From f42c8d7609047a9b513cc463cdeede0879963484 Mon Sep 17 00:00:00 2001
From: wangziliang <wangziliang@kylinos.cn>
Date: Tue, 16 Jul 2024 06:58:12 +0000
Subject: [PATCH] fix CVE-2024-6716

---
 backport-0004-CVE-2024-6716.patch | 38 +++++++++++++++++++++++++++++++
 libtiff.spec                      |  6 ++++-
 2 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 backport-0004-CVE-2024-6716.patch

diff --git a/backport-0004-CVE-2024-6716.patch b/backport-0004-CVE-2024-6716.patch
new file mode 100644
index 0000000..92b25bc
--- /dev/null
+++ b/backport-0004-CVE-2024-6716.patch
@@ -0,0 +1,38 @@
+From 49856998c3d82e65444b47bb4fb11b7830a0c2be Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Fri, 15 Sep 2023 10:07:06 +0000
+Subject: [PATCH] tif_dirinfo.c: re-enable TIFFTAG_EP_CFAREPEATPATTERNDIM and
+ TIFFTAG_EP_CFAPATTERN tags (fixes #608)
+
+---
+ libtiff/tif_dirinfo.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libtiff/tif_dirinfo.c b/libtiff/tif_dirinfo.c
+index 0e705e81..bff7592a 100644
+--- a/libtiff/tif_dirinfo.c
++++ b/libtiff/tif_dirinfo.c
+@@ -213,8 +213,6 @@ static const TIFFField tiffFields[] = {
+     {TIFFTAG_CURRENTPREPROFILEMATRIX, -1, -1, TIFF_SRATIONAL, 0, TIFF_SETGET_C16_FLOAT, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "CurrentPreProfileMatrix", NULL},
+     {TIFFTAG_PERSAMPLE, 0, 0, TIFF_SHORT, 0, TIFF_SETGET_UNDEFINED, TIFF_SETGET_UNDEFINED, FIELD_PSEUDO, TRUE, FALSE, "PerSample", NULL},
+ #if 0
+-    /* TODO: revert above #if 0 for TIFF 4.6.0 */
+-
+     /* begin DNG 1.2.0.0 tags */
+     {TIFFTAG_COLORIMETRICREFERENCE, 1, 1, TIFF_SHORT, 0, TIFF_SETGET_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "ColorimetricReference", NULL},
+     {TIFFTAG_CAMERACALIBRATIONSIGNATURE, -1, -1, TIFF_BYTE, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "CameraCalibrationSignature", NULL},
+@@ -282,9 +280,11 @@ static const TIFFField tiffFields[] = {
+     {TIFFTAG_ILLUMINANTDATA2, -3, -3, TIFF_UNDEFINED, 0, TIFF_SETGET_C32_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "IlluminantData2", NULL},
+     {TIFFTAG_ILLUMINANTDATA3, -3, -3, TIFF_UNDEFINED, 0, TIFF_SETGET_C32_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "IlluminantData3", NULL},
+     /* end DNG tags */
++#endif
+     /* begin TIFF/EP tags */
+     {TIFFTAG_EP_CFAREPEATPATTERNDIM, 2, 2, TIFF_SHORT, 0, TIFF_SETGET_C0_UINT16, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "EP CFARepeatPatternDim", NULL},
+     {TIFFTAG_EP_CFAPATTERN, -1, -1, TIFF_BYTE, 0, TIFF_SETGET_C16_UINT8, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 1, "EP CFAPattern", NULL},
++#if 0
+     /* TIFFTAG_EP_BATTERYLEVEL can be RATIONAL or ASCII.
+      * LibTiff defines it as ASCII and converts RATIONAL to an ASCII string. */
+     {TIFFTAG_EP_BATTERYLEVEL, -1, -1, TIFF_ASCII, 0, TIFF_SETGET_ASCII, TIFF_SETGET_UNDEFINED, FIELD_CUSTOM, 1, 0, "EP BatteryLevel", NULL},
+-- 
+2.33.0
+
diff --git a/libtiff.spec b/libtiff.spec
index 71b50a2..a05f6d4 100644
--- a/libtiff.spec
+++ b/libtiff.spec
@@ -1,6 +1,6 @@
 Name:           libtiff
 Version:        4.6.0
-Release:        1
+Release:        2
 Summary:        TIFF Library and Utilities
 License:        libtiff
 URL:            https://libtiff.gitlab.io/libtiff/
@@ -10,6 +10,7 @@ Patch6000:      backport-CVE-2023-6228.patch
 Patch6001:      backport-0001-CVE-2023-6277.patch
 Patch6002:      backport-0002-CVE-2023-6277.patch
 Patch6003:      backport-0003-CVE-2023-6277.patch
+Patch6004:      backport-0004-CVE-2024-6716.patch
 
 BuildRequires:  gcc gcc-c++ zlib-devel libjpeg-devel jbigkit-devel
 BuildRequires:  libtool automake autoconf pkgconfig
@@ -129,6 +130,9 @@ find doc -name 'Makefile*' | xargs rm
 %exclude %{_mandir}/man1/*
 
 %changelog
+* Tue Jul 16 2024 wangziliang <wangziliang@kylinos.cn> - 4.6.0-2
+- backport patch for fix CVE-2024-6716 issue
+
 * Wed Dec 27 2023 lvgenggeng <lvgenggeng@uniontech.com> - 4.6.0-1
 - bump to 4.6.0
 
-- 
Gitee