download.lst | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
New commits:
commit d0756d75a0638b2aeb3988af84c315c6044d0a6b
Author: Michael Stahl <[email protected]>
AuthorDate: Wed Sep 18 11:20:43 2024 +0200
Commit: Xisco Fauli <[email protected]>
CommitDate: Thu Sep 19 13:55:15 2024 +0200
libtiff: upgrade to release 4.7.0
Fixes CVE-2023-52356 CVE-2024-7006
ofz65182.patch was apparently merged upstream and then reverted;
Caolán suggested to drop the patch and see if ofz still finds a problem
there.
Change-Id: I0967708f19a7151b020372eca3c906b30f693db9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173602
Tested-by: Jenkins
Reviewed-by: Michael Stahl <[email protected]>
(cherry picked from commit d838b0d4af154b5c31818ceaac4bcdf8b2214c94)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173654
Reviewed-by: Xisco Fauli <[email protected]>
diff --git a/download.lst b/download.lst
index 7b81a1e034a4..a6bc87190c71 100644
--- a/download.lst
+++ b/download.lst
@@ -538,8 +538,8 @@ LIBPNG_TARBALL := libpng-1.6.44.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-LIBTIFF_SHA256SUM :=
e178649607d1e22b51cf361dd20a3753f244f022eefab1f2f218fc62ebaf87d2
-LIBTIFF_TARBALL := tiff-4.6.0.tar.xz
+LIBTIFF_SHA256SUM :=
273a0a73b1f0bed640afee4a5df0337357ced5b53d3d5d1c405b936501f71017
+LIBTIFF_TARBALL := tiff-4.7.0.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
