diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..0432824
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/tiff-4.0.9.tar.gz
diff --git a/.libtiff.metadata b/.libtiff.metadata
new file mode 100644
index 0000000..0a25bcd
--- /dev/null
+++ b/.libtiff.metadata
@@ -0,0 +1 @@
+87d4543579176cc568668617c22baceccd568296 SOURCES/tiff-4.0.9.tar.gz
diff --git a/SOURCES/libtiff-CVE-2017-18013.patch b/SOURCES/libtiff-CVE-2017-18013.patch
new file mode 100644
index 0000000..77afc48
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2017-18013.patch
@@ -0,0 +1,36 @@
+From b1997b9c3ac0d6bac5effd7558141986487217a9 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sun, 31 Dec 2017 15:09:41 +0100
+Subject: [PATCH 2/4] libtiff/tif_print.c: TIFFPrintDirectory(): fix null
+ pointer dereference on corrupted file. Fixes
+ http://bugzilla.maptools.org/show_bug.cgi?id=2770 / CVE-2017-18013
+
+---
+ libtiff/tif_print.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
+index 10a588e..b9b53a0 100644
+--- a/libtiff/tif_print.c
++++ b/libtiff/tif_print.c
+@@ -667,13 +667,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
+ #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
+ fprintf(fd, " %3lu: [%8I64u, %8I64u]\n",
+ (unsigned long) s,
+- (unsigned __int64) td->td_stripoffset[s],
+- (unsigned __int64) td->td_stripbytecount[s]);
++ td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0,
++ td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0);
+ #else
+ fprintf(fd, " %3lu: [%8llu, %8llu]\n",
+ (unsigned long) s,
+- (unsigned long long) td->td_stripoffset[s],
+- (unsigned long long) td->td_stripbytecount[s]);
++ td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0,
++ td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0);
+ #endif
+ }
+ }
+--
+2.17.0
+
diff --git a/SOURCES/libtiff-CVE-2017-9935.patch b/SOURCES/libtiff-CVE-2017-9935.patch
new file mode 100644
index 0000000..39327ff
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2017-9935.patch
@@ -0,0 +1,164 @@
+From e1cd2d7ab032e7fe80b4c13e07895194c8bac85e Mon Sep 17 00:00:00 2001
+From: Brian May <brian@linuxpenguins.xyz>
+Date: Thu, 7 Dec 2017 07:46:47 +1100
+Subject: [PATCH 1/4] [PATCH] tiff2pdf: Fix CVE-2017-9935
+
+Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704
+
+This vulnerability - at least for the supplied test case - is because we
+assume that a tiff will only have one transfer function that is the same
+for all pages. This is not required by the TIFF standards.
+
+We than read the transfer function for every page. Depending on the
+transfer function, we allocate either 2 or 4 bytes to the XREF buffer.
+We allocate this memory after we read in the transfer function for the
+page.
+
+For the first exploit - POC1, this file has 3 pages. For the first page
+we allocate 2 extra extra XREF entries. Then for the next page 2 more
+entries. Then for the last page the transfer function changes and we
+allocate 4 more entries.
+
+When we read the file into memory, we assume we have 4 bytes extra for
+each and every page (as per the last transfer function we read). Which
+is not correct, we only have 2 bytes extra for the first 2 pages. As a
+result, we end up writing past the end of the buffer.
+
+There are also some related issues that this also fixes. For example,
+TIFFGetField can return uninitalized pointer values, and the logic to
+detect a N=3 vs N=1 transfer function seemed rather strange.
+
+It is also strange that we declare the transfer functions to be of type
+float, when the standard says they are unsigned 16 bit values. This is
+fixed in another patch.
+
+This patch will check to ensure that the N value for every transfer
+function is the same for every page. If this changes, we abort with an
+error. In theory, we should perhaps check that the transfer function
+itself is identical for every page, however we don't do that due to the
+confusion of the type of the data in the transfer function.
+---
+ libtiff/tif_dir.c | 3 +++
+ tools/tiff2pdf.c | 69 +++++++++++++++++++++++++++++++----------------
+ 2 files changed, 49 insertions(+), 23 deletions(-)
+
+diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
+index f00f808..c36a5f3 100644
+--- a/libtiff/tif_dir.c
++++ b/libtiff/tif_dir.c
+@@ -1067,6 +1067,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap)
+ if (td->td_samplesperpixel - td->td_extrasamples > 1) {
+ *va_arg(ap, uint16**) = td->td_transferfunction[1];
+ *va_arg(ap, uint16**) = td->td_transferfunction[2];
++ } else {
++ *va_arg(ap, uint16**) = NULL;
++ *va_arg(ap, uint16**) = NULL;
+ }
+ break;
+ case TIFFTAG_REFERENCEBLACKWHITE:
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index bdb9126..bd23c9e 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -239,7 +239,7 @@ typedef struct {
+ float tiff_whitechromaticities[2];
+ float tiff_primarychromaticities[6];
+ float tiff_referenceblackwhite[2];
+- float* tiff_transferfunction[3];
++ uint16* tiff_transferfunction[3];
+ int pdf_image_interpolate; /* 0 (default) : do not interpolate,
+ 1 : interpolate */
+ uint16 tiff_transferfunctioncount;
+@@ -1049,6 +1049,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
+ uint16 pagen=0;
+ uint16 paged=0;
+ uint16 xuint16=0;
++ uint16 tiff_transferfunctioncount=0;
++ uint16* tiff_transferfunction[3];
+
+ directorycount=TIFFNumberOfDirectories(input);
+ if(directorycount > TIFF_DIR_MAX) {
+@@ -1157,26 +1159,48 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
+ }
+ #endif
+ if (TIFFGetField(input, TIFFTAG_TRANSFERFUNCTION,
+- &(t2p->tiff_transferfunction[0]),
+- &(t2p->tiff_transferfunction[1]),
+- &(t2p->tiff_transferfunction[2]))) {
+- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[1] !=
+- t2p->tiff_transferfunction[0])) {
+- t2p->tiff_transferfunctioncount = 3;
+- t2p->tiff_pages[i].page_extra += 4;
+- t2p->pdf_xrefcount += 4;
+- } else {
+- t2p->tiff_transferfunctioncount = 1;
+- t2p->tiff_pages[i].page_extra += 2;
+- t2p->pdf_xrefcount += 2;
+- }
