackTable@LIBTIFF_4.0 4.0.3 TIFFFaxMainTable@LIBTIFF_4.0 4.0.3 TIFFFaxWhiteCodes@LIBTIFF_4.0 4.0.3 TIFFFaxWhiteTable@LIBTIFF_4.0 4.0.3 TIFFFdOpen@LIBTIFF_4.0 4.0.3 TIFFFieldDataType@LIBTIFF_4.0 4.0.3 TIFFFieldName@LIBTIFF_4.0 4.0.3 TIFFFieldPassCount@LIBTIFF_4.0 4.0.3 TIFFFieldReadCount@LIBTIFF_4.0 4.0.3 TIFFFieldTag@LIBTIFF_4.0 4.0.3 TIFFFieldWithName@LIBTIFF_4.0 4.0.3 TIFFFieldWithTag@LIBTIFF_4.0 4.0.3 TIFFFieldWriteCount@LIBTIFF_4.0 4.0.3 TIFFFileName@LIBTIFF_4.0 4.0.3 TIFFFileno@LIBTIFF_4.0 4.0.3 TIFFFillStrip@LIBTIFF_4.0 4.0.3 TIFFFillTile@LIBTIFF_4.0 4.0.3 TIFFFindCODEC@LIBTIFF_4.0 4.0.3 TIFFFindField@LIBTIFF_4.0 4.0.3 TIFFFlush@LIBTIFF_4.0 4.0.3 TIFFFlushData1@LIBTIFF_4.0 4.0.3 TIFFFlushData@LIBTIFF_4.0 4.0.3 TIFFFreeDirectory@LIBTIFF_4.0 4.0.3 TIFFGetBitRevTable@LIBTIFF_4.0 4.0.3 TIFFGetClientInfo@LIBTIFF_4.0 4.0.3 TIFFGetCloseProc@LIBTIFF_4.0 4.0.3 TIFFGetConfiguredCODECs@LIBTIFF_4.0 4.0.3 TIFFGetField@LIBTIFF_4.0 4.0.3 TIFFGetFieldDefaulted@LIBTIFF_4.0 4.0.3 TIFFGetMapFileProc@LIBTIFF_4.0 4.0.3 TIFFGetMode@LIBTIFF_4.0 4.0.3 TIFFGetReadProc@LIBTIFF_4.0 4.0.3 TIFFGetSeekProc@LIBTIFF_4.0 4.0.3 TIFFGetSizeProc@LIBTIFF_4.0 4.0.3 TIFFGetTagListCount@LIBTIFF_4.0 4.0.3 TIFFGetTagListEntry@LIBTIFF_4.0 4.0.3 TIFFGetUnmapFileProc@LIBTIFF_4.0 4.0.3 TIFFGetVersion@LIBTIFF_4.0 4.0.3 TIFFGetWriteProc@LIBTIFF_4.0 4.0.3 TIFFInitCCITTFax3@LIBTIFF_4.0 4.0.3 TIFFInitCCITTFax4@LIBTIFF_4.0 4.0.3 TIFFInitCCITTRLE@LIBTIFF_4.0 4.0.3 TIFFInitCCITTRLEW@LIBTIFF_4.0 4.0.3 TIFFInitDumpMode@LIBTIFF_4.0 4.0.3 TIFFInitJBIG@LIBTIFF_4.0 4.0.3 TIFFInitJPEG@LIBTIFF_4.0 4.0.3 TIFFInitLZMA@LIBTIFF_4.0 4.0.3 TIFFInitLZW@LIBTIFF_4.0 4.0.3 TIFFInitNeXT@LIBTIFF_4.0 4.0.3 TIFFInitOJPEG@LIBTIFF_4.0 4.0.3 TIFFInitPackBits@LIBTIFF_4.0 4.0.3 TIFFInitPixarLog@LIBTIFF_4.0 4.0.3 TIFFInitSGILog@LIBTIFF_4.0 4.0.3 TIFFInitThunderScan@LIBTIFF_4.0 4.0.3 TIFFInitZIP@LIBTIFF_4.0 4.0.3 TIFFIsBigEndian@LIBTIFF_4.0 4.0.3 TIFFIsByteSwapped@LIBTIFF_4.0 4.0.3 TIFFIsCODECConfigured@LIBTIFF_4.0 4.0.3 TIFFIsMSB2LSB@LIBTIFF_4.0 4.0.3 TIFFIsTiled@LIBTIFF_4.0 4.0.3 TIFFIsUpSampled@LIBTIFF_4.0 4.0.3 TIFFLastDirectory@LIBTIFF_4.0 4.0.3 TIFFMergeFieldInfo@LIBTIFF_4.0 4.0.3 TIFFNumberOfDirectories@LIBTIFF_4.0 4.0.3 TIFFNumberOfStrips@LIBTIFF_4.0 4.0.3 TIFFNumberOfTiles@LIBTIFF_4.0 4.0.3 TIFFOpen@LIBTIFF_4.0 4.0.3 TIFFPredictorCleanup@LIBTIFF_4.0 4.0.3 TIFFPredictorInit@LIBTIFF_4.0 4.0.3 TIFFPrintDirectory@LIBTIFF_4.0 4.0.3 TIFFRGBAImageBegin@LIBTIFF_4.0 4.0.3 TIFFRGBAImageEnd@LIBTIFF_4.0 4.0.3 TIFFRGBAImageGet@LIBTIFF_4.0 4.0.3 TIFFRGBAImageOK@LIBTIFF_4.0 4.0.3 TIFFRasterScanlineSize64@LIBTIFF_4.0 4.0.3 TIFFRasterScanlineSize@LIBTIFF_4.0 4.0.3 TIFFRawStripSize64@LIBTIFF_4.0 4.0.3 TIFFRawStripSize@LIBTIFF_4.0 4.0.3 TIFFReadBufferSetup@LIBTIFF_4.0 4.0.3 TIFFReadCustomDirectory@LIBTIFF_4.0 4.0.3 TIFFReadDirectory@LIBTIFF_4.0 4.0.3 TIFFReadEXIFDirectory@LIBTIFF_4.0 4.0.3 TIFFReadEncodedStrip@LIBTIFF_4.0 4.0.3 TIFFReadEncodedTile@LIBTIFF_4.0 4.0.3 