Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libtiff6-4.6.0-4.3 RPM for ppc64le

From OpenSuSE Ports Tumbleweed for ppc64le

Name: libtiff6 Distribution: openSUSE Tumbleweed
Version: 4.6.0 Vendor: openSUSE
Release: 4.3 Build date: Fri Jan 26 10:59:33 2024
Group: System/Libraries Build host: reproducible
Size: 794483 Source RPM: tiff-4.6.0-4.3.src.rpm
Summary: The Tiff Library (with JPEG and compression support)
This package includes the tiff libraries. To link a program with
libtiff, you will have to add -ljpeg and -lz to include the necessary
libjpeg and libz in the linking process.






* Fri Jan 26 2024 Michael Vetter <>
  - security update:
    * CVE-2023-52356 [bsc#1219213]
      Fix segfault in TIFFReadRGBATileExt()
      + tiff-CVE-2023-52356.patch
* Fri Sep 15 2023 Paolo Stivanin <>
  - Update to version 4.6.0:
    * API/ABI breaks: none
    * WebP decoder: validate WebP blob width, height, band count against
      TIFF parameters to avoid use of uninitialized variable, or decoding
      corrupted content without explicit error (fixes issue #581, issue #582).
    * WebP codec: turn exact mode when creating lossless files to avoid
      altering R,G,B values in areas where alpha=0
    * Fix TransferFunction writing of only two transfer functions.
    * TIFFReadDirectoryCheckOrder: avoid integer overflow. When it occurs,
      it should be harmless in practice though
    * tiffcp: remove -i option (ignore errors)
    * This version removes a big number of utilities that have suffered from
      lack of maintenance over the years and were the source of various
      reported security issues:
      + fax2ps
      + fax2tiff
      + pal2rgb
      + ppm2tiff
      + raw2tiff
      + rgb2ycbcr
      + thumbnail
      + tiff2bw
      + tiff2rgba
      + tiffcmp
      + tiffcrop
      + tiffdither
      + tiffgt
      + tiffmedian
      + tiff2ps
      + tiff2pdf
  - Remove no longer needed tiff-4.0.3-compress-warning.patch.
  - CVE-2023-25435 [bsc#1212607] tiffcrop is removed
* Tue Jun 20 2023 Martin Pluskal <>
  - Update to version 4.5.1:
    * Definition of tags reformatted (clang-format off) for better readability of tag comments in tiff.h and tif_dirinfo.c
    * Do not install libtiff-4.pc when tiff-install is reset.
    * Add versioninfo resource files for DLL and tools compiled with Windows MSVC and MINGW.
    * Disable clang-formatting for and because sensitive for CMake scripts.
    * CMake: make WebP component name compatible with upstream ConfigWebP.cmake
    * CMake: make Findliblzma with upstream CMake config file
    * CMake: FindDeflate.cmake: fix several errors (issue #526).
    * CMake: FindLERC.cmake: version string return added.
    * CMake: export TiffConfig.cmake and TiffConfigVersion.cmake files
    * Hardcode HOST_FILLORDER to FILLORDER_LSB2MSB and make 'H' flag of TIFFOpen() to warn and an alias of FILLORDER_MSB2LSB. tif_lerc.c: use WORDS_BIGENDIAN instead of HOST_BIGENDIAN.
    * Optimize relative seeking within TIFFSetDirectory() by using the learned list of IFD offsets.
    * Improve internal IFD offset and directory number map handling.
    * Behavior of TIFFOpen() mode "r+" in the Windows implementation adjusted to that of Linux.
    * TIFFDirectory td_fieldsset type changed from unsigned long, which can be 32 or 64 bits, to uint32_t (fixes issue #484).
    * tif_ojpeg.c: checking for division by zero (fixes issue #554).
    * LZWDecode(): avoid crash when trying to read again from a strip whith a missing end-of-information marker (fixes issue #548).
    * Fixed runtime error: applying zero offset to null pointer in countInkNamesString().
    * Fixing crash in TIFFUnlinkDirectory() when called with directory number zero ("TIFFUnlinkDirectory(0)") as well as fixing incorrect behaviour when unlinking the first directory.
    * tif_luv: check and correct for NaN data in uv_encode() (issue #530).
    * TIFFClose() avoid NULL pointer dereferencing (issue #515).
    * tif_hash_set.c: include tif_hash_set.h after tif_config.h to let a chance for GDAL symbol renaming trick.
    * Fax3: fix failure to decode some fax3 number_of_images and add test for Fax3 decoding issues (issue #513).
    * TIFFSetDirectory() and TIFFWriteDirectorySec() avoid harmless unsigned-integer-overflow (due to gdal oss-fuzz #54311 and #54343).
    * tif_ojpeg.c: fix issue #554 by checking for division by zero in OJPEGWriteHeaderInfo().
    * LZWDecode(): avoid crash when trying to read again from a strip whith a missing end-of-information marker (issue #548).
