[arch-commits] Commit in lib32-libtiff/trunk (PKGBUILD)
David Runge
dvzrv at gemini.archlinux.org
Mon Aug 15 17:16:46 UTC 2022
Date: Monday, August 15, 2022 @ 17:16:46
Author: dvzrv
Revision: 1266191
upgpkg: lib32-libtiff 4.4.0-4: Rebuild to apply fix for CVE-2022-34526.
Apply upstream patch for CVE-2022-34526: https://bugs.archlinux.org/task/75608
Modified:
lib32-libtiff/trunk/PKGBUILD
----------+
PKGBUILD | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2022-08-15 17:09:45 UTC (rev 1266190)
+++ PKGBUILD 2022-08-15 17:16:46 UTC (rev 1266191)
@@ -5,7 +5,7 @@
_pkgname=libtiff
pkgname=lib32-${_pkgname}
pkgver=4.4.0
-pkgrel=3
+pkgrel=4
pkgdesc='Library for manipulation of TIFF images (32-bit)'
url='http://www.simplesystems.org/libtiff/'
arch=('x86_64')
@@ -17,13 +17,17 @@
https://download.osgeo.org/libtiff/tiff-${pkgver}.tar.gz{,.sig}
# fix CVE-2022-2056 / CVE-2022-2057 / CVE-2022-2058: https://bugs.archlinux.org/task/75360
$pkgname-4.4.0-fpe_tiffcrop.patch::https://gitlab.com/libtiff/libtiff/-/commit/dd1bcc7abb26094e93636e85520f0d8f81ab0fab.patch
+ # fix CVE-2022-34526: https://bugs.archlinux.org/task/75608
+ $pkgname-4.4.0-CVE-2022-34526.patch::https://gitlab.com/libtiff/libtiff/-/commit/275735d0354e39c0ac1dc3c0db2120d6f31d1990.patch
)
sha512sums=('78ffab7667d0feb8d38571bc482390fc6dd20b93a798ab3a8b5cc7d5ab00b44a37f67eb8f19421e4ab33ad89ab40e382128f8a4bbdf097e0efb6d9fca5ac6f9e'
'SKIP'
- '5e36f443bbbfdd1270cb1f4d3ce4b0b415d658fe7e14764b315db73606ea28e854661cda74f1c5ccb00a2247431b966b9ac5271a1e3204837f79cb6fc50bf5bf')
+ '5e36f443bbbfdd1270cb1f4d3ce4b0b415d658fe7e14764b315db73606ea28e854661cda74f1c5ccb00a2247431b966b9ac5271a1e3204837f79cb6fc50bf5bf'
+ '083a49f005bdba484ec78d1d7d8fd5a2c355f88d3a4a0a02b5c0522dc81ed5116fbeb4d45db886006277745b77c337c1bdce0b655d6a81ae570f079a2dfea57c')
b2sums=('1480aca5f9b3d4509229fb6c1b967bdeb2053c4100f21d486d9f4a375742249aa7f54d6b5ab27679075499c226a011bc65988e22c064b3986d89f2cf5b0200dc'
'SKIP'
- '2dc47541b05e6c674c3fa3f7109528d7001a494af937fc57f1862ce75dc467dd4acd6892de1bd017d182b1dcbb80242cffa27f0f3ebde3ed57ee13df5b733821')
+ '2dc47541b05e6c674c3fa3f7109528d7001a494af937fc57f1862ce75dc467dd4acd6892de1bd017d182b1dcbb80242cffa27f0f3ebde3ed57ee13df5b733821'
+ '13eaf64bd306cb1b26ac643d56d3cb9a115a0994efb2853020825a503e2dc948c7a672b05586f148b243173b45a915d2282523cf465e9d02e9b8415ed0bfcd22')
validpgpkeys=(
'EBDFDB21B020EE8FD151A88DE301047DE1198975' # Bob Friesenhahn <bfriesen at simple.dallas.tx.us>
'B1FA7D81EEB8E66399178B9733EBBFC47B3DD87D' # Even Rouault <even.rouault at spatialys.com>
More information about the arch-commits
mailing list