Hi, It is patch for CVE-2010-2065, taken from upstream bugzilla. Please consider to apply it. -- Regards, Hideki Yamane henrich @ debian.or.jp/org http://wiki.debian.org/HidekiYamane
taken from http://bugzilla.maptools.org/show_bug.cgi?id=2207 Index: tiff-3.9.4/libtiff/tif_getimage.c =================================================================== --- tiff-3.9.4.orig/libtiff/tif_getimage.c 2010-08-13 14:06:16.999247831 +0900 +++ tiff-3.9.4/libtiff/tif_getimage.c 2010-08-13 14:13:06.159248387 +0900 @@ -1846,6 +1846,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr22tile) { uint32* cp2; + int32 incr = 2*toskew+w; (void) y; fromskew = (fromskew / 2) * 6; cp2 = cp+w+toskew; @@ -1872,8 +1873,8 @@ cp2 ++ ; pp += 6; } - cp += toskew*2+w; - cp2 += toskew*2+w; + cp += incr; + cp2 += incr; pp += fromskew; h-=2; } @@ -1939,6 +1940,7 @@ DECLAREContigPutFunc(putcontig8bitYCbCr12tile) { uint32* cp2; + int32 incr = 2*toskew+w; (void) y; fromskew = (fromskew / 2) * 4; cp2 = cp+w+toskew; @@ -1953,8 +1955,8 @@ cp2 ++; pp += 4; } while (--x); - cp += toskew*2+w; - cp2 += toskew*2+w; + cp += incr; + cp2 += incr; pp += fromskew; h-=2; }
Attachment:
pgprNvhJoqIqC.pgp
Description: PGP signature