+- if(t2p->pdf_minorversion < 2)
+- t2p->pdf_minorversion = 2;
++ &(tiff_transferfunction[0]),
++ &(tiff_transferfunction[1]),
++ &(tiff_transferfunction[2]))) {
++
++ if((tiff_transferfunction[1] != (uint16*) NULL) &&
++ (tiff_transferfunction[2] != (uint16*) NULL)
++ ) {
++ tiff_transferfunctioncount=3;
++ } else {
++ tiff_transferfunctioncount=1;
++ }
+ } else {
+- t2p->tiff_transferfunctioncount=0;
++ tiff_transferfunctioncount=0;
+ }
++
++ if (i > 0){
++ if (tiff_transferfunctioncount != t2p->tiff_transferfunctioncount){
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Different transfer function on page %d",
++ i);
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
++ }
++
++ t2p->tiff_transferfunctioncount = tiff_transferfunctioncount;
++ t2p->tiff_transferfunction[0] = tiff_transferfunction[0];
++ t2p->tiff_transferfunction[1] = tiff_transferfunction[1];
++ t2p->tiff_transferfunction[2] = tiff_transferfunction[2];
++ if(tiff_transferfunctioncount == 3){
++ t2p->tiff_pages[i].page_extra += 4;
++ t2p->pdf_xrefcount += 4;
++ if(t2p->pdf_minorversion < 2)
++ t2p->pdf_minorversion = 2;
++ } else if (tiff_transferfunctioncount == 1){
++ t2p->tiff_pages[i].page_extra += 2;
++ t2p->pdf_xrefcount += 2;
++ if(t2p->pdf_minorversion < 2)
++ t2p->pdf_minorversion = 2;
++ }
++
+ if( TIFFGetField(
+ input,
+ TIFFTAG_ICCPROFILE,
+@@ -1837,10 +1861,9 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){
+ &(t2p->tiff_transferfunction[0]),
+ &(t2p->tiff_transferfunction[1]),
+ &(t2p->tiff_transferfunction[2]))) {
+- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[1] !=
+- t2p->tiff_transferfunction[0])) {
++ if((t2p->tiff_transferfunction[1] != (uint16*) NULL) &&
++ (t2p->tiff_transferfunction[2] != (uint16*) NULL)
++ ) {
+ t2p->tiff_transferfunctioncount=3;
+ } else {
+ t2p->tiff_transferfunctioncount=1;
+--
+2.17.0
+
diff --git a/SOURCES/libtiff-CVE-2018-10963.patch b/SOURCES/libtiff-CVE-2018-10963.patch
new file mode 100644
index 0000000..039b7c1
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-10963.patch
@@ -0,0 +1,31 @@
+From 98ed6179dec22db48f6e235d8ca9e2708bf4e71a Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sat, 12 May 2018 14:24:15 +0200
+Subject: [PATCH 4/4] TIFFWriteDirectorySec: avoid assertion. Fixes
+ http://bugzilla.maptools.org/show_bug.cgi?id=2795. CVE-2018-10963
+
+---
+ libtiff/tif_dirwrite.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
+index c68d6d2..5d0a669 100644
+--- a/libtiff/tif_dirwrite.c
++++ b/libtiff/tif_dirwrite.c
+@@ -697,8 +697,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
+ }
+ break;
+ default:
+- assert(0); /* we should never get here */
+- break;
++ TIFFErrorExt(tif->tif_clientdata,module,
++ "Cannot write tag %d (%s)",
++ TIFFFieldTag(o),
++ o->field_name ? o->field_name : "unknown");
++ goto bad;
+ }
+ }
+ }
+--
+2.17.0
+
diff --git a/SOURCES/libtiff-CVE-2018-12900.patch b/SOURCES/libtiff-CVE-2018-12900.patch
new file mode 100644
index 0000000..c7c3d30
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-12900.patch
@@ -0,0 +1,47 @@
+From 775b0d85eab499ccf577e72ec202eb4c6fb37197 Mon Sep 17 00:00:00 2001
+From: Thomas Bernard <miniupnp@free.fr>
+Date: Mon, 11 Feb 2019 10:05:33 +0100
+Subject: [PATCH] check that (Tile Width)*(Samples/Pixel) do no overflow
+
+fixes bug 2833
+---
+ tools/tiffcp.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/tools/tiffcp.c b/tools/tiffcp.c
+index 489459a..0c66229 100644
+--- a/tools/tiffcp.c
++++ b/tools/tiffcp.c
+@@ -43,6 +43,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <limits.h>
+
+ #include <ctype.h>
+
+@@ -1391,7 +1392,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
+ int status = 1;
+ uint32 imagew = TIFFRasterScanlineSize(in);
+ uint32 tilew = TIFFTileRowSize(in);
+- int iskew = imagew - tilew*spp;
++ int iskew;
+ tsize_t tilesize = TIFFTileSize(in);
+ tdata_t tilebuf;
+ uint8* bufp = (uint8*) buf;
+@@ -1399,6 +1400,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
+ uint32 row;
+ uint16 bps = 0, bytes_per_sample;
+
++ if (tilew && spp > (INT_MAX / tilew))
++ {
++ TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
++ return 0;
++ }
++ iskew = imagew - tilew*spp;
+ tilebuf = _TIFFmalloc(tilesize);
+ if (tilebuf == 0)
+ return 0;
+--
+2.21.0
+
diff --git a/SOURCES/libtiff-CVE-2018-17100.patch b/SOURCES/libtiff-CVE-2018-17100.patch
new file mode 100644
index 0000000..8ed6dca
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-17100.patch
@@ -0,0 +1,39 @@
+From 491e3acc55d7a54e2588de476733e93c4c7ffea0 Mon Sep 17 00:00:00 2001
+From: Young_X <YangX92@hotmail.com>
+Date: Sat, 8 Sep 2018 14:46:27 +0800
+Subject: [PATCH] avoid potential int32 overflows in multiply_ms()
+
+---
+ tools/ppm2tiff.c | 13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/tools/ppm2tiff.c b/tools/ppm2tiff.c
+index 91415e9..81ffa3d 100644
+--- a/tools/ppm2tiff.c
++++ b/tools/ppm2tiff.c
+@@ -72,15 +72,16 @@ BadPPM(char* file)
+ exit(-2);
+ }
+
++
++#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
++#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
++
+ static tmsize_t
+ multiply_ms(tmsize_t m1, tmsize_t m2)
+ {
+- tmsize_t bytes = m1 * m2;
+-
+- if (m1 && bytes / m1 != m2)
+- bytes = 0;
+-
+- return bytes;
++ if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 )
++ return 0;
++ return m1 * m2;
+ }
+
+ int
+--
+2.17.2
+
diff --git a/SOURCES/libtiff-CVE-2018-18557.patch b/SOURCES/libtiff-CVE-2018-18557.patch
new file mode 100644
index 0000000..d2cd3c5
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-18557.patch
@@ -0,0 +1,107 @@
+From 2683f6c21aefc760d2f7e56dac6b4383841886d6 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sun, 14 Oct 2018 16:38:29 +0200
+Subject: [PATCH 2/2] JBIG: fix potential out-of-bounds write in JBIGDecode()
+
+JBIGDecode doesn't check if the user provided buffer is large enough
+to store the JBIG decoded image, which can potentially cause out-of-bounds
+write in the buffer.
+This issue was reported and analyzed by Thomas Dullien.
