From f1ef2f644078ce7fd84f5b2cd20f2cf6d3fe2170 Mon Sep 17 00:00:00 2001 From: Dominyk Tiller Date: Mon, 9 Jan 2017 06:10:33 +0000 Subject: [PATCH] libtiff: apply upstream security fixes Closes #8639. Signed-off-by: ilovezfs --- Formula/libtiff.rb | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/Formula/libtiff.rb b/Formula/libtiff.rb index a73ada2024..8d7993cf0d 100644 --- a/Formula/libtiff.rb +++ b/Formula/libtiff.rb @@ -4,6 +4,7 @@ class Libtiff < Formula url "http://download.osgeo.org/libtiff/tiff-4.0.7.tar.gz" mirror "https://mirrors.ocf.berkeley.edu/debian/pool/main/t/tiff/tiff_4.0.7.orig.tar.gz" sha256 "9f43a2cfb9589e5cecaa66e16bf87f814c945f22df7ba600d63aac4632c4f019" + revision 1 bottle do cellar :any @@ -19,6 +20,30 @@ class Libtiff < Formula depends_on "jpeg" depends_on "xz" => :optional + # Patches from Debian for CVE-2016-10094, and various other issues. + # All reported upstream, so should be safe to remove this block on next stable. + patch do + url "https://mirrors.ocf.berkeley.edu/debian/pool/main/t/tiff/tiff_4.0.7-4.debian.tar.xz" + mirror "https://mirrorservice.org/sites/ftp.debian.org/debian/pool/main/t/tiff/tiff_4.0.7-4.debian.tar.xz" + sha256 "74c9c85b43e1bb1016f96665090da7d8481a48f66a53a43100ab78f729cef0c0" + apply "patches/01-CVE.patch", + "patches/02-CVE.patch", + "patches/03-CVE.patch", + "patches/04-CVE.patch", + "patches/05-CVE.patch", + "patches/06-CVE.patch", + "patches/07-CVE.patch", + "patches/08-CVE.patch", + "patches/09-CVE.patch", + "patches/10-CVE.patch", + "patches/11-CVE.patch", + "patches/12-CVE.patch", + "patches/13-CVE.patch", + "patches/14-CVE.patch", + "patches/15-TIFFFaxTabEnt_bugfix.patch", + "patches/16-CVE-2016-10094.patch" + end + def install ENV.universal_binary if build.universal? ENV.cxx11 if build.cxx11?