  - Drop no longer needed patches:
    * tiff-CVE-2023-0795,CVE-2023-0796,CVE-2023-0797,CVE-2023-0798,CVE-2023-0799.patch
    * tiff-CVE-2022-48281.patch
    * tiff-CVE-2023-0800,CVE-2023-0801,CVE-2023-0802,CVE-2023-0803,CVE-2023-0804.patch
* Wed Feb 22 2023 Michael Vetter <>
  - security update:
    * CVE-2023-0795 [bsc#1208226]
    * CVE-2023-0796 [bsc#1208227]
    * CVE-2023-0797 [bsc#1208228]
    * CVE-2023-0798 [bsc#1208229]
    * CVE-2023-0799 [bsc#1208230]
      + tiff-CVE-2023-0795,CVE-2023-0796,CVE-2023-0797,CVE-2023-0798,CVE-2023-0799.patch
    * CVE-2023-0800 [bsc#1208231]
    * CVE-2023-0801 [bsc#1208232]
    * CVE-2023-0802 [bsc#1208233]
    * CVE-2023-0803 [bsc#1208234]
    * CVE-2023-0804 [bsc#1208236]
      + tiff-CVE-2023-0800,CVE-2023-0801,CVE-2023-0802,CVE-2023-0803,CVE-2023-0804.patch
* Thu Jan 26 2023 Michael Vetter <>
  - security update:
    * CVE-2022-48281 [bsc#1207413]
      + tiff-CVE-2022-48281.patch
* Wed Jan 04 2023 Paolo Stivanin <>
  - Update to 4.5.0:
    * tdir_t type updated to uint32_t. This type is now used for the return
      value of TIFFCurrentDirectory() and TIFFNumberOfDirectories(), and as
      the argument of TIFFSetDirectory() and TIFFUnlinkDirectory()
    * Addition of an open option concept with the new functions TIFFOpenExt(),
      TIFFOpenWExt(), TIFFFdOpenExt(), TIFFClientOpenExt(), TIFFOpenOptionsAlloc(),
    * Leveraging above mentioned open option concept, addition of a new capability
      to limit the size of a single dynamic memory allocation done by the library
      with TIFFOpenOptionsSetMaxSingleMemAlloc()
    * Related to IFD-Loop detection refactoring, the number of IFDs that libtiff
      can browse through has been extended from 65535 to 1048576. This value is
      a build-time setting that can be configured with CMake's TIFF_MAX_DIR_COUNT
      variable or autoconf's --with-max-dir-count option.
    * Whole code base reformatting of .c/.h files using new .clang-format format
    * Documentation changed from static HTML and man pages to
      Restructured Text (rst). HTML and man pages are now build artifacts.
    * SONAME version bumped to 6 due to changes in symbol versioning.
    * autoconf/cmake: detect (not yet released) libjpeg-turbo 2.2 to take into
      its capability of handling both 8-bit JPEG and 12-bit JPEG in a single build.
    * autoconf/cmake: detect sphinx-build to build HTML and man pages
    * CMakeLists.txt: fix warning with -Wdev
    * CMake: correctly set default value of 'lzma' option when liblzma is detected
    * CMake: Moved linking of CMath::CMath into CMath_LIBRARY check.
    * Fix CMake build to be compatible with FetchContent.
    * cmake: Correct duplicate definition of _CRT_SECURE_NO_WARNINGS
    * cmake: Fixes for Visual Studio 2022.
    * Adds Requires.private generation so that pkg-config can correctly find
      the dependencies of libtiff.
    * Fix dependency on libm on Android
    * Fix build in tif_lzw.c
    * CMake: Add options for disabling tools, tests, contrib and docs.
    * tiffcrop: Fix memory allocation to require a larger buffer (CVE-2022-3570, CVE-2022-3598)
    * tiffcrop: disable incompatibility of -Z, -X, -Y, -z options with any PAGE_MODE_x option
      (CVE-2022-3627, CVE-2022-3597, CVE-2022-3626)
    * tiffcrop: fix floating-point exception (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)
    * _TIFFCheckFieldIsValidForCodec(): return FALSE when passed a codec-specific tag
      and the codec is not configured (CVE-2022-34526)
    * Revised handling of TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value (CVE-2022-3599)
    * tiffcrop: -S option mutually exclusive (CVE-2022-2519, CVE-2022-2520, CVE-2022-2521)
  - Drop tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch
  - Drop tiff-CVE-2022-34526.patch
  - Drop tiff-CVE-2022-3599.patch
  - Drop tiff-CVE-2022-3598.patch
  - Drop tiff-CVE-2022-3970.patch
  - Drop tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
  - Drop tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch
* Mon Nov 14 2022 Michael Vetter <>
  - security update:
    * CVE-2022-3970 [bsc#1205392]
      + tiff-CVE-2022-3970.patch
* Sun Nov 13 2022 Michael Vetter <>
  - security update:
    * CVE-2022-3597 [bsc#1204641]
    * CVE-2022-3626 [bsc#1204644]
    * CVE-2022-3627 [bsc#1204645]
      + tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch
    * CVE-2022-3599 [bsc#1204643]
      + tiff-CVE-2022-3599.patch
    * CVE-2022-3598 [bsc#1204642]
      + tiff-CVE-2022-3598.patch
* Mon Oct 17 2022 Michael Vetter <>
  - security update:
    * CVE-2022-2519 [bsc#1202968]
    * CVE-2022-2520 [bsc#1202973]
    * CVE-2022-2521 [bsc#1202971]
      + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
* Mon Aug 01 2022 Michael Vetter <>
  - security update:
    * CVE-2022-34526 [bsc#1202026]
      + tiff-CVE-2022-34526.patch
* Wed Jul 06 2022 Michael Vetter <>
  - security update
    * CVE-2022-2056 [bsc#1201176]
    * CVE-2022-2057 [bsc#1201175]
    * CVE-2022-2058 [bsc#1201174]
      + tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch
* Sun May 29 2022 Dirk Müller <>
  - update to 4.4.0:
    * TIFFIsBigTiff() function added.