+
+Also fixes a (harmless) potential use of uninitialized memory when
+tif->tif_rawsize > tif->tif_rawcc
+
+And in case libtiff is compiled with CHUNKY_STRIP_READ_SUPPORT, make sure
+that whole strip data is provided to JBIGDecode()
+---
+ libtiff/tif_jbig.c | 32 ++++++++++++++++++++++++++------
+ libtiff/tif_read.c | 6 ++++++
+ 2 files changed, 32 insertions(+), 6 deletions(-)
+
+diff --git a/libtiff/tif_jbig.c b/libtiff/tif_jbig.c
+index 7a14dd9..8136c77 100644
+--- a/libtiff/tif_jbig.c
++++ b/libtiff/tif_jbig.c
+@@ -53,17 +53,18 @@ static int JBIGDecode(TIFF* tif, uint8* buffer, tmsize_t size, uint16 s)
+ struct jbg_dec_state decoder;
+ int decodeStatus = 0;
+ unsigned char* pImage = NULL;
+- (void) size, (void) s;
++ unsigned long decodedSize;
++ (void) s;
+
+ if (isFillOrder(tif, tif->tif_dir.td_fillorder))
+ {
+- TIFFReverseBits(tif->tif_rawdata, tif->tif_rawdatasize);
++ TIFFReverseBits(tif->tif_rawcp, tif->tif_rawcc);
+ }
+
+ jbg_dec_init(&decoder);
+
+ #if defined(HAVE_JBG_NEWLEN)
+- jbg_newlen(tif->tif_rawdata, (size_t)tif->tif_rawdatasize);
++ jbg_newlen(tif->tif_rawcp, (size_t)tif->tif_rawcc);
+ /*
+ * I do not check the return status of jbg_newlen because even if this
+ * function fails it does not necessarily mean that decoding the image
+@@ -76,8 +77,8 @@ static int JBIGDecode(TIFF* tif, uint8* buffer, tmsize_t size, uint16 s)
+ */
+ #endif /* HAVE_JBG_NEWLEN */
+
+- decodeStatus = jbg_dec_in(&decoder, (unsigned char*)tif->tif_rawdata,
+- (size_t)tif->tif_rawdatasize, NULL);
++ decodeStatus = jbg_dec_in(&decoder, (unsigned char*)tif->tif_rawcp,
++ (size_t)tif->tif_rawcc, NULL);
+ if (JBG_EOK != decodeStatus)
+ {
+ /*
+@@ -98,9 +99,28 @@ static int JBIGDecode(TIFF* tif, uint8* buffer, tmsize_t size, uint16 s)
+ return 0;
+ }
+
++ decodedSize = jbg_dec_getsize(&decoder);
++ if( (tmsize_t)decodedSize < size )
++ {
++ TIFFWarningExt(tif->tif_clientdata, "JBIG",
++ "Only decoded %lu bytes, whereas %lu requested",
++ decodedSize, (unsigned long)size);
++ }
++ else if( (tmsize_t)decodedSize > size )
++ {
++ TIFFErrorExt(tif->tif_clientdata, "JBIG",
++ "Decoded %lu bytes, whereas %lu were requested",
++ decodedSize, (unsigned long)size);
++ jbg_dec_free(&decoder);
++ return 0;
++ }
+ pImage = jbg_dec_getimage(&decoder, 0);
+- _TIFFmemcpy(buffer, pImage, jbg_dec_getsize(&decoder));
++ _TIFFmemcpy(buffer, pImage, decodedSize);
+ jbg_dec_free(&decoder);
++
++ tif->tif_rawcp += tif->tif_rawcc;
++ tif->tif_rawcc = 0;
++
+ return 1;
+ }
+
+diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c
+index 2ba985a..04100f4 100644
+--- a/libtiff/tif_read.c
++++ b/libtiff/tif_read.c
+@@ -348,6 +348,12 @@ TIFFSeek(TIFF* tif, uint32 row, uint16 sample )
+ return 0;
+ whole_strip = tif->tif_dir.td_stripbytecount[strip] < 10
+ || isMapped(tif);
++ if( td->td_compression == COMPRESSION_JBIG )
++ {
++ /* Ideally plugins should have a way to declare they don't support
++ * chunk strip */
++ whole_strip = 1;
++ }
+ #else
+ whole_strip = 1;
+ #endif
+--
+2.17.2
+
diff --git a/SOURCES/libtiff-CVE-2018-18661.patch b/SOURCES/libtiff-CVE-2018-18661.patch
new file mode 100644
index 0000000..9a7430b
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-18661.patch
@@ -0,0 +1,121 @@
+From 20dbecdf69cf0209ad0246707aaf142bb1fee96e Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Tue, 30 Oct 2018 18:50:27 +0100
+Subject: [PATCH] tiff2bw: avoid null pointer dereference in case of out of
+ memory situation. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2819 /
+ CVE-2018-18661
+
+---
+ libtiff/tiffiop.h | 1 +
+ tools/tiff2bw.c | 30 ++++++++++++++++++++++++++----
+ tools/tiffcrop.c | 5 -----
+ 3 files changed, 27 insertions(+), 9 deletions(-)
+
+diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h
+index daa291c..08e5dc4 100644
+--- a/libtiff/tiffiop.h
++++ b/libtiff/tiffiop.h
+@@ -72,6 +72,7 @@ extern int snprintf(char* str, size_t size, const char* format, ...);
+ #endif
+
+ #define streq(a,b) (strcmp(a,b) == 0)
++#define strneq(a,b,n) (strncmp(a,b,n) == 0)
+
+ #ifndef TRUE
+ #define TRUE 1
+diff --git a/tools/tiff2bw.c b/tools/tiff2bw.c
+index dad54af..1f3bb2c 100644
+--- a/tools/tiff2bw.c
++++ b/tools/tiff2bw.c
+@@ -40,9 +40,7 @@
+ #endif
+
+ #include "tiffio.h"
+-
+-#define streq(a,b) (strcmp((a),(b)) == 0)
+-#define strneq(a,b,n) (strncmp(a,b,n) == 0)
++#include "tiffiop.h"
+
+ /* x% weighting -> fraction of full color */
+ #define PCT(x) (((x)*256+50)/100)
+@@ -223,6 +221,11 @@ main(int argc, char* argv[])
+ TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing);
+ TIFFSetField(out, TIFFTAG_SOFTWARE, "tiff2bw");
+ outbuf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++ if( !outbuf )
++ {
++ fprintf(stderr, "Out of memory\n");
++ goto tiff2bw_error;
++ }
+ TIFFSetField(out, TIFFTAG_ROWSPERSTRIP,
+ TIFFDefaultStripSize(out, rowsperstrip));
+
+@@ -246,6 +249,11 @@ main(int argc, char* argv[])
+ #undef CVT
+ }
+ inbuf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(in));
++ if( !inbuf )
++ {
++ fprintf(stderr, "Out of memory\n");
++ goto tiff2bw_error;
++ }
+ for (row = 0; row < h; row++) {
+ if (TIFFReadScanline(in, inbuf, row, 0) < 0)
+ break;
+@@ -256,6 +264,11 @@ main(int argc, char* argv[])
+ break;
+ case pack(PHOTOMETRIC_RGB, PLANARCONFIG_CONTIG):
+ inbuf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(in));
++ if( !inbuf )
++ {
++ fprintf(stderr, "Out of memory\n");
++ goto tiff2bw_error;
++ }
+ for (row = 0; row < h; row++) {
+ if (TIFFReadScanline(in, inbuf, row, 0) < 0)
+ break;
+@@ -265,8 +278,16 @@ main(int argc, char* argv[])
+ }
+ break;
+ case pack(PHOTOMETRIC_RGB, PLANARCONFIG_SEPARATE):
++ {
++ tmsize_t inbufsize;
+ rowsize = TIFFScanlineSize(in);
+- inbuf = (unsigned char *)_TIFFmalloc(3*rowsize);
++ inbufsize = TIFFSafeMultiply(tmsize_t, 3, rowsize);
++ inbuf = (unsigned char *)_TIFFmalloc(inbufsize);
++ if( !inbuf )
++ {
++ fprintf(stderr, "Out of memory\n");
++ goto tiff2bw_error;
++ }
+ for (row = 0; row < h; row++) {
+ for (s = 0; s < 3; s++)
+ if (TIFFReadScanline(in,
+@@ -278,6 +299,7 @@ main(int argc, char* argv[])
+ break;
+ }
+ break;
++ }
+ }
+ #undef pack
+ if (inbuf)
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index c60cb38..3862b1c 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -150,11 +150,6 @@ extern int getopt(int argc, char * const argv[], const char *optstring);
+
+ #define TIFF_UINT32_MAX 0xFFFFFFFFU
+
+-#ifndef streq
+-#define streq(a,b) (strcmp((a),(b)) == 0)
+-#endif
+-#define strneq(a,b,n) (strncmp((a),(b),(n)) == 0)
+-
+ #define TRUE 1
+ #define FALSE 0
+
+--
+2.17.2
+
diff --git a/SOURCES/libtiff-CVE-2018-5784.patch b/SOURCES/libtiff-CVE-2018-5784.patch
new file mode 100644
index 0000000..5f26e5d
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-5784.patch
@@ -0,0 +1,128 @@
+From 49723b0eb683cca80142b01a48ba1475fed5188a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
+Date: Fri, 23 Mar 2018 15:35:39 +0100
+Subject: [PATCH] Fix for bug 2772
+
+It is possible to craft a TIFF document where the IFD list is circular,
+leading to an infinite loop while traversing the chain. The libtiff
+directory reader has a failsafe that will break out of this loop after
+reading 65535 directory entries, but it will continue processing,
+consuming time and resources to process what is essentially a bogus TIFF
+document.
