%define major 5
%define libname %mklibname tiff %{major}
%define develname %mklibname tiff -d
%define staticdevelname %mklibname tiff -d -s
Summary: A library of functions for manipulating TIFF format image files
Name: libtiff
Version: 4.0.6
%define subrel 6
Release: %mkrel 1
License: BSD-like
Group: System/Libraries
URL: http://www.simplesystems.org/libtiff/
#Source0: ftp://download.osgeo.org/libtiff/tiff-%{version}.tar.gz
Source0: tiff-20161112.tar.xz
Patch1: libtiff-CVE-2014-8128.patch
Patch2: libtiff-CVE-2015-7554.patch
BuildRequires: jbig-devel
BuildRequires: libjpeg-devel
BuildRequires: freeglut-devel
BuildRequires: zlib-devel
BuildRequires: lzma-devel
%description
The libtiff package contains a library of functions for manipulating TIFF
(Tagged Image File Format) image format files. TIFF is a widely used file
format for bitmapped images. TIFF files usually end in the .tif extension
and they are often quite large.
%package progs
Summary: Binaries needed to manipulate TIFF format image files
Group: Graphics/Utilities
Requires: %{libname} = %{version}
Obsoletes: libtiff3-progs
Provides: libtiff3-progs = %{version}-%{release}
%description progs
This package provides binaries needed to manipulate TIFF format image files.
%package -n %{libname}
Summary: A library of functions for manipulating TIFF format image files
Group: System/Libraries
Obsoletes: %{name} < %{version}
Provides: %{name} = %{version}-%{release}
%description -n %{libname}
The libtiff package contains a library of functions for manipulating TIFF
(Tagged Image File Format) image format files. TIFF is a widely used file
format for bitmapped images. TIFF files usually end in the .tif extension
and they are often quite large.
%package -n %{develname}
Summary: Development tools for programs which will use the libtiff library
Group: Development/C
Requires: %{libname} = %{version}
Provides: %{name}-devel = %{version}-%{release}
Provides: tiff-devel = %{version}-%{release}
Obsoletes: %{mklibname tiff 3 -d}
%description -n %{develname}
This package contains the header files and .so libraries for developing
programs which will manipulate TIFF format image files using the libtiff
library.
%package -n %{staticdevelname}
Summary: Static libraries for programs which will use the libtiff library
Group: Development/C
Requires: %{develname} = %{version}
Provides: %{name}-static-devel = %{version}-%{release}
Provides: tiff-static-devel = %{version}-%{release}
Obsoletes: %{mklibname tiff 3 -d -s}
%description -n %{staticdevelname}
This package contains the static libraries for developing
programs which will manipulate TIFF format image files using the libtiff
library.
%prep
%setup -q -n tiff-20161112
%patch1 -p0
%patch2 -p1
%build
%configure2_5x --enable-static --with-docdir=%{_datadir}/doc/%{develname} --enable-ld-version-script
%make
%check
LD_LIBRARY_PATH=$PWD:$LD_LIBRARY_PATH make check
%install
%makeinstall_std
rm -f %{buildroot}%{_libdir}/*.la
# remove man pages for programs that are not provided anymore
rm -f %{buildroot}%{_mandir}/man1/rgb2ycbcr.1*
rm -f %{buildroot}%{_mandir}/man1/thumbnail.1*
# multiarch policy
%multiarch_includes %{buildroot}%{_includedir}/tiffconf.h
%files progs
%{_bindir}/*
%{_mandir}/man1/*