TIFFReadRGBAImage@LIBTIFF_4.0 4.0.3 TIFFReadRGBAImageOriented@LIBTIFF_4.0 4.0.3 TIFFReadRGBAStrip@LIBTIFF_4.0 4.0.3 TIFFReadRGBATile@LIBTIFF_4.0 4.0.3 TIFFReadRawStrip@LIBTIFF_4.0 4.0.3 TIFFReadRawTile@LIBTIFF_4.0 4.0.3 TIFFReadScanline@LIBTIFF_4.0 4.0.3 TIFFReadTile@LIBTIFF_4.0 4.0.3 TIFFRegisterCODEC@LIBTIFF_4.0 4.0.3 TIFFReverseBits@LIBTIFF_4.0 4.0.3 TIFFRewriteDirectory@LIBTIFF_4.0 4.0.3 TIFFScanlineSize64@LIBTIFF_4.0 4.0.3 TIFFScanlineSize@LIBTIFF_4.0 4.0.3 TIFFSetClientInfo@LIBTIFF_4.0 4.0.3 TIFFSetClientdata@LIBTIFF_4.0 4.0.3 TIFFSetCompressionScheme@LIBTIFF_4.0 4.0.3 TIFFSetDirectory@LIBTIFF_4.0 4.0.3 TIFFSetErrorHandler@LIBTIFF_4.0 4.0.3 TIFFSetErrorHandlerExt@LIBTIFF_4.0 4.0.3 TIFFSetField@LIBTIFF_4.0 4.0.3 TIFFSetFileName@LIBTIFF_4.0 4.0.3 TIFFSetFileno@LIBTIFF_4.0 4.0.3 TIFFSetMode@LIBTIFF_4.0 4.0.3 TIFFSetSubDirectory@LIBTIFF_4.0 4.0.3 TIFFSetTagExtender@LIBTIFF_4.0 4.0.3 TIFFSetWarningHandler@LIBTIFF_4.0 4.0.3 TIFFSetWarningHandlerExt@LIBTIFF_4.0 4.0.3 TIFFSetWriteOffset@LIBTIFF_4.0 4.0.3 TIFFSetupStrips@LIBTIFF_4.0 4.0.3 TIFFStripSize64@LIBTIFF_4.0 4.0.3 TIFFStripSize@LIBTIFF_4.0 4.0.3 TIFFSwabArrayOfDouble@LIBTIFF_4.0 4.0.3 TIFFSwabArrayOfFloat@LIBTIFF_4.0 4.0.3 TIFFSwabArrayOfLong8@LIBTIFF_4.0 4.0.3 TIFFSwabArrayOfLong@LIBTIFF_4.0 4.0.3 TIFFSwabArrayOfShort@LIBTIFF_4.0 4.0.3 TIFFSwabArrayOfTriples@LIBTIFF_4.0 4.0.3 TIFFSwabDouble@LIBTIFF_4.0 4.0.3 TIFFSwabFloat@LIBTIFF_4.0 4.0.3 TIFFSwabLong8@LIBTIFF_4.0 4.0.3 TIFFSwabLong@LIBTIFF_4.0 4.0.3 TIFFSwabShort@LIBTIFF_4.0 4.0.3 TIFFTileRowSize64@LIBTIFF_4.0 4.0.3 TIFFTileRowSize@LIBTIFF_4.0 4.0.3 TIFFTileSize64@LIBTIFF_4.0 4.0.3 TIFFTileSize@LIBTIFF_4.0 4.0.3 TIFFUnRegisterCODEC@LIBTIFF_4.0 4.0.3 TIFFUnlinkDirectory@LIBTIFF_4.0 4.0.3 TIFFUnsetField@LIBTIFF_4.0 4.0.3 TIFFVGetField@LIBTIFF_4.0 4.0.3 TIFFVGetFieldDefaulted@LIBTIFF_4.0 4.0.3 TIFFVSetField@LIBTIFF_4.0 4.0.3 TIFFVStripSize64@LIBTIFF_4.0 4.0.3 TIFFVStripSize@LIBTIFF_4.0 4.0.3 TIFFVTileSize64@LIBTIFF_4.0 4.0.3 TIFFVTileSize@LIBTIFF_4.0 4.0.3 TIFFWarning@LIBTIFF_4.0 4.0.3 TIFFWarningExt@LIBTIFF_4.0 4.0.3 TIFFWriteBufferSetup@LIBTIFF_4.0 4.0.3 TIFFWriteCheck@LIBTIFF_4.0 4.0.3 TIFFWriteCustomDirectory@LIBTIFF_4.0 4.0.3 TIFFWriteDirectory@LIBTIFF_4.0 4.0.3 TIFFWriteEncodedStrip@LIBTIFF_4.0 4.0.3 TIFFWriteEncodedTile@LIBTIFF_4.0 4.0.3 TIFFWriteRawStrip@LIBTIFF_4.0 4.0.3 TIFFWriteRawTile@LIBTIFF_4.0 4.0.3 TIFFWriteScanline@LIBTIFF_4.0 4.0.3 TIFFWriteTile@LIBTIFF_4.0 4.0.3 TIFFXYZToRGB@LIBTIFF_4.0 4.0.3 TIFFYCbCrToRGBInit@LIBTIFF_4.0 4.0.3 TIFFYCbCrtoRGB@LIBTIFF_4.0 4.0.3 XYZtoRGB24@LIBTIFF_4.0 4.0.3 _TIFFBuiltinCODECS@LIBTIFF_4.0 4.0.3 _TIFFCheckMalloc@LIBTIFF_4.0 4.0.3 _TIFFCheckRealloc@LIBTIFF_4.0 4.0.3 _TIFFCreateAnonField@LIBTIFF_4.0 4.0.3 _TIFFDataSize@LIBTIFF_4.0 4.0.3 _TIFFDefaultStripSize@LIBTIFF_4.0 4.0.3 _TIFFDefaultTileSize@LIBTIFF_4.0 4.0.3 _TIFFFax3fillruns@LIBTIFF_4.0 4.0.3 _TIFFFillStriles@LIBTIFF_4.0 4.0.3 _TIFFFindFieldByName@LIBTIFF_4.0 4.0.3 _TIFFFindOrRegisterField@LIBTIFF_4.0 