+
+This change fixes the above behavior by breaking out of processing when
+a TIFF document has >= 65535 directories and terminating with an error.
+---
+ contrib/addtiffo/tif_overview.c | 14 +++++++++++++-
+ tools/tiff2pdf.c | 10 ++++++++++
+ tools/tiffcrop.c | 13 +++++++++++--
+ 3 files changed, 34 insertions(+), 3 deletions(-)
+
+diff --git a/contrib/addtiffo/tif_overview.c b/contrib/addtiffo/tif_overview.c
+index c61ffbb..03b3573 100644
+--- a/contrib/addtiffo/tif_overview.c
++++ b/contrib/addtiffo/tif_overview.c
+@@ -65,6 +65,8 @@
+ # define MAX(a,b) ((a>b) ? a : b)
+ #endif
+
++#define TIFF_DIR_MAX 65534
++
+ void TIFFBuildOverviews( TIFF *, int, int *, int, const char *,
+ int (*)(double,void*), void * );
+
+@@ -91,6 +93,7 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
+ {
+ toff_t nBaseDirOffset;
+ toff_t nOffset;
++ tdir_t iNumDir;
+
+ (void) bUseSubIFDs;
+
+@@ -147,7 +150,16 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
+ return 0;
+
+ TIFFWriteDirectory( hTIFF );
+- TIFFSetDirectory( hTIFF, (tdir_t) (TIFFNumberOfDirectories(hTIFF)-1) );
++ iNumDir = TIFFNumberOfDirectories(hTIFF);
++ if( iNumDir > TIFF_DIR_MAX )
++ {
++ TIFFErrorExt( TIFFClientdata(hTIFF),
++ "TIFF_WriteOverview",
++ "File `%s' has too many directories.\n",
++ TIFFFileName(hTIFF) );
++ exit(-1);
++ }
++ TIFFSetDirectory( hTIFF, (tdir_t) (iNumDir - 1) );
+
+ nOffset = TIFFCurrentDirOffset( hTIFF );
+
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index 454befb..bdb9126 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -68,6 +68,8 @@ extern int getopt(int, char**, char*);
+
+ #define PS_UNIT_SIZE 72.0F
+
++#define TIFF_DIR_MAX 65534
++
+ /* This type is of PDF color spaces. */
+ typedef enum {
+ T2P_CS_BILEVEL = 0x01, /* Bilevel, black and white */
+@@ -1049,6 +1051,14 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
+ uint16 xuint16=0;
+
+ directorycount=TIFFNumberOfDirectories(input);
++ if(directorycount > TIFF_DIR_MAX) {
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "TIFF contains too many directories, %s",
++ TIFFFileName(input));
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
+ t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE)));
+ if(t2p->tiff_pages==NULL){
+ TIFFError(
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index c69177e..c60cb38 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -217,6 +217,8 @@ extern int getopt(int argc, char * const argv[], const char *optstring);
+ #define DUMP_TEXT 1
+ #define DUMP_RAW 2
+
++#define TIFF_DIR_MAX 65534
++
+ /* Offsets into buffer for margins and fixed width and length segments */
+ struct offset {
+ uint32 tmargin;
+@@ -2233,7 +2235,7 @@ main(int argc, char* argv[])
+ pageNum = -1;
+ else
+ total_images = 0;
+- /* read multiple input files and write to output file(s) */
++ /* Read multiple input files and write to output file(s) */
+ while (optind < argc - 1)
+ {
+ in = TIFFOpen (argv[optind], "r");
+@@ -2241,7 +2243,14 @@ main(int argc, char* argv[])
+ return (-3);
+
+ /* If only one input file is specified, we can use directory count */
+- total_images = TIFFNumberOfDirectories(in);
++ total_images = TIFFNumberOfDirectories(in);
++ if (total_images > TIFF_DIR_MAX)
++ {
++ TIFFError (TIFFFileName(in), "File contains too many directories");
++ if (out != NULL)
++ (void) TIFFClose(out);
++ return (1);
++ }
+ if (image_count == 0)
+ {
+ dirnum = 0;
+--
+2.13.6
+
diff --git a/SOURCES/libtiff-CVE-2018-7456.patch b/SOURCES/libtiff-CVE-2018-7456.patch
new file mode 100644
index 0000000..65a8947
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-7456.patch
@@ -0,0 +1,170 @@
+From de5385cd882a5ff0970f63f4d93da0cbc87230c2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
+Date: Tue, 17 Apr 2018 18:42:09 +0200
+Subject: [PATCH] Fix NULL pointer dereference in TIFFPrintDirectory
+
+The TIFFPrintDirectory function relies on the following assumptions,
+supposed to be guaranteed by the specification:
+
+(a) A Transfer Function field is only present if the TIFF file has
+ photometric type < 3.
+
+(b) If SamplesPerPixel > Color Channels, then the ExtraSamples field
+ has count SamplesPerPixel - (Color Channels) and contains
+ information about supplementary channels.
+
+While respect of (a) and (b) are essential for the well functioning of
+TIFFPrintDirectory, no checks are realized neither by the callee nor
+by TIFFPrintDirectory itself. Hence, following scenarios might happen
+and trigger the NULL pointer dereference:
+
+(1) TIFF File of photometric type 4 or more has illegal Transfer
+ Function field.
+
+(2) TIFF File has photometric type 3 or less and defines a
+ SamplesPerPixel field such that SamplesPerPixel > Color Channels
+ without defining all extra samples in the ExtraSamples fields.
+
+In this patch, we address both issues with respect of the following
+principles:
+
+(A) In the case of (1), the defined transfer table should be printed
+ safely even if it isn't 'legal'. This allows us to avoid expensive
+ checks in TIFFPrintDirectory. Also, it is quite possible that
+ an alternative photometric type would be developed (not part of the
+ standard) and would allow definition of Transfer Table. We want
+ libtiff to be able to handle this scenario out of the box.
