core.git: download.lst external/libtiff

Thu, 19 Sep 2024 00:44:01 -0700 

 download.lst                                |    4 ++--
 external/libtiff/UnpackedTarball_libtiff.mk |    1 -
 external/libtiff/ofz65182.patch             |   23 -----------------------
 3 files changed, 2 insertions(+), 26 deletions(-)

New commits:
commit d838b0d4af154b5c31818ceaac4bcdf8b2214c94
Author:     Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 18 11:20:43 2024 +0200
Commit:     Michael Stahl <michael.st...@allotropia.de>
CommitDate: Thu Sep 19 09:43:17 2024 +0200

    libtiff: upgrade to release 4.7.0
    
    Fixes CVE-2023-52356 CVE-2024-7006
    
    ofz65182.patch was apparently merged upstream and then reverted;
    Caolán suggested to drop the patch and see if ofz still finds a problem
    there.
    
    Change-Id: I0967708f19a7151b020372eca3c906b30f693db9
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173602
    Tested-by: Jenkins
    Reviewed-by: Michael Stahl <michael.st...@allotropia.de>

diff --git a/download.lst b/download.lst
index e5ebd3f3077d..77cf58a05579 100644
--- a/download.lst
+++ b/download.lst
@@ -573,8 +573,8 @@ LIBPNG_TARBALL := libpng-1.6.44.tar.xz
 # three static lines
 # so that git cherry-pick
 # will not run into conflicts
-LIBTIFF_SHA256SUM := 
d6da35c9986a4ec845eb96258b3693f8df515f7eb4c1e597ceb03e22788f305b
-LIBTIFF_TARBALL := tiff-4.6.0t.tar.xz
+LIBTIFF_SHA256SUM := 
273a0a73b1f0bed640afee4a5df0337357ced5b53d3d5d1c405b936501f71017
+LIBTIFF_TARBALL := tiff-4.7.0.tar.xz
 # three static lines
 # so that git cherry-pick
 # will not run into conflicts
diff --git a/external/libtiff/UnpackedTarball_libtiff.mk 
b/external/libtiff/UnpackedTarball_libtiff.mk
index dbd4c2c54d7c..f268be5926c6 100644
--- a/external/libtiff/UnpackedTarball_libtiff.mk
+++ b/external/libtiff/UnpackedTarball_libtiff.mk
@@ -16,7 +16,6 @@ $(eval $(call gb_UnpackedTarball_set_patchlevel,libtiff,1))
 $(eval $(call gb_UnpackedTarball_add_patches,libtiff,\
     external/libtiff/libtiff.linknolibs.patch \
     external/libtiff/0001-ofz-54685-Timeout.patch \
-    external/libtiff/ofz65182.patch \
     external/libtiff/ofz68840.patch \
 ))
 
diff --git a/external/libtiff/ofz65182.patch b/external/libtiff/ofz65182.patch
deleted file mode 100644
index d4b18e4ade3e..000000000000
--- a/external/libtiff/ofz65182.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-diff --git a/libtiff/tif_strip.c b/libtiff/tif_strip.c
-index 820a2544..afd7cb6e 100644
---- a/libtiff/tif_strip.c
-+++ b/libtiff/tif_strip.c
-@@ -287,7 +287,17 @@ uint64_t TIFFScanlineSize64(TIFF *tif)
-         else
-         {
-             uint64_t scanline_samples;
--            scanline_samples = _TIFFMultiply64(tif, td->td_imagewidth,
-+            uint32_t scanlinewidth = td->td_imagewidth;
-+
-+            if (td->td_photometric == PHOTOMETRIC_YCBCR)
-+            {
-+                uint16_t SubsamplingHor, SubsamplingVer;
-+                TIFFGetFieldDefaulted(tif, TIFFTAG_YCBCRSUBSAMPLING, 
&SubsamplingHor, &SubsamplingVer);
-+                if (SubsamplingHor > 1) // roundup width for YCbCr
-+                    scanlinewidth = TIFFroundup_32(scanlinewidth, 
SubsamplingHor);
-+          }
-+
-+            scanline_samples = _TIFFMultiply64(tif, scanlinewidth,
-                                                td->td_samplesperpixel, 
module);
-             scanline_size =
-                 TIFFhowmany_64(_TIFFMultiply64(tif, scanline_samples,

Reply via email to