4.0.3 _TIFFGetExifFields@LIBTIFF_4.0 4.0.3 _TIFFGetFields@LIBTIFF_4.0 4.0.3 _TIFFMergeFields@LIBTIFF_4.0 4.0.3 _TIFFMultiply32@LIBTIFF_4.0 4.0.3 _TIFFMultiply64@LIBTIFF_4.0 4.0.3 _TIFFNoFixupTags@LIBTIFF_4.0 4.0.3 _TIFFNoPostDecode@LIBTIFF_4.0 4.0.3 _TIFFNoPreCode@LIBTIFF_4.0 4.0.3 _TIFFNoRowDecode@LIBTIFF_4.0 4.0.3 _TIFFNoRowEncode@LIBTIFF_4.0 4.0.3 _TIFFNoSeek@LIBTIFF_4.0 4.0.3 _TIFFNoStripDecode@LIBTIFF_4.0 4.0.3 _TIFFNoStripEncode@LIBTIFF_4.0 4.0.3 _TIFFNoTileDecode@LIBTIFF_4.0 4.0.3 _TIFFNoTileEncode@LIBTIFF_4.0 4.0.3 _TIFFPrintFieldInfo@LIBTIFF_4.0 4.0.3 _TIFFRewriteField@LIBTIFF_4.0 4.0.3 _TIFFSetDefaultCompressionState@LIBTIFF_4.0 4.0.3 _TIFFSetupFields@LIBTIFF_4.0 4.0.3 _TIFFSwab16BitData@LIBTIFF_4.0 4.0.3 _TIFFSwab24BitData@LIBTIFF_4.0 4.0.3 _TIFFSwab32BitData@LIBTIFF_4.0 4.0.3 _TIFFSwab64BitData@LIBTIFF_4.0 4.0.3 _TIFFUInt64ToDouble@LIBTIFF_4.0 4.0.3 _TIFFUInt64ToFloat@LIBTIFF_4.0 4.0.3 _TIFFerrorHandler@LIBTIFF_4.0 4.0.3 _TIFFerrorHandlerExt@LIBTIFF_4.0 4.0.3 _TIFFfree@LIBTIFF_4.0 4.0.3 _TIFFgetMode@LIBTIFF_4.0 4.0.3 _TIFFmalloc@LIBTIFF_4.0 4.0.3 _TIFFmemcmp@LIBTIFF_4.0 4.0.3 _TIFFmemcpy@LIBTIFF_4.0 4.0.3 _TIFFmemset@LIBTIFF_4.0 4.0.3 _TIFFprintAscii@LIBTIFF_4.0 4.0.3 _TIFFprintAsciiTag@LIBTIFF_4.0 4.0.3 _TIFFrealloc@LIBTIFF_4.0 4.0.3 _TIFFsetByteArray@LIBTIFF_4.0 4.0.3 _TIFFsetDoubleArray@LIBTIFF_4.0 4.0.3 _TIFFsetFloatArray@LIBTIFF_4.0 4.0.3 _TIFFsetLong8Array@LIBTIFF_4.0 4.0.3 _TIFFsetLongArray@LIBTIFF_4.0 4.0.3 _TIFFsetNString@LIBTIFF_4.0 4.0.3 _TIFFsetShortArray@LIBTIFF_4.0 4.0.3 _TIFFsetString@LIBTIFF_4.0 4.0.3 _TIFFwarningHandler@LIBTIFF_4.0 4.0.3 _TIFFwarningHandlerExt@LIBTIFF_4.0 4.0.3 libport_dummy_function@LIBTIFF_4.0 4.0.3 uv_decode@LIBTIFF_4.0 4.0.3 uv_encode@LIBTIFF_4.0 4.0.3 debian/libtiff5-dev.install0000644000000000000000000000025212256047746013052 0ustar debian/tmp/usr/lib/*/lib*.so debian/tmp/usr/lib/*/lib*.a debian/tmp/usr/lib/*/lib*.la debian/tmp/usr/lib/*/pkgconfig debian/tmp/usr/include debian/tmp/usr/share/man/man3 debian/rules0000755000000000000000000000236212256047746010266 0ustar #!/usr/bin/make -f # Enable all hardening options. export DEB_BUILD_MAINT_OPTIONS = hardening=+all DPKG_EXPORT_BUILDFLAGS = 1 include /usr/share/dpkg/buildflags.mk # Variables used by cdbs DEB_COMPRESS_EXCLUDE = html CPPFLAGS += -D_REENTRANT export CPPFLAGS # Include cdbs rules files. include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/autotools.mk include /usr/share/cdbs/1/rules/autoreconf.mk DEB_CONFIGURE_USER_FLAGS = --with-docdir="\$${prefix}/share/doc/libtiff-doc" \ --libdir="\$${prefix}/lib/$(DEB_HOST_MULTIARCH)" \ --includedir="\$${prefix}/include/$(DEB_HOST_MULTIARCH)" \ --enable-ld-version-script clean:: $(RM) *.cdbs-config_list $(RM) debian/*.preinst # tiffgt is in libtiff-opengl so libtiff-tools doesn't have to have # all the X and opengl dependencies. binary-post-install/libtiff-tools:: $(RM) debian/libtiff-tools/usr/bin/tiffgt $(RM) debian/libtiff-tools/usr/share/man/man1/tiffgt.1* # Empty dependency_libs from all .la files binary-post-install/libtiff5-dev:: sed -i "s,^dependency_libs=.