+
+(B) In the case of (2), the transfer table should be printed at its
+ right size, that is if TIFF file has photometric type Palette
+ then the transfer table should have one row and not three, even
+ if two extra samples are declared.
+
+In order to fulfill (A) we simply add a new 'i < 3' end condition to
+the broken TIFFPrintDirectory loop. This makes sure that in any case
+where (b) would be respected but not (a), everything stays fine.
+
+(B) is fulfilled by the loop condition
+'i < td->td_samplesperpixel - td->td_extrasamples'. This is enough as
+long as (b) is respected.
+
+Naturally, we also make sure (b) is respected. This is done in the
+TIFFReadDirectory function by making sure any non-color channel is
+counted in ExtraSamples.
+
+This commit addresses CVE-2018-7456.
+---
+ libtiff/tif_dirread.c | 62 +++++++++++++++++++++++++++++++++++++++++++
+ libtiff/tif_print.c | 2 +-
+ 2 files changed, 63 insertions(+), 1 deletion(-)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index 5e62e81..80aaf8d 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -167,6 +167,7 @@ static int TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uin
+ static int TIFFFetchSubjectDistance(TIFF*, TIFFDirEntry*);
+ static void ChopUpSingleUncompressedStrip(TIFF*);
+ static uint64 TIFFReadUInt64(const uint8 *value);
++static int _TIFFGetMaxColorChannels(uint16 photometric);
+
+ static int _TIFFFillStrilesInternal( TIFF *tif, int loadStripByteCount );
+
+@@ -3506,6 +3507,35 @@ static void TIFFReadDirEntryOutputErr(TIFF* tif, enum TIFFReadDirEntryErr err, c
+ }
+ }
+
++/*
++ * Return the maximum number of color channels specified for a given photometric
++ * type. 0 is returned if photometric type isn't supported or no default value
++ * is defined by the specification.
++ */
++static int _TIFFGetMaxColorChannels( uint16 photometric )
++{
++ switch (photometric) {
++ case PHOTOMETRIC_PALETTE:
++ case PHOTOMETRIC_MINISWHITE:
++ case PHOTOMETRIC_MINISBLACK:
++ return 1;
++ case PHOTOMETRIC_YCBCR:
++ case PHOTOMETRIC_RGB:
++ case PHOTOMETRIC_CIELAB:
++ return 3;
++ case PHOTOMETRIC_SEPARATED:
++ case PHOTOMETRIC_MASK:
++ return 4;
++ case PHOTOMETRIC_LOGL:
++ case PHOTOMETRIC_LOGLUV:
++ case PHOTOMETRIC_CFA:
++ case PHOTOMETRIC_ITULAB:
++ case PHOTOMETRIC_ICCLAB:
++ default:
++ return 0;
++ }
++}
++
+ /*
+ * Read the next TIFF directory from a file and convert it to the internal
+ * format. We read directories sequentially.
+@@ -3522,6 +3552,7 @@ TIFFReadDirectory(TIFF* tif)
+ uint32 fii=FAILED_FII;
+ toff_t nextdiroff;
+ int bitspersample_read = FALSE;
++ int color_channels;
+
+ tif->tif_diroff=tif->tif_nextdiroff;
+ if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff))
+@@ -4026,6 +4057,37 @@ TIFFReadDirectory(TIFF* tif)
+ }
+ }
+ }
++
++ /*
++ * Make sure all non-color channels are extrasamples.
++ * If it's not the case, define them as such.
++ */
++ color_channels = _TIFFGetMaxColorChannels(tif->tif_dir.td_photometric);
++ if (color_channels && tif->tif_dir.td_samplesperpixel - tif->tif_dir.td_extrasamples > color_channels) {
++ uint16 old_extrasamples;
++ uint16 *new_sampleinfo;
++
++ TIFFWarningExt(tif->tif_clientdata,module, "Sum of Photometric type-related "
++ "color channels and ExtraSamples doesn't match SamplesPerPixel. "
++ "Defining non-color channels as ExtraSamples.");
++
++ old_extrasamples = tif->tif_dir.td_extrasamples;
++ tif->tif_dir.td_extrasamples = (tif->tif_dir.td_samplesperpixel - color_channels);
++
++ // sampleinfo should contain information relative to these new extra samples
++ new_sampleinfo = (uint16*) _TIFFcalloc(tif->tif_dir.td_extrasamples, sizeof(uint16));
++ if (!new_sampleinfo) {
++ TIFFErrorExt(tif->tif_clientdata, module, "Failed to allocate memory for "
++ "temporary new sampleinfo array (%d 16 bit elements)",
++ tif->tif_dir.td_extrasamples);
++ goto bad;
++ }
++
++ memcpy(new_sampleinfo, tif->tif_dir.td_sampleinfo, old_extrasamples * sizeof(uint16));
++ _TIFFsetShortArray(&tif->tif_dir.td_sampleinfo, new_sampleinfo, tif->tif_dir.td_extrasamples);
++ _TIFFfree(new_sampleinfo);
++ }
++
+ /*
+ * Verify Palette image has a Colormap.
+ */
+diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
+index 24d4b98..10a588e 100644
+--- a/libtiff/tif_print.c
++++ b/libtiff/tif_print.c
+@@ -546,7 +546,7 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
+ uint16 i;
+ fprintf(fd, " %2ld: %5u",
+ l, td->td_transferfunction[0][l]);
+- for (i = 1; i < td->td_samplesperpixel; i++)
++ for (i = 1; i < td->td_samplesperpixel - td->td_extrasamples && i < 3; i++)
+ fprintf(fd, " %5u",
+ td->td_transferfunction[i][l]);
+ fputc('\n', fd);
+--
+2.17.0
+
diff --git a/SOURCES/libtiff-CVE-2018-8905.patch b/SOURCES/libtiff-CVE-2018-8905.patch
new file mode 100644
index 0000000..be6bee4
--- /dev/null
+++ b/SOURCES/libtiff-CVE-2018-8905.patch
@@ -0,0 +1,53 @@
+From 1c127eb3cb7653bd61b61f9c3cfeb36fd10edab1 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sat, 12 May 2018 15:32:31 +0200
+Subject: [PATCH 3/4] LZWDecodeCompat(): fix potential index-out-of-bounds
+ write. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2780 /
+ CVE-2018-8905
+
+The fix consists in using the similar code LZWDecode() to validate we
+don't write outside of the output buffer.
+---
+ libtiff/tif_lzw.c | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c
+index bc8f9c8..186ea3c 100644
+--- a/libtiff/tif_lzw.c
++++ b/libtiff/tif_lzw.c
+@@ -604,6 +604,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
+ char *tp;
+ unsigned char *bp;
+ int code, nbits;
++ int len;
+ long nextbits, nextdata, nbitsmask;
+ code_t *codep, *free_entp, *maxcodep, *oldcodep;
+
+@@ -755,13 +756,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
+ } while (--occ);
+ break;
+ }
+- assert(occ >= codep->length);
+- op += codep->length;
+- occ -= codep->length;
+- tp = op;
++ len = codep->length;
++ tp = op + len;
+ do {
+- *--tp = codep->value;
+- } while( (codep = codep->next) != NULL );
++ int t;
++ --tp;
++ t = codep->value;
++ codep = codep->next;
++ *tp = (char)t;
++ } while (codep && tp > op);
++ assert(occ >= len);
++ op += len;
++ occ -= len;
+ } else {
+ *op++ = (char)code;
+ occ--;
+--
+2.17.0
+
diff --git a/SOURCES/libtiff-am-version.patch b/SOURCES/libtiff-am-version.patch
new file mode 100644
index 0000000..c94c2e0
--- /dev/null
+++ b/SOURCES/libtiff-am-version.patch
@@ -0,0 +1,31 @@
+Back off the minimum required automake version to 1.11. There isn't
+anything in libtiff currently that actually requires 1.12, and changing
+this allows the package to be built on pre-F18 machines for easier testing.