    * Functions TIFFFieldSetGetSize() and TIFFieldSetGetCountSize() added.
    * LZWDecode(): major speed improvements (~30% faster)
    * Predictor 2 (horizontal differenciation): support 64-bit
    * Support libjpeg 9d
    * avoid hang in TIFFRewriteDirectory() if a classic file > 4 GB is attempted
      to be created
    * tif_jbig.c: fix crash when reading a file with multiple IFD in
      memory-mapped mode and when bit reversal is needed
    * TIFFFetchNormalTag(): avoid calling memcpy() with a null source pointer and
      size of zero
    * TIFFWriteDirectoryTagData(): turn assertion on data length into a runtime
    * TIFFFetchStripThing(): avoid calling memcpy() with a null source pointer
      and size of zero
    * TIFFReadDirectory(): avoid calling memcpy() with a null source pointer and
      size of zero
    * TIFFYCbCrToRGBInit(): avoid Integer-overflow
      returned pointer is NULL (fixes #342)
    * OJPEG: avoid assertion when using TIFFReadScanline()
    * TIFFReadDirectory: fix OJPEG hack
    * LZW codec: fix support for strips/tiles > 2 GB on Windows
    * TIFFAppendToStrip(): fix rewrite-in-place logic
    * Fix TIFFRewriteDirectory discarding directories.
    * TIFFReadCustomDirectory(): avoid crash when reading SubjectDistance tag on
      a non EXIF directory
    * Fix Segmentation fault printing GPS directory if Altitude tag is present
    * tif_jpeg.c: do not emit progressive scans with mozjpeg. (#266)
    * _TIFFRewriteField(): fix when writing a IFD with a single tile that is a
      sparse one, on big endian hosts
    * Fix all remaining uses of legacy Deflate compression id and warn on use.
    * CVE-2022-22844 bsc#1194539
    * CVE-2022-2867 bsc#1202466
    * CVE-2022-2868 bsc#1202467
    * CVE-2022-2869 bsc#1202468
  - drop tiff-CVE-2022-0907.patch, tiff-CVE-2022-0561.patch, tiff-CVE-2022-0562.patch,
    tiff-CVE-2022-0865.patch, tiff-CVE-2022-0909.patch, tiff-CVE-2022-0924.patch,
    tiff-CVE-2022-0908.patch, tiff-CVE-2022-1056,CVE-2022-0891.patch: all upstream
  - add signature validation, adds tiff.keyring
* Mon May 09 2022 Michael Vetter <>
  - security update:
    * CVE-2022-0907 [bsc#1197070]
      + tiff-CVE-2022-0907.patch
* Mon May 09 2022 Michael Vetter <>
  - security update
    * CVE-2022-0561 [bsc#1195964]
    * CVE-2022-34266 [bsc#1201723] [bsc#1201971]
      + tiff-CVE-2022-0561.patch
    * CVE-2022-0562 [bsc#1195965]
      + tiff-CVE-2022-0562.patch
    * CVE-2022-0865 [bsc#1197066]
      + tiff-CVE-2022-0865.patch
    * CVE-2022-0909 [bsc#1197072]
      + tiff-CVE-2022-0909.patch
    * CVE-2022-0924 [bsc#1197073]
      + tiff-CVE-2022-0924.patch
    * CVE-2022-0908 [bsc#1197074]
      + tiff-CVE-2022-0908.patch
* Fri May 06 2022 Michael Vetter <>
  - security update
    * CVE-2022-1056 [bsc#1197631]
    * CVE-2022-0891 [bsc#1197068]
      + tiff-CVE-2022-1056,CVE-2022-0891.patch
* Wed May 04 2022 Marcus Meissner <>
  - switch source url to https
* Mon Apr 26 2021 Paolo Stivanin <>
  - version update to 4.3.0
    * Build and usage of the library and its utilities requires a C99
      capable compiler.
    * New optional codec for the LERC (Limited Error Raster Compression)
      compression scheme. To have it available, configure libtiff against
      the SDK available at
    * Removal of unused, or now useless due to C99 availability,
      functions in port/
    * tiffcmp: fix comparaison with pixels that are
      fractional number of bytes
    * tiff2ps: exit the loop in case of error
    * tiff2pdf: check that tiff_datasize fits in a signed tsize_t



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 10:39:13 2024