- Update from version 4.5.1 to 4.6.0
- Update of rootfile
- Included options to disable static library and docs.
- The removed functionality mentioned in the changelog below was already mentioned in
earlier version updates. As far as I could tell none of the functionality that has
been removed is used in IPFire.
- Changelog
4.6.0
Major changes warning
This version removes a big number of utilities that have suffered from lack of
maintenance over the years and were the source of various reported security
issues. See "Removed functionality" below for the list of removed utilities.
Starting with libtiff v4.6.0, the source code for most TIFF tools
(except tiffinfo, tiffdump, tiffcp and tiffset) was discontinued, due to the
lack of contributors able to address reported security issues. tiff2ps and
tiff2pdf source code has been moved in a unsupported category, no longer built
by default, but are still part of the the source distribution. Other retired
utilities are in a archive/ directory, only available in the libtiff git
repository. Issues related to unsupported and archived tools will no longer be
accepted in the libtiff bug tracker.
Software configuration changes
TiffConfig.cmake.in: set TIFF_INCLUDE_DIR, TIFF_INCLUDE_DIRS and
TIFF_LIBRARIES for compatibility with FindTIFF.cmake as shipped by CMake
(fixes issue #589)
Update CMake and autoconf scripts to consistently update LibTIFF version
defines and references in various files when version definition in
configure.ac has been changed.
Move in tiffvers.h from libtiff source directory to libtiff build
directory.
Remove unused version information from tif_config.h
With every CMake build the version defines (e.g. 4.5.1) within tiffvers.h
are consistently updated from configure.ac. The version release-date is
taken from file RELEASE-DATE.
The files VERSION and RELEASE-DATE are only updated with a special CMake
target build: cmake --build . --target tiff_release.
For autotools, version information is updated from configure.ac with
./autogen.sh. LIBTIFF_RELEASE_DATE is taken form file RELEASE-DATE.
./configure generates tiffvers.h with the cached version information and
LIBTIFF_RELEASE_DATE.
"make release" updates tiffvers.h and VERSION file with cached version
info and RELEASE-DATE file and tiffves.h with the current date.
CMake: fix build with -Dstrip-chopping=off (fixes issue #600)
Library changes
New/improved functionalities:
Fix using __attribute__ libtiff with clang-for-windows
Bug fixes:
WebP decoder: validate WebP blob width, height, band count against TIFF
parameters to avoid use of uninitialized variable, or decoding corrupted
content without explicit error (fixes issue #581, issue #582).
WebP codec: turn exact mode when creating lossless files to avoid altering
R,G,B values in areas where alpha=0
(https://github.com/OSGeo/gdal/issues/8038)
Fix TransferFunction writing of only two transfer functions.
TIFFReadDirectoryCheckOrder: avoid integer overflow. When it occurs, it
should be harmless in practice though
(https://gitlab.com/libtiff/libtiff/-/merge_requests/512)
Documentation
TiffField functions documentation updated with return behaviour for not
defined tags and determination of write-/read-count size.
Tools changes
Removed functionality:
The following tools are no longer compiled and have been moved to
archive/tools:
fax2ps
fax2tiff
pal2rgb
ppm2tiff
raw2tiff
rgb2ycbcr
thumbnail
tiff2bw
tiff2rgba
tiffcmp
tiffcrop
tiffdither
tiffgt
tiffmedian
The following tools are no longer compiled by default: tiff2ps and tiff2pdf.
They have been moved to tools/unsupported. They can be built by setting
--enable-tools-unsupported for autoconf, or -Dtiff-tools-unsupported for
CMake, but as the name imply, they are no longer supported by upstream.
Packagers are suggested not to enable those options.
tiffcp: remove -i option (ignore errors), because almost all fuzzer issues
were consequential errors from ignored errors because of the "-i" option.
Bug fixes:
tiffset: fix#597: warning: comparison of integer expressions of different
signedness. (fixes issue #597)
tiffcp: fix memory corruption (overflow) on hostile images (fixes issue #591)
Test changes
Add missing test_write_read_tags.c and test_transferfunction_write_read.c in
tarball (fixes issue #585) and correct "long" issue.
Don't use "long" because can be int32_t or int64_t, depending on compiler
and system.
Changes to contributed and unsupported tools
raw2tiff: fix integer overflow and bypass of the check (fixes issue #592)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 4.5.0 to 4.5.1
- Update of rootfile
- Changelog is much too long to include here. See the ChangeLog file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.4.0 to 4.5.0
- Update o0f rootfile
- sobump requires shipping of core programs poppler (covered by update patch) and perl
together with addons cups-filters and spandsp (covered by PAK_VER updates in patch
series.
- Changelog is t6oo long to include here. For details see the ChangeLog file in the
source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 4.3.0 to 4.4.0
- Update of rootfile
- Changelog is too long to include here (~1000 lines). Details can be found in ChangeLog
file in the source tarball. There are at least 31 bug closures in this release.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
pango and the PDF tools as core parts are linked against
libtiff, therefore this library has to become a part of the
core distribution too.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Historically, the MD5 checksums in our LFS files serve as a protection
against broken downloads, or accidentally corrupted source files.
While the sources are nowadays downloaded via HTTPS, it make sense to
beef up integrity protection for them, since transparently intercepting
TLS is believed to be feasible for more powerful actors, and the state
of the public PKI ecosystem is clearly not helping.
Therefore, this patch switches from MD5 to BLAKE2, updating all LFS
files as well as make.sh to deal with this checksum algorithm. BLAKE2 is
notably faster (and more secure) than SHA2, so the performance penalty
introduced by this patch is negligible, if noticeable at all.
In preparation of this patch, the toolchain files currently used have
been supplied with BLAKE2 checksums as well on
https://source.ipfire.org/.
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremeripfire.org>
Bumping across one of our scripts with very long trailing whitespaces, I
thought it might be a good idea to clean these up. Doing so, some
missing or inconsistent licence headers were fixed.
There is no need in shipping all these files en bloc, as their
functionality won't change.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
* Add a Summary and Services field to all pak lfs files
* Replace occurances of INSTALL_INITSCRIPT with new INSTALL_INITSCRIPTS
macro in all pak lfs files.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 4.1.0 to 4.3.0
- Update of rootfile
- Changelog is too large to include here
Full details can be found in ChangeLog file in source tarball
49 bug fixes implemented between 4.1.0 and 4.3.0
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Not sure why this has ever been there. This simply makes it
nicer to read and edit because we can have line-breaks now.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Most of these files still used old dates and/or domain names for contact
mail addresses. This is now replaced by an up-to-date copyright line.
Just some housekeeping... :-)
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
* ./make.sh pub lädt die ISO auf den mirror.ipfire.org
Geändert:
* ./make.sh paks verändert. Pakete werden nur noch gebaut, wenn sie noch nicht da sind.
Zum neu bauen einfach das File löschen und beim nächsten durchlauf wird es wieder mitgebaut.
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@149 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