+
+This patch can go away once we no longer care about testing on pre-F18.
+
+
+diff -Naur tiff-4.0.3.orig/Makefile.am tiff-4.0.3/Makefile.am
+--- tiff-4.0.3.orig/Makefile.am 2012-09-20 09:22:47.000000000 -0400
++++ tiff-4.0.3/Makefile.am 2012-10-30 11:33:30.312823564 -0400
+@@ -25,7 +25,7 @@
+
+ docdir = $(LIBTIFF_DOCDIR)
+
+-AUTOMAKE_OPTIONS = 1.12 dist-zip foreign
++AUTOMAKE_OPTIONS = 1.11 dist-zip foreign
+ ACLOCAL_AMFLAGS = -I m4
+
+ docfiles = \
+diff -Naur tiff-4.0.3.orig/test/Makefile.am tiff-4.0.3/test/Makefile.am
+--- tiff-4.0.3.orig/test/Makefile.am 2012-09-20 09:22:28.000000000 -0400
++++ tiff-4.0.3/test/Makefile.am 2012-10-30 11:33:17.109696812 -0400
+@@ -23,7 +23,7 @@
+
+ # Process this file with automake to produce Makefile.in.
+
+-AUTOMAKE_OPTIONS = 1.12 color-tests parallel-tests foreign
++AUTOMAKE_OPTIONS = 1.11 color-tests parallel-tests foreign
+
+ LIBTIFF = $(top_builddir)/libtiff/libtiff.la
+
diff --git a/SOURCES/libtiff-coverity.patch b/SOURCES/libtiff-coverity.patch
new file mode 100644
index 0000000..04a445a
--- /dev/null
+++ b/SOURCES/libtiff-coverity.patch
@@ -0,0 +1,42 @@
+diff --git a/tools/ppm2tiff.c b/tools/ppm2tiff.c
+index 81ffa3d..a02e865 100644
+--- a/tools/ppm2tiff.c
++++ b/tools/ppm2tiff.c
+@@ -285,6 +285,8 @@ main(int argc, char* argv[])
+ if (TIFFWriteScanline(out, buf, row, 0) < 0)
+ break;
+ }
++ if (in != stdin)
++ fclose(in);
+ (void) TIFFClose(out);
+ if (buf)
+ _TIFFfree(buf);
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index bd23c9e..a15a3ef 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -3020,6 +3020,7 @@ tsize_t t2p_readwrite_pdf_image_tile(T2P* t2p, TIFF* input, TIFF* output, ttile_
+ "for t2p_readwrite_pdf_image_tile, %s",
+ (unsigned long) t2p->tiff_datasize,
+ TIFFFileName(input));
++ _TIFFfree(buffer);
+ t2p->t2p_error = T2P_ERR_ERROR;
+ return(0);
+ }
+@@ -3747,11 +3748,11 @@ t2p_sample_rgbaa_to_rgb(tdata_t data, uint32 samplecount)
+ {
+ uint32 i;
+
+- /* For the 3 first samples, there is overlapping between souce and
+- destination, so use memmove().
+- See http://bugzilla.maptools.org/show_bug.cgi?id=2577 */
+- for(i = 0; i < 3 && i < samplecount; i++)
+- memmove((uint8*)data + i * 3, (uint8*)data + i * 4, 3);
++ /* For the 3 first samples, there is overlapping between souce and
++ destination, so use memmove().
++ See http://bugzilla.maptools.org/show_bug.cgi?id=2577 */
++ for(i = 0; i < 3 && i < samplecount; i++)
++ memmove((uint8*)data + i * 3, (uint8*)data + i * 4, 3);
+ for(; i < samplecount; i++)
+ memcpy((uint8*)data + i * 3, (uint8*)data + i * 4, 3);
+
diff --git a/SOURCES/libtiff-make-check.patch b/SOURCES/libtiff-make-check.patch
new file mode 100644
index 0000000..e79dc94
--- /dev/null
+++ b/SOURCES/libtiff-make-check.patch
@@ -0,0 +1,12 @@
+diff --git a/html/man/Makefile.am b/html/man/Makefile.am
+index 587296c..696005e 100644
+--- a/html/man/Makefile.am
++++ b/html/man/Makefile.am
+@@ -92,7 +92,6 @@ docfiles = \
+ tiffcrop.1.html \
+ tiffdither.1.html \
+ tiffdump.1.html \
+- tiffgt.1.html \
+ tiffinfo.1.html \
+ tiffmedian.1.html \
+ tiffset.1.html \
diff --git a/SPECS/libtiff.spec b/SPECS/libtiff.spec
new file mode 100644
index 0000000..42dd6a0
--- /dev/null
+++ b/SPECS/libtiff.spec
@@ -0,0 +1,718 @@
+Summary: Library of functions for manipulating TIFF format image files
+Name: libtiff
+Version: 4.0.9
+Release: 15%{?dist}
+License: libtiff
+Group: System Environment/Libraries
+URL: http://www.simplesystems.org/libtiff/
+
+Source: ftp://ftp.simplesystems.org/pub/libtiff/tiff-%{version}.tar.gz
+
+Patch0: libtiff-am-version.patch
+Patch1: libtiff-make-check.patch
+Patch2: libtiff-CVE-2018-5784.patch
+Patch3: libtiff-CVE-2018-7456.patch
+Patch4: libtiff-CVE-2017-9935.patch
+Patch5: libtiff-CVE-2017-18013.patch
+Patch6: libtiff-CVE-2018-8905.patch
+Patch7: libtiff-CVE-2018-10963.patch
+Patch8: libtiff-CVE-2018-17100.patch
+Patch9: libtiff-coverity.patch
+Patch10: libtiff-CVE-2018-18557.patch
+Patch11: libtiff-CVE-2018-18661.patch
+Patch12: libtiff-CVE-2018-12900.patch
+
+BuildRequires: gcc, gcc-c++
+BuildRequires: zlib-devel libjpeg-devel jbigkit-devel
+BuildRequires: libtool automake autoconf pkgconfig
+
+%description
+The libtiff package contains a library of functions for manipulating
+TIFF (Tagged Image File Format) image format files. TIFF is a widely
+used file format for bitmapped images. TIFF files usually end in the
+.tif extension and they are often quite large.
+
+The libtiff package should be installed if you need to manipulate TIFF
+format image files.
+
+%package devel
+Summary: Development tools for programs which will use the libtiff library
+Group: Development/Libraries
+Requires: %{name}%{?_isa} = %{version}-%{release}
+Requires: pkgconfig%{?_isa}
+
+%description devel
+This package contains the header files and documentation necessary for
+developing programs which will manipulate TIFF format image files
+using the libtiff library.
+
+If you need to develop programs which will manipulate TIFF format
+image files, you should install this package. You'll also need to
+install the libtiff package.