*,dependency_libs=''," \ debian/libtiff5-dev/usr/lib/*/*.la # Create preinst binary-post-install/%:: if [ "$*" != "libtiff5" ]; then \ sed -e s/PKG/$*/g < debian/all-preinst > debian/$*.preinst; \ fi debian/libtiff-opengl.install0000644000000000000000000000010112256047746013464 0ustar debian/tmp/usr/bin/tiffgt debian/tmp/usr/share/man/man1/tiffgt.1 debian/README.Debian0000644000000000000000000000307312256047746011247 0ustar Note that tiff 4.x packages libtiff5, while tiff 3.x packaged libtiff4. During the libtiff4 -> libtiff5 transition, the tiff source package is providing transitional packages for libtiff4-dev and libtiff5-alt-dev. If you have a package with a build dependency on libtiff-dev, you don't have to care about any of this. Otherwise, the notes below describe what you should do to make sure your package is ready for the transition. * If your package build-depends on libtiff-dev already, no action required; the release team will automatically schedule a rebuild of your package at the appropriate time. * If your package depends on libtiff4-dev but can work fine with tiff 4.x (most packages), replace your dependency on libtiff4-dev with a new dependency on libtiff-dev. * If your package build-depends on libtiff5-dev or libtiff5-alt-dev and is known to work with both tiff 3.x and tiff 4.x (i.e., it does not use the BIGTIFF extensions in tiff 4.x), you can just change the build dependency to an unversioned libtiff-dev. You can also remove any special code that you may have added to your package to get it to find tiff in the non-standard location. If you were finding tiff with pkg-config, you shouldn't have to make any changes to your package other than the build dependency. * If your package build-depends on libtiff5-dev, you don't HAVE to do anything, but you may be helping yourself in the future if you change the build dependency to libtiff-dev (>> 4.0.3-6~). -- Jay Berkenbilt , Thu, 5 Dec 2013 12:55:17 -0500 debian/libtiff-doc.doc-base0000644000000000000000000000041612256047746012765 0ustar Document: libtiff-doc Title: TIFF Software Author: Sam Leffler Abstract: Support for the Tag Image File Format (TIFF) for storing image data. Section: Graphics Format: HTML Index: /usr/share/doc/libtiff-doc/html/index.html Files: /usr/share/doc/libtiff-doc/html/*.html debian/control0000644000000000000000000000744112256047746010614 0ustar Source: tiff Section: libs Priority: optional Maintainer: Jay Berkenbilt Build-Depends: cdbs (>= 0.4.106~), debhelper (>> 9), dh-autoreconf, dpkg-dev (>= 1.16.1~), autotools-dev, zlib1g-dev, libjpeg-dev, libxmu-dev, libglu1-mesa-dev, freeglut3-dev, libxi-dev, libjbig-dev, liblzma-dev Standards-Version: 3.9.5 Homepage: http://libtiff.maptools.org Package: libtiff5 Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, ${shlibs:Depends} Description: