On 22/12/14 18:08, Tomasz Buchert wrote: > On 19/12/14 22:05, Balint Reczey wrote: > > Hi Jay, > > > > [...] > > > > Cheers, > > Balint > > > > Hi guys, > I didn't notice that upstream made a fix based on what I found. I'll > try to prepare an NMU right now. > > Tomasz >
Here is a NMU. Feel free to adapt it if you feel like it. Tomasz
diff -Nru tiff-4.0.3/debian/changelog tiff-4.0.3/debian/changelog --- tiff-4.0.3/debian/changelog 2014-06-29 23:32:44.000000000 +0200 +++ tiff-4.0.3/debian/changelog 2014-12-22 18:51:23.000000000 +0100 @@ -1,3 +1,10 @@ +tiff (4.0.3-10.1) unstable; urgency=medium + + * Non-maintainer upload + * Don't crash on JPEG => non-JPEG conversion (Closes: #741451) + + -- Tomasz Buchert <tomasz.buch...@inria.fr> Tue, 28 Oct 2014 18:11:18 +0100 + tiff (4.0.3-10) unstable; urgency=medium * Remove libtiff4-dev, completing the tiff transition. Packages that diff -Nru tiff-4.0.3/debian/patches/bug-741451.patch tiff-4.0.3/debian/patches/bug-741451.patch --- tiff-4.0.3/debian/patches/bug-741451.patch 1970-01-01 01:00:00.000000000 +0100 +++ tiff-4.0.3/debian/patches/bug-741451.patch 2014-12-22 19:09:35.000000000 +0100 @@ -0,0 +1,36 @@ +Description: fix for Debian bug #741451 + tiffcp crashes when converting JPEG-encoded TIFF to a different + encoding (like none or lzw). For example this will probably fail: + . + tiffcp -c none jpeg_encoded_file.tif output.tif + . + The reason is that when the input file contains JPEG data, + the tiffcp code forces conversion to RGB space. However, + the output normally inherits YCbCr subsampling parameters + from the input, which leads to a smaller working buffer + than necessary. The buffer is subsequently overrun inside + cpStripToTile() (called from writeBufferToContigTiles). + Note that the resulting TIFF file would be scrambled even + if tiffcp wouldn't crash, since the output file would contain + RGB data intepreted as subsampled YCbCr values. + . + This patch fixes the problem by forcing RGB space on the output + TIF if the input is JPEG-encoded and output is *not* JPEG-encoded. + Fixed upstream: http://bugzilla.maptools.org/show_bug.cgi?id=2480 +Author: Tomasz Buchert <tomasz.buch...@inria.fr> + +--- a/tools/tiffcp.c ++++ b/tools/tiffcp.c +@@ -629,6 +629,12 @@ + TIFFSetField(out, TIFFTAG_PHOTOMETRIC, + samplesperpixel == 1 ? + PHOTOMETRIC_LOGL : PHOTOMETRIC_LOGLUV); ++ else if (input_compression == COMPRESSION_JPEG && ++ samplesperpixel == 3) { ++ /* RGB conversion was forced above ++ hence the output will be of the same type */ ++ TIFFSetField(out, TIFFTAG_PHOTOMETRIC, PHOTOMETRIC_RGB); ++ } + else + CopyTag(TIFFTAG_PHOTOMETRIC, 1, TIFF_SHORT); + if (fillorder != 0) diff -Nru tiff-4.0.3/debian/patches/series tiff-4.0.3/debian/patches/series --- tiff-4.0.3/debian/patches/series 2014-06-29 23:32:44.000000000 +0200 +++ tiff-4.0.3/debian/patches/series 2014-12-22 18:51:23.000000000 +0100 @@ -6,3 +6,4 @@ CVE-2013-4232.patch CVE-2013-4244.patch CVE-2013-4243.patch +bug-741451.patch