+
+%package static
+Summary: Static TIFF image format file library
+Group: Development/Libraries
+Requires: %{name}-devel%{?_isa} = %{version}-%{release}
+
+%description static
+The libtiff-static package contains the statically linkable version of libtiff.
+Linking to static libraries is discouraged for most applications, but it is
+necessary for some boot packages.
+
+%package tools
+Summary: Command-line utility programs for manipulating TIFF files
+Group: Development/Libraries
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description tools
+This package contains command-line programs for manipulating TIFF format
+image files using the libtiff library.
+
+%prep
+%setup -q -n tiff-%{version}
+
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+
+# Use build system's libtool.m4, not the one in the package.
+rm -f libtool.m4
+
+libtoolize --force --copy
+aclocal -I . -I m4
+automake --add-missing --copy
+autoconf
+autoheader
+
+%build
+export CFLAGS="%{optflags} -fno-strict-aliasing"
+%configure --enable-ld-version-script
+make %{?_smp_mflags}
+
+%install
+make DESTDIR=$RPM_BUILD_ROOT install
+
+# remove what we didn't want installed
+rm $RPM_BUILD_ROOT%{_libdir}/*.la
+rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/
+
+# no libGL dependency, please
+rm -f $RPM_BUILD_ROOT%{_bindir}/tiffgt
+
+# no sgi2tiff or tiffsv, either
+rm -f $RPM_BUILD_ROOT%{_bindir}/sgi2tiff
+rm -f $RPM_BUILD_ROOT%{_bindir}/tiffsv
+
+rm -f $RPM_BUILD_ROOT%{_mandir}/man1/tiffgt.1
+rm -f $RPM_BUILD_ROOT%{_mandir}/man1/sgi2tiff.1
+rm -f $RPM_BUILD_ROOT%{_mandir}/man1/tiffsv.1
+rm -f html/man/tiffgt.1.html
+rm -f html/man/sgi2tiff.1.html
+rm -f html/man/tiffsv.1.html
+
+# multilib header hack
+# we only apply this to known Red Hat multilib arches, per bug #233091
+case `uname -i` in
+ i386 | ppc | s390 | sparc )
+ wordsize="32"
+ ;;
+ x86_64 | ppc64 | s390x | sparc64 )
+ wordsize="64"
+ ;;
+ *)
+ wordsize=""
+ ;;
+esac
+
+if test -n "$wordsize"
+then
+ mv $RPM_BUILD_ROOT%{_includedir}/tiffconf.h \
+ $RPM_BUILD_ROOT%{_includedir}/tiffconf-$wordsize.h
+
+ cat >$RPM_BUILD_ROOT%{_includedir}/tiffconf.h <<EOF
+#ifndef TIFFCONF_H_MULTILIB
+#define TIFFCONF_H_MULTILIB
+
+#include <bits/wordsize.h>
+
+#if __WORDSIZE == 32
+# include "tiffconf-32.h"
+#elif __WORDSIZE == 64
+# include "tiffconf-64.h"
+#else
+# error "unexpected value for __WORDSIZE macro"
+#endif
+
+#endif
+EOF
+
+fi
+
+%ldconfig_scriptlets
+
+%check
+LD_LIBRARY_PATH=$PWD:$LD_LIBRARY_PATH make check
+
+# don't include documentation Makefiles, they are a multilib hazard
+find html -name 'Makefile*' | xargs rm
+
+%files
+%doc COPYRIGHT README RELEASE-DATE VERSION
+%{_libdir}/libtiff.so.*
+%{_libdir}/libtiffxx.so.*
+
+%files devel
+%doc TODO ChangeLog html
+%{_includedir}/*
+%{_libdir}/libtiff.so
+%{_libdir}/libtiffxx.so
+%{_libdir}/pkgconfig/libtiff*.pc
+%{_mandir}/man3/*
+
+%files static
+%{_libdir}/*.a
+
+%files tools
+%{_bindir}/*
+%{_mandir}/man1/*
+
+%changelog
+* Wed Jun 12 2019 Nikola Forró <nforro@redhat.com> - 4.0.9-15
+- Fix DIVIDE_BY_ZERO in patch for CVE-2018-12900 (#1595579)
+
+* Thu Jun 06 2019 Nikola Forró <nforro@redhat.com> - 4.0.9-14
+- Fix CVE-2018-12900 (#1595579)
+
+* Thu Dec 13 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-13
+- Fix compiler warning introduced by patch for CVE-2018-18661
+
+* Wed Nov 14 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-12
+- Fix CVE-2018-18557 (#1647738) and CVE-2018-18661 (#1644452)
+
+* Mon Oct 15 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-11
+- Fix important Covscan defects (#1602597)
+
+* Mon Oct 15 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-10
+- Fix CVE-2018-17100 (#1631073)
+
+* Wed May 30 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-9
+- Fix CVE-2017-9935, CVE-2017-18013, CVE-2018-8905 (#1559708)
+ and CVE-2018-10963 (#1579060)
+
+* Tue Apr 17 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-8
+- Fix CVE-2018-7456 (#1556709)
+
+* Fri Mar 23 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-7
+- Fix CVE-2018-5784 (#1537742)
+
+* Tue Feb 20 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-6
+- Add missing gcc-c++ build dependency
+
+* Tue Feb 20 2018 Nikola Forró <nforro@redhat.com> - 4.0.9-5
+- Add missing gcc build dependency
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.9-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 4.0.9-3
+- Switch to %%ldconfig_scriptlets
+
+* Mon Dec 11 2017 Nikola Forró <nforro@redhat.com> - 4.0.9-2
+- Fix unescaped macro in changelog entry (#1523643)
+
+* Thu Nov 23 2017 Nikola Forró <nforro@redhat.com> - 4.0.9-1
+- New upstream version libtiff-4.0.9 (#1514863)
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Mon May 22 2017 Nikola Forró <nforro@redhat.com> - 4.0.8-1
+- New upstream version libtiff-4.0.8 (#1453030)
+
+* Wed Apr 12 2017 Nikola Forró <nforro@redhat.com> - 4.0.7-5
+- Fix CVE-2017-759{2,3,4,5,6,7,8,9}, CVE-2017-760{0,1,2} (#1441273)
+
+* Wed Apr 05 2017 Nikola Forró <nforro@redhat.com> - 4.0.7-4
+- Fix CVE-2016-1026{6,7,8,9}, CVE-2016-1027{0,1,2} (#1438464)
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Tue Jan 24 2017 Nikola Forró <nforro@redhat.com> - 4.0.7-2
+- Fix Hylafax breakage (#1416042)
+
+* Mon Nov 21 2016 Nikola Forró <nforro@redhat.com> - 4.0.7-1
+- New upstream version libtiff-4.0.7 (#1396769)
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Fri Oct 09 2015 Petr Hracek <phracek@redhat.com> - 4.0.6-1
+- New upstream version libtiff-4.0.6 (#1262585)
+
+* Wed Sep 09 2015 Petr Hracek <phracek@redhat.com> - 4.0.5-1
+- New upstream version libtiff-4.0.5 (#1258286)
+
+* Mon Jun 22 2015 Petr Hracek <phracek@redhat.com> - 4.0.4-1
+- New upstream version libtiff-4.0.4 (#1234191)
+
+* Fri Jun 19 2015 Petr Hracek <phracek@redhat.com> - 4.0.4beta-1
+- New upstream version libtiff-4.0.4beta (#1186219)
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.3-21
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Tue May 19 2015 Petr Hracek <phracek@redhat.com> - 4.0.3-20