Tag Image File Format (TIFF) library libtiff is a library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. This package includes the shared library. Package: libtiffxx5 Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, ${shlibs:Depends} Description: Tag Image File Format (TIFF) library -- C++ interface libtiff is a library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. This package includes the shared library for the experimental C++ interfaces. Package: libtiff5-dev Section: libdevel Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, libtiff5 (= ${binary:Version}), libtiffxx5 (= ${binary:Version}), libc6-dev | libc-dev, zlib1g-dev, libjpeg-dev, libjbig-dev, liblzma-dev Replaces: libtiff5-alt-dev (<< 4.0.3-6~), libtiff4-dev (<< 4.0.3-6~) Conflicts: libtiff5-alt-dev (<< 4.0.3-6~), libtiff4-dev (<< 4.0.3-6~) Provides: libtiff-dev Description: Tag Image File Format library (TIFF), development files libtiff is a library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. This package includes the development files, static library, and header files. Package: libtiff-tools Section: graphics Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends} Suggests: libtiff-opengl Description: TIFF manipulation and conversion tools libtiff is a library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. This package includes tools for converting TIFF images to and from other formats and tools for doing simple manipulations of TIFF images. See also libtiff-opengl. Package: libtiff-opengl Section: graphics Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends} Description: TIFF manipulation and conversion tools libtiff is a library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. This package contains libtiff tools that depend upon opengl. It complements the libtiff-tools package, which contains the libtiff tools that don't depend upon opengl. Package: libtiff-doc Section: doc Depends: ${misc:Depends} Architecture: all Description: TIFF manipulation and conversion documentation libtiff is a library providing support for the Tag Image File Format (TIFF), a widely used format for storing image data. This package contains documentation. Package: libtiff5-alt-dev Section: oldlibs Priority: extra Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, libtiff5-dev (>> 4.0.3-6~) Description: Tag Image File Format library (TIFF), transitional package This is a transitional package that can be safely removed. Build dependencies on libtiff5-alt-dev should be replaced with build dependencies on libtiff-dev. Package: libtiff4-dev Section: oldlibs Priority: extra Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, libtiff5-dev (>> 4.0.3-6~) Description: Tag Image File Format library (TIFF), transitional package This is a transitional package that can be safely removed. Build dependencies on libtiff4-dev should be replaced with build dependencies on libtiff-dev. debian/libtiff5.install0000644000000000000000000000004212256047746012273 0ustar debian/tmp/usr/lib/*/libtiff.so.