%files -n %{libname}
%{_libdir}/*.so.%{major}*
%files -n %{develname}
%doc %{_datadir}/doc/%{develname}
%{_includedir}/*.h*
%{multiarch_includedir}/tiffconf.h
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%{_mandir}/man3/*
%files -n %{staticdevelname}
%doc COPYRIGHT README TODO VERSION
%{_libdir}/*.a
%changelog
* Mon Nov 14 2016 ns80 <ns80> 4.0.6-1.6.mga5
+ Revision: 1067195
- update to latest CVS commit to fix CVE-2016-9273 and CVE-2016-9297 (mga#19758)
- update to 2016-10-26 CVS commit to fix:
* an out-of-bound read of up to 3 bytes in readContigTilesIntoBuffer()
* an out-of-bound read on some tiled images
* CVE-2014-8127 (duplicate: CVE-2016-3658)
* segfault when specifying -r without argument (fax2tiff)
- update to 2016-10-09 CVS commit for CVE-2016-5652 and 3 other security issues (mga#17480)
- address a long list of CVEs (mga#17480):
* update to latest CVS commit for CVE-2015-8668, CVE-2016-3186 (gif2tiff
tool is not provided anymore), CVE-2016-3622, CVE-2016-3623, CVE-2016-3632,
CVE-2016-3945, CVE-2016-3990, CVE-2016-3991, CVE-2016-5314, CVE-2016-5315,
CVE-2016-5316, CVE-2016-5317, CVE-2016-5320, CVE-2016-5321, CVE-2016-5322,
CVE-2016-5323, CVE-2016-5875, CVE-2016-6223
* add a patch from Redhat for CVE-2015-7554 (partial solution, it seems)
- some programs are not provided anymore (package libtiff-progs): bmp2tiff,
gif2tiff, ras2tiff, rgb2ycbcr and thumbnail
+ luigiwalser <luigiwalser>
- add patch suggested upstream (maptools#2499)
- fixes remaining CVE-2014-8128 issue unfixed upstream
- sync with upstream cvs 20151227, fixes mga#15519, CVE-2015-8665, CVE-2015-8683
- 4.0.6
- 4.0.5
- 4.0.4 (final)
- remove opensuse patches (security issues they fixed and regressions they
caused were fixed upstream)
* Wed Mar 18 2015 luigiwalser <luigiwalser> 4.0.4-0.1.mga5
+ Revision: 818759
- 4.0.4beta (fully fixes CVE-2014-8127)
- remove upstream patches
* Mon Mar 09 2015 luigiwalser <luigiwalser> 4.0.3-11.mga5
+ Revision: 818271
- add patches from OpenSuSE to fix:
- CVE-2014-812[7-9], CVE-2014-8130, CVE-2014-9655, and CVE-2015-1547
* Wed Oct 15 2014 umeabot <umeabot> 4.0.3-10.mga5
+ Revision: 742880
- Second Mageia 5 Mass Rebuild
* Tue Sep 16 2014 umeabot <umeabot> 4.0.3-9.mga5
+ Revision: 681812
- Mageia 5 Mass Rebuild
* Sun Oct 20 2013 umeabot <umeabot> 4.0.3-8.mga4
+ Revision: 536718
- Mageia 4 Mass Rebuild
* Tue Sep 24 2013 luigiwalser <luigiwalser> 4.0.3-7.mga4
+ Revision: 485465
- add patch from opensuse to fix CVE-2013-4243
* Wed Aug 28 2013 luigiwalser <luigiwalser> 4.0.3-6.mga4
+ Revision: 472649
- add patch from debian to fix CVE-2013-4244
* Mon Aug 19 2013 luigiwalser <luigiwalser> 4.0.3-5.mga4
+ Revision: 467997
- add patches from fedora to fix CVE-2013-4231 and CVE-2013-4232
* Fri May 03 2013 luigiwalser <luigiwalser> 4.0.3-4.mga3
+ Revision: 412150
- add patches from fedora to fix CVE-2013-1960 and CVE-2013-1961
* Sat Jan 12 2013 umeabot <umeabot> 4.0.3-3.mga3
+ Revision: 358249
- Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild
+ boklm <boklm>
- Update group: Graphics/Other -> Graphics/Utilities
* Thu Nov 15 2012 luigiwalser <luigiwalser> 4.0.3-2.mga3
+ Revision: 318232
- add patch from redhat to fix CVE-2012-4564
* Tue Oct 23 2012 luigiwalser <luigiwalser> 4.0.3-1.mga3
