Commit Graph

93 Commits

Author SHA1 Message Date
Robert Scott
15d1734496
libtiff: add patches for multiple CVEs
CVE-2022-0891
CVE-2022-0865
CVE-2022-0924
CVE-2022-0907
CVE-2022-0909
CVE-2022-0908

(cherry picked from commit 748dfdd1f5 from PR #165872)
2022-04-10 10:33:48 +02:00
Sandro
2873d96dd7
Merge pull request #162110 from risicle/ris-libtiff-passthru-tests 2022-03-27 16:36:28 +02:00
Robert Scott
93c5836538 libtiff: add some reverse dependencies to passthru.tests 2022-02-27 18:31:36 +00:00
Vladimír Čunát
ba2687fcfb
libtiff: standardize the patch URLs
https://github.com/NixOS/nixpkgs/pull/161295#discussion_r812233936
2022-02-22 21:12:35 +01:00
Robert Scott
7d6abd197c libtiff: add patches for CVE-2022-0561 & CVE-2022-0562 2022-02-21 19:28:24 +00:00
Robert Scott
0f049646e6 libtiff: add patch for CVE-2022-22844 2022-02-04 23:57:45 +00:00
Dmitry Kalinkin
2f8438a174
libtiff: don't depend on OpenGL on darwin
libGL is bloating the closure by depending on mesa.

0a678b4500 ('libtiff: Disable OpenGL entirely for Darwin')
b02908c213 ('libtiff: Reenable OpenGL support on Darwin')
2021-12-31 15:44:44 -05:00
toonn
19678c4e90 libtiff: Clarify patch comments 2021-11-24 15:17:13 -08:00
Ryan Burns
35ddc19667 libtiff: fix case-insensitive build 2021-11-24 15:17:13 -08:00
toonn
b02908c213 libtiff: Reenable OpenGL support on Darwin
I found the correct inputs to get `libtiff` to compile with OpenGL
support on Darwin. Allowing us to get rid of the ugly build system
patch.
2021-11-24 15:17:13 -08:00
toonn
d0c5ac2383 libtiff: Disable OpenGL entirely for Darwin
On the Hydra builders and with Clang 7, CMake fails to find OpenGL. With
Clang 11 it manages to find the the OpenGL and GLUT system frameworks
for me. It does not find `gl.h` however. So the tests for `tiffgt` fail
on a missing include.

Since previously OpenGL wasn't detected I've opted to disable the CMake
check for OpenGL for darwin. This means `tiffgt.c` is never built and
tested. Ideally we'd provide the proper headers so the tests can
succeed.
2021-11-24 15:17:13 -08:00
Vladimír Čunát
07b9fef470
libtiff: revert to previous version on aarch64-darwin
/cc PR #129687.  This should work; I can't see another way immediately.
2021-07-20 10:50:50 +02:00
Alyssa Ross
5df9305b60 libtiff: fix cross by switching back to autoconf
The CMake implementation seems to be very in flux, and the latest
release broke cross-compilation for us.  Autotools seems to be
upstream's recommended build system -- it's the one mentioned in the
README.
2021-07-09 11:19:02 +00:00
Alyssa Ross
666c01d977 libtiff: 4.2.0 -> 4.3.0; adopt; improve meta
Tested by viewing a TIFF file in imv.
2021-07-09 11:19:02 +00:00
Orivej Desh
91d6532179
libtiff: 4.1.0 -> 4.2.0 (#114196) 2021-03-06 19:32:55 +00:00
Ryan Burns
351b28d469 libtiff: fix build on darwin
Now that libtiff is using cmake, we need to let cmake
set the build rpath for the tests to pass on darwin.
The rpaths are rewritten at installation so
the output libraries should be unaffected.
2021-01-25 13:52:32 +01:00
zowoq
153ad8bc1e Merge staging-next into staging 2021-01-22 16:56:40 +10:00
Ben Siraphob
66e44425c6 pkgs/development/libraries: stdenv.lib -> lib 2021-01-21 19:11:02 -08:00
Jan Tojnar
fc7bd322df
Merge branch 'staging-next' into staging 2021-01-19 13:50:04 +01:00
Jonathan Ringer
9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Las
96d50327bc libtiff: export private headers for freeimage
They are exported under the dev_private output so
that they aren't available automatically to dependening libraries.

