<pre style='margin:0'>
Ryan Schmidt (ryandesign) pushed a commit to branch master
in repository macports-ports.

</pre>
<p><a href="https://github.com/macports/macports-ports/commit/a8599cf66cff28b4b5c8bb7836f2e19d3e8120df">https://github.com/macports/macports-ports/commit/a8599cf66cff28b4b5c8bb7836f2e19d3e8120df</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'>     new a8599cf66cf tiff: apply patch for CVE-2022-3970
</span>a8599cf66cf is described below

<span style='display:block; white-space:pre;color:#808000;'>commit a8599cf66cff28b4b5c8bb7836f2e19d3e8120df
</span>Author: Blair Zajac <blair@macports.org>
AuthorDate: Thu Dec 1 18:50:06 2022 -0800

<span style='display:block; white-space:pre;color:#404040;'>    tiff: apply patch for CVE-2022-3970
</span>---
 graphics/tiff/Portfile                  |  5 +++--
 graphics/tiff/files/CVE-2022-3970.patch | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 2 deletions(-)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/graphics/tiff/Portfile b/graphics/tiff/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index a75df54c3c0..b6b2daacd67 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/graphics/tiff/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/graphics/tiff/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -6,7 +6,7 @@ PortGroup           muniversal 1.0
</span> 
 name                tiff
 version             4.4.0
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision            0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision            1
</span> checksums           rmd160  715752ebd2613d2e454b90d25f0c003bd8626ea4 \
                     sha256  917223b37538959aca3b790d2d73aa6e626b688e02dcda272aec24c2f498abed \
                     size    2841082
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -46,7 +46,8 @@ test.target         check
</span> compiler.c_standard 1999
 
 patchfiles          allow-opengl-without-x11.patch \
<span style='display:block; white-space:pre;background:#ffe0e0;'>-                    dont-find-x11-opengl.patch
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                    dont-find-x11-opengl.patch \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                    CVE-2022-3970.patch
</span> 
 configure.args      --disable-jbig \
                     --disable-webp \
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/graphics/tiff/files/CVE-2022-3970.patch b/graphics/tiff/files/CVE-2022-3970.patch
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..eb063364515
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/graphics/tiff/files/CVE-2022-3970.patch
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,33 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+From 227500897dfb07fb7d27f7aa570050e62617e3be Mon Sep 17 00:00:00 2001
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+From: Even Rouault <even.rouault@spatialys.com>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+Date: Tue, 8 Nov 2022 15:16:58 +0100
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+Subject: [PATCH] TIFFReadRGBATileExt(): fix (unsigned) integer overflow on
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ strips/tiles > 2 GB
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+---
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ libtiff/tif_getimage.c | 8 ++++----
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 1 file changed, 4 insertions(+), 4 deletions(-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- libtiff/tif_getimage.c.orig
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ libtiff/tif_getimage.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -3058,15 +3058,15 @@ TIFFReadRGBATileExt(TIFF* tif, uint32_t
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+         return( ok );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+     for( i_row = 0; i_row < read_ysize; i_row++ ) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-        memmove( raster + (tile_ysize - i_row - 1) * tile_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-                 raster + (read_ysize - i_row - 1) * read_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++        memmove( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++                 raster + (size_t)(read_ysize - i_row - 1) * read_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                  read_xsize * sizeof(uint32_t) );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize+read_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize+read_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                      0, sizeof(uint32_t) * (tile_xsize - read_xsize) );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+     }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+     for( i_row = read_ysize; i_row < tile_ysize; i_row++ ) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                      0, sizeof(uint32_t) * tile_xsize );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+     }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 
</span></pre><pre style='margin:0'>

</pre>