+ Revision: 309517
- 4.0.3
- patch raw_decode test to work with libjpeg-turbo
* Tue Oct 23 2012 luigiwalser <luigiwalser> 4.0.2-3.mga3
+ Revision: 309490
- revert to 4.0.2
- add patch from debian to fix CVE-2012-4447
- 4.0.3
+ fwang <fwang>
- use ld_library_path
* Thu Jul 19 2012 luigiwalser <luigiwalser> 4.0.2-2.mga3
+ Revision: 272692
- fix CVE-2012-3401 (from RedHat)
* Tue Jul 03 2012 luigiwalser <luigiwalser> 4.0.2-1.mga3
+ Revision: 267040
- 4.0.2 (fixes CVE-2012-2113)
* Thu Apr 05 2012 luigiwalser <luigiwalser> 4.0.1-2.mga2
+ Revision: 228674
- fix CVE-2012-1173 (from mdv)
* Sun Feb 19 2012 fwang <fwang> 4.0.1-1.mga2
+ Revision: 210744
- enable ld version script
- new version 4.0.1
* Thu Dec 22 2011 fwang <fwang> 4.0.0-1.mga2
+ Revision: 186081
- new version 4.0.0
* Fri Sep 23 2011 fwang <fwang> 3.9.5-1.mga2
+ Revision: 146947
- switch to freeglut
* Wed Apr 20 2011 pterjan <pterjan> 3.9.5-1.mga1
+ Revision: 88881
- Update to 3.9.5
* Tue Jan 11 2011 pterjan <pterjan> 3.9.4-3.mga1
+ Revision: 5548
- Drop obsolete scriptlets
- imported package libtiff
* Thu Sep 30 2010 Oden Eriksson <oeriksson@mandriva.com> 3.9.4-3mdv2011.0
+ Revision: 582193
- sync with MDVSA-2010:190
* Fri Aug 06 2010 Oden Eriksson <oeriksson@mandriva.com> 3.9.4-2mdv2011.0
+ Revision: 567027
- P2: security fix for CVE-2010-2595
- P3: security fix for CVE-2010-2483
- P4: security fix for CVE-2010-2597
- P5: http://bugzilla.maptools.org/show_bug.cgi?id=2218 (tiffdump crashes on unreasonably large dircount)
- P6: security fix for CVE-2010-2233
- P7: http://bugzilla.maptools.org/show_bug.cgi?id=2210 (additional fixes for CVE-2010-2481)
- P8: security fix for CVE-2010-2482
* Mon Jul 12 2010 Oden Eriksson <oeriksson@mandriva.com> 3.9.4-1mdv2011.0
+ Revision: 551257
- 3.9.4
* Sun Jan 10 2010 Oden Eriksson <oeriksson@mandriva.com> 3.9.2-2mdv2010.1
+ Revision: 488784
- rebuilt against libjpeg v8
* Fri Nov 06 2009 Oden Eriksson <oeriksson@mandriva.com> 3.9.2-1mdv2010.1
+ Revision: 461145
- 3.9.2
- the format string patch (P0) was applied upstream
* Fri Oct 02 2009 Oden Eriksson <oeriksson@mandriva.com> 3.9.1-4mdv2010.0
+ Revision: 452663
- fix #54150 (SPEC file contains wrong project URL)
* Sun Aug 30 2009 Oden Eriksson <oeriksson@mandriva.com> 3.9.1-3mdv2010.0
+ Revision: 422565
- fix obsoletes (anssi)
* Sun Aug 30 2009 Oden Eriksson <oeriksson@mandriva.com> 3.9.1-2mdv2010.0
+ Revision: 422558
- the devel package obsoletes itself (anssi)
* Sun Aug 30 2009 Oden Eriksson <oeriksson@mandriva.com> 3.9.1-1mdv2010.0
+ Revision: 422431
- 3.9.1
- drop all patches implemented upstream
- rediffed the string format patch
- fix cleaner docs
- cleanup the spec file a bit
* Sat Aug 15 2009 Oden Eriksson <oeriksson@mandriva.com> 3.8.2-16mdv2010.0
+ Revision: 416523
- rebuilt against libjpeg v7
* Tue Jul 14 2009 Oden Eriksson <oeriksson@mandriva.com> 3.8.2-15mdv2010.0
+ Revision: 395912
- P6: security fix for CVE-2009-2285 (redhat)
- P7: security fix for CVE-2009-2347 (redhat)
* Mon May 11 2009 Oden Eriksson <oeriksson@mandriva.com> 3.8.2-14mdv2010.0
+ Revision: 374654
- fix #50788 (tiff2pdf ignores JPEG compression quality)
- fix build
* Thu Dec 18 2008 Oden Eriksson <oeriksson@mandriva.com> 3.8.2-13mdv2009.1