* debian/libtiff4-dev.lintian-overrides0000644000000000000000000000027012256047746015041 0ustar # # The synopsis line starts with a capital letter because of the TIFF # acronym, not because it contains a sentence. # libtiff4-dev: description-synopsis-starts-with-a-capital-letter debian/libtiff5.lintian-overrides0000644000000000000000000000026412256047746014271 0ustar # # The synopsis line starts with a capital letter because of the TIFF # acronym, not because it contains a sentence. # libtiff5: description-synopsis-starts-with-a-capital-letter debian/source/0000755000000000000000000000000012256047746010503 5ustar debian/source/format0000644000000000000000000000001412256047746011711 0ustar 3.0 (quilt) debian/libtiffxx5.install0000644000000000000000000000004412256047746012655 0ustar debian/tmp/usr/lib/*/libtiffxx.so.* debian/libtiff-tools.install0000644000000000000000000000006112256047746013345 0ustar debian/tmp/usr/bin debian/tmp/usr/share/man/man1 debian/libtiffxx5.lintian-overrides0000644000000000000000000000026612256047746014653 0ustar # # The synopsis line starts with a capital letter because of the TIFF # acronym, not because it contains a sentence. # libtiffxx5: description-synopsis-starts-with-a-capital-letter debian/compat0000644000000000000000000000000212256047746010401 0ustar 9 debian/README.source0000644000000000000000000000251412256047746011364 0ustar INFORMATION SPECIFIC TO THE TIFF PACKAGE ======================================== The tiff upstream maintainers have a tendency to make mistakes that introduce binary incompatibility between one version of tiff and another. In order to verify binary compatibility, it is strongly recommended to build a new library and install the new library without installing the new tools. Then test the tools with the test images provided by upstream. Additionally, when checking the sources to look for ABI changes, you must check both the public header files (tiff.h and tiffio.h) and the source file libtiff/tif_dirinfo.c which maps tag names to types. Changes in the tag name to type mapping also result in binary incompatibility because of the field setting and getting functions using variable arguments. The tiff packages get a fair number of security-related bug reports. In the interest of keeping the quality of the tiff software as high as possible, it's good for the debian and Red Hat maintainers to be in touch. As of this writing, the Red Hat maintaner, Tom Lane, agrees. The latest Red Hat package can be found here: http://download.fedora.redhat.com/pub/fedora/linux/development/source/SRPMS/ You can also see their CVS: http://cvs.fedoraproject.org/viewvc/rpms/libtiff/ -- Jay Berkenbilt , Wed, 10 Feb 2010 19:21:26 -0500 debian/watch0000644000000000000000000000010212256047746010225 0ustar version=3 http://download.osgeo.org/libtiff/tiff-([\d\.]+).tar.gz