This also switches to cmake to simplify the patch.
2021-01-10 20:46:49 +00:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Daniel Schaefer
2223e618b8 libtiff: 4.0.10 -> 4.1.0 2019-11-06 17:09:22 +01:00
Daniel Schaefer
5270c3a03e libtiff: Patch CVE-2019-7663 2019-11-06 17:08:38 +01:00
Pierre Bourdon
f15564d72b libtiff: patch for CVE-2019-6128, CVE-2019-14973
CVE-2019-14973.patch is a manually backported of the upstream patch to
work around some minor merge conflicts.
2019-10-22 09:47:40 +02:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Andrew Dunham
ac3b358a8c
libtiff: 2018-11-04 -> 4.0.10 2018-11-28 10:43:44 +09:00
Andrew Dunham
3137c609a4 libtiff: 4.0.9 -> 2018-11-04
This includes a bunch of security fixes (#49786), and mimics what Debian
has done in moving to a git snapshot instead of a released version +
backported security patches.
2018-11-07 11:02:02 -08:00
Vladimír Čunát
4596251dd1
libtiff: add a comment about the patches 2018-08-10 10:36:23 +02:00
Yurii Izorkin
527d3d566c libtiff: update url to patch file (#44815) 2018-08-09 23:18:46 +02:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Silvan Mosberger
57bccb3cb8 treewide: http -> https sources (#42676)
* treewide: http -> https sources

This updates the source urls of all top-level packages from http to
https where possible.

* buildtorrent: fix url and tab -> spaces
2018-06-28 20:43:35 +02:00
Christian Kauhaus
cca45cc3e1 Get libtiff on the same patch level as Debian. The imported patch file contains:
CVE-2017-9935
CVE-2017-11613
CVE-2017-17095
CVE-2017-18013
CVE-2018-5784
CVE-2018-7456

Re #41748 (master)
Re #41749 (release-18.03 - needs to be cherry-picked)
2018-06-09 15:49:36 +02:00
Franz Pletz
66d34f852f
libtiff: 4.0.8 -> 4.0.9 2018-01-28 19:32:20 +01:00
John Ericson
133b4658df treewide: Simplify some doCheck calls
In anticipation of what I outline in #33599, I only simplify exactly those
`doCheck`s which are equal to `hostPlatform != buildPlatform`. I also stick a
comment next to them so I can grep for them later.
2018-01-09 12:37:38 -05:00
Ben Gamari
765fbe8f10 libtiff: Don't run testsuite when cross-compiling 2017-10-27 20:41:44 -04:00
Franz Pletz
8a5b8aeaf5
libtiff: use patches from newer debian revision 2017-09-28 14:52:36 +02:00
Tuomas Tynkkynen
1ff422aa23 treewide: Add man & info outputs where necessary (instead of doc)
Because man & info pages won't be going to $doc after the next commit.
Scripted change for the files having one-package-per-file.
2017-08-11 21:32:54 +03:00
Sebastian Hagen
edf6176d8a libtiff: Fix debian patch tarball URL
The tiff debian tarball URL has disappeared (since debian updated their current
version), which renders this package unbuildable.

Change it to a debian snapshot URL, which should be around indefinitely.
2017-08-08 04:06:55 +01:00
Jan Malakhovski
d22ed21a7b libtiff: 4.0.7-6.debian -> 4.0.8-2.debian 2017-06-07 12:20:37 +00:00
Marc Nickert
1c9ed32a34
libtiff: security 4.0.7-5 -> 4.0.7-6 (Debian patches)
Taken from PR #25742, only adding extra comment.
2017-05-14 14:27:52 +02:00
Vladimír Čunát
68c9530998
libtiff: apply security patches from Debian
/cc #21967.
2017-01-18 15:51:36 +01:00
Graham Christensen
9de6029cc6
libtiff: 4.0.6 -> 4.0.7 for many CVEs
This release includes all our previous CVE patches, and suggets new ones:

 - CVE-2016-3945
 - CVE-2016-3990
 - CVE-2016-3991
 - CVE-2016-3622
 - CVE-2016-9453
 - CVE-2016-8127 (duplicate of CVE-2016-3658)
 - CVE-2016-9297
 - CVE-2016-9448
2016-11-23 23:23:49 -05:00
Jan Malakhovski
83f28fdd73
libtiff: fetchpatch -> fetchurl
See #20206.  vcunat doesn't consider this important,
but it is perhaps nicer and now is a moment we can afford to rehash.
2016-11-06 21:45:30 +01:00
Vladimír Čunát
ac5950a4a9 libtiff: the new hashes are for fetchurl, really
... and there's not much reason to use fetchpatch in this case anyway.
2016-11-06 11:37:47 +01:00
Jan Malakhovski
d9db320889 libtiff: patch for some more CVEs, fix patch urls 2016-11-06 10:00:22 +00:00
Graham Christensen
d3bda9b6f1
libtiff: patch for many CVEs 2016-10-19 22:06:50 -04:00
Chris Martin
56904d7c42 Update libtiff URLs (#18611)
* libtiff: remove dead source url

* libgeotiff: update url
2016-09-15 00:31:32 +01:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Vladimír Čunát
f2cb132c34 libtiff: fixup 2015-10-03 14:37:35 +02:00