+ Revision: 315623
- use LDFLAGS from the %%configure macro
- use %%optflags
- fix build with -Werror=format-security (P4)
* Fri Sep 05 2008 Oden Eriksson <oeriksson@mandriva.com> 3.8.2-12mdv2009.0
+ Revision: 281203
- P3: security fix for CVE-2008-2327
* Tue Jun 17 2008 Thierry Vignaud <tv@mandriva.org> 3.8.2-11mdv2009.0
+ Revision: 223011
- rebuild
+ Pixel <pixel@mandriva.com>
- do not call ldconfig in %%post/%%postun, it is now handled by filetriggers
- adapt to %%_localstatedir now being /var instead of /var/lib (#22312)
* Tue Mar 04 2008 Oden Eriksson <oeriksson@mandriva.com> 3.8.2-10mdv2008.1
+ Revision: 178953
- rebuild
+ Thierry Vignaud <tv@mandriva.org>
- rebuild
- kill re-definition of %%buildroot on Pixel's request
+ Olivier Blin <oblin@mandriva.com>
- restore BuildRoot
* Tue Oct 31 2006 Oden Eriksson <oeriksson@mandriva.com> 3.8.2-8mdv2007.0
+ Revision: 74790
- rebuild
- bzip2 cleanup
- rebuild
- bunzip patches
- Import libtiff
* Thu Sep 07 2006 Stew Benedict <sbenedict@mandriva.com> 3.8.2-5mdv2007.0
- fix %%files in -devel so we don't provide %%{multiarch_includedir}
* Wed Aug 02 2006 Stew Benedict <sbenedict@mandriva.com> 3.8.2-4mdv2007.0
- P2: security fix for CVE-2006-3459-thru-3465
- rpmlint
* Fri Jun 16 2006 Stew Benedict <sbenedict@mandriva.com> 3.8.2-3mdv2007.0
- P1: security fix for CVE-2006-2193
* Wed Jun 07 2006 Stew Benedict <sbenedict@mandriva.com> 3.8.2-2mdv2007.0
- P0: security fix for CVE-2006-2656
* Wed Apr 19 2006 Stew Benedict <sbenedict@mandriva.com> 3.8.2-1mdk
- 3.8.2
* Thu Mar 16 2006 Olivier Blin <oblin@mandriva.com> 3.6.1-14mdk
- from Vincent Danen: security fix for CVE-2005-1544 (P105)
* Sun Jan 01 2006 Mandriva Linux Team <http://www.mandrivaexpert.com/> 3.6.1-13mdk
- Rebuild
* Fri Aug 19 2005 Olivier Blin <oblin@mandriva.com> 3.6.1-12mdk
- from Stew Benedict: security update for CAN-2005-2452 (P104)
* Wed Mar 23 2005 Olivier Blin <oblin@mandrakesoft.com> 3.6.1-11mdk
- Patch8: fix man page about tiffsplit filename range (CVS, #12071)
* Tue Mar 22 2005 Olivier Blin <oblin@mandrakesoft.com> 3.6.1-10mdk
- update Patch103: do not abort if an unknown tag is found (#13125)
* Thu Mar 10 2005 Christiaan Welvaart <cjw@daneel.dyndns.org> 3.6.1-9mdk
- build fix: do not pass cflags to make
* Mon Feb 28 2005 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 3.6.1-8mdk
- cross-endian multiarch fixes
* Tue Jan 25 2005 Frederic Lepied <flepied@mandrakesoft.com> 3.6.1-7mdk
- parallel build
- really fix MDKSA-2005:001
* Tue Jan 25 2005 Michael Scherer <misc@mandrake.org> 3.6.1-6mdk
- security fix ( patch #102 )
* Wed Oct 27 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 3.6.1-5mdk
- added security fixes for buffer and integer overflows (P100 & P101)
* Fri Oct 08 2004 Olivier Blin <blino@mandrake.org> 3.6.1-4mdk
- fix Hylafax decoding, see :
http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=500
* Mon Sep 13 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 3.6.1-3mdk
- add missing headers
- misc spec file fixes
* Fri May 28 2004 Buchan Milne <bgmilne@linux-mandrake.com> 3.6.1-2mdk
- Merge back changes I clobbered
- rediff P0,P1,P4
* Sat May 15 2004 Buchan Milne <bgmilne@linux-mandrake.com> 3.6.1-1mdk
- 3.6.1
