diff --git a/libtiff/trunk/PKGBUILD b/libtiff/trunk/PKGBUILD index b8690a73..c3af30bd 100644 --- a/libtiff/trunk/PKGBUILD +++ b/libtiff/trunk/PKGBUILD @@ -3,7 +3,7 @@ pkgname=libtiff pkgver=4.4.0 -pkgrel=3 +pkgrel=4 pkgdesc='Library for manipulation of TIFF images' url='http://www.simplesystems.org/libtiff/' arch=('x86_64') @@ -15,15 +15,19 @@ provides=('libtiff.so' 'libtiffxx.so') options=(debug) source=( https://download.osgeo.org/libtiff/tiff-${pkgver}.tar.gz{,.sig} - # fix CVE-2022-2056 / CVE-2022-2057 / CVE-2022-2058: https://bugs.archlinux.org/task/75360 - $pkgname-4.4.0-fpe_tiffcrop.patch::https://gitlab.com/libtiff/libtiff/-/commit/dd1bcc7abb26094e93636e85520f0d8f81ab0fab.patch + # fix CVE-2022-2056 / CVE-2022-2057 / CVE-2022-2058 + https://gitlab.com/libtiff/libtiff/-/commit/dd1bcc7abb26094e93636e85520f0d8f81ab0fab.patch + # fix CVE-2022-34526 + https://gitlab.com/libtiff/libtiff/-/commit/275735d0354e39c0ac1dc3c0db2120d6f31d1990.patch ) sha256sums=('917223b37538959aca3b790d2d73aa6e626b688e02dcda272aec24c2f498abed' 'SKIP' - '049875c6eddef8d0d653ad069fea7483f7b9b1dc2aad8780784301fb3e34b561') + '049875c6eddef8d0d653ad069fea7483f7b9b1dc2aad8780784301fb3e34b561' + '10220d1eecc00f830a1814c0b74388e68c4f0a38ec173038d6e5e8a6ad3cc97f') b2sums=('1480aca5f9b3d4509229fb6c1b967bdeb2053c4100f21d486d9f4a375742249aa7f54d6b5ab27679075499c226a011bc65988e22c064b3986d89f2cf5b0200dc' 'SKIP' - '2dc47541b05e6c674c3fa3f7109528d7001a494af937fc57f1862ce75dc467dd4acd6892de1bd017d182b1dcbb80242cffa27f0f3ebde3ed57ee13df5b733821') + '2dc47541b05e6c674c3fa3f7109528d7001a494af937fc57f1862ce75dc467dd4acd6892de1bd017d182b1dcbb80242cffa27f0f3ebde3ed57ee13df5b733821' + '13eaf64bd306cb1b26ac643d56d3cb9a115a0994efb2853020825a503e2dc948c7a672b05586f148b243173b45a915d2282523cf465e9d02e9b8415ed0bfcd22') validpgpkeys=( 'EBDFDB21B020EE8FD151A88DE301047DE1198975' # Bob Friesenhahn 'B1FA7D81EEB8E66399178B9733EBBFC47B3DD87D' # Even Rouault