+- CVE-2014-9655 and CVE-2015-1547 #1190710
+
+* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 4.0.3-19
+- Rebuilt for GCC 5 C++11 ABI change
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.3-18
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Tue Aug 12 2014 Kalev Lember <kalevlember@gmail.com> - 4.0.3-17
+- Rebuilt for libjbig soname bump
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.3-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Wed May 21 2014 Petr Hracek <phracek@redhat.com> - 4.0.3-15
+- Add upstream patches for CVE-2013-4243 (#996832)
+
+* Thu Dec 19 2013 Petr Hracek <phracek@redhat.com> - 4.0.3-14
+- Fix: #1044609 Can't install both architectures
+
+* Wed Dec 18 2013 Petr Hracek <phracek@redhat.com> - 4.0.3-13
+- Fix #510240 Correct tiff2ps man option -W
+
+* Wed Oct 16 2013 Petr Hracek <phracek@redhat.com> - 4.0.3-12
+- make check moved to %%check section (#1017070)
+
+* Tue Oct 08 2013 Petr Hracek <phracek@redhat.com> - 4.0.3-11
+- Resolves: #510258, #510240 - man page corrections
+
+* Mon Aug 19 2013 Petr Hracek <phracek@redhat.com> 4.0.3-10
+- Add upstream patches for CVE-2013-4244
+Resolves: #996468
+
+* Wed Aug 14 2013 Petr Hracek <phracek@redhat.com> 4.0.3-9
+- Add upstream patches for CVE-2013-4231 CVE-2013-4232
+Resolves: #995965 #995975
+
+* Mon Aug 12 2013 Petr Hracek <phracek@redhat.com> - 4.0.3-8
+- Manpage fixing (#510240, #510258)
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.3-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Thu May 2 2013 Tom Lane <tgl@redhat.com> 4.0.3-6
+- Add upstream patches for CVE-2013-1960, CVE-2013-1961
+Resolves: #958609
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 4.0.3-4
+- rebuild due to "jpeg8-ABI" feature drop
+
+* Wed Dec 19 2012 Tom Lane <tgl@redhat.com> 4.0.3-3
+- Add upstream patch to avoid bogus self-test failure with libjpeg-turbo v8
+
+* Thu Dec 13 2012 Tom Lane <tgl@redhat.com> 4.0.3-2
+- Add upstream patches for CVE-2012-4447, CVE-2012-4564
+ (note: CVE-2012-5581 is already fixed in 4.0.3)
+Resolves: #880907
+
+* Thu Oct 4 2012 Tom Lane <tgl@redhat.com> 4.0.3-1
+- Update to libtiff 4.0.3
+
+* Fri Aug 3 2012 Tom Lane <tgl@redhat.com> 4.0.2-6
+- Remove compat subpackage; no longer needed
+- Minor specfile cleanup per suggestions from Tom Callaway
+Related: #845110
+
+* Thu Aug 2 2012 Tom Lane <tgl@redhat.com> 4.0.2-5
+- Add accessor functions for opaque type TIFFField (backport of not-yet-released
+ upstream feature addition; needed to fix freeimage)
+
+* Sun Jul 22 2012 Tom Lane <tgl@redhat.com> 4.0.2-4
+- Add patches for CVE-2012-3401
+Resolves: #841736
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Tue Jul 03 2012 Karsten Hopp <karsten@redhat.com> 4.0.2-2
+- add opensuse bigendian patch to fix raw_decode self check failure on ppc*, s390*
+
+* Thu Jun 28 2012 Tom Lane <tgl@redhat.com> 4.0.2-1
+- Update to libtiff 4.0.2, includes fix for CVE-2012-2113
+ (note that CVE-2012-2088 does not apply to 4.0.x)
+- Update libtiff-compat to 3.9.6 and add patches to it for
+ CVE-2012-2088, CVE-2012-2113
+Resolves: #832866
+
+* Fri Jun 1 2012 Tom Lane <tgl@redhat.com> 4.0.1-2
+- Enable JBIG support
+Resolves: #826240
+
+* Sun May 6 2012 Tom Lane <tgl@redhat.com> 4.0.1-1
+- Update to libtiff 4.0.1, adds BigTIFF support and other features;
+ library soname is bumped from libtiff.so.3 to libtiff.so.5
+Resolves: #782383
+- Temporarily package 3.9.5 shared library (only) in libtiff-compat subpackage
+ so that dependent packages won't be broken while rebuilding proceeds
+
+* Thu Apr 5 2012 Tom Lane <tgl@redhat.com> 3.9.5-3
+- Add fix for CVE-2012-1173
+Resolves: #CVE-2012-1173
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.9.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Apr 12 2011 Tom Lane <tgl@redhat.com> 3.9.5-1
+- Update to libtiff 3.9.5, incorporating all our previous patches plus other
+ fixes, notably the fix for CVE-2009-5022
+Related: #695885
+
+* Mon Mar 21 2011 Tom Lane <tgl@redhat.com> 3.9.4-4
+- Fix incorrect fix for CVE-2011-0192
+Resolves: #684007
+Related: #688825
+- Add fix for CVE-2011-1167
+Resolves: #689574
+
+* Wed Mar 2 2011 Tom Lane <tgl@redhat.com> 3.9.4-3
+- Add patch for CVE-2011-0192
+Resolves: #681672
+- Fix non-security-critical potential SIGSEGV in gif2tiff
+Related: #648820
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.9.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Tue Jun 22 2010 Tom Lane <tgl@redhat.com> 3.9.4-1
+- Update to libtiff 3.9.4, for numerous bug fixes including fixes for
+ CVE-2010-1411, CVE-2010-2065, CVE-2010-2067
+Resolves: #554371
+Related: #460653, #588784, #601274, #599576, #592361, #603024
+- Add fixes for multiple SIGSEGV problems
+Resolves: #583081
+Related: #603081, #603699, #603703
+
+* Tue Jan 5 2010 Tom Lane <tgl@redhat.com> 3.9.2-3
+- Apply Adam Goode's fix for Warmerdam's fix
+Resolves: #552360
+Resolves: #533353
+- Add some defenses to prevent tiffcmp from crashing on downsampled JPEG
+ images; this isn't enough to make it really work correctly though
+Related: #460322
+
+* Wed Dec 16 2009 Tom Lane <tgl@redhat.com> 3.9.2-2
+- Apply Warmerdam's partial fix for bug #460322 ... better than nothing.
+Related: #460322
+
+* Thu Dec 3 2009 Tom Lane <tgl@redhat.com> 3.9.2-1
+- Update to libtiff 3.9.2; stop carrying a lot of old patches
+Resolves: #520734
+- Split command-line tools into libtiff-tools subpackage
+Resolves: #515170
+- Use build system's libtool instead of what package contains;
+ among other cleanup this gets rid of unwanted rpath specs in executables
+Related: #226049
+
+* Thu Oct 15 2009 Tom Lane <tgl@redhat.com> 3.8.2-16
+- add sparc/sparc64 to multilib header support
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8.2-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Mon Jul 13 2009 Tom Lane <tgl@redhat.com> 3.8.2-14
+- Fix buffer overrun risks caused by unchecked integer overflow (CVE-2009-2347)
+Related: #510041
+
+* Wed Jul 1 2009 Tom Lane <tgl@redhat.com> 3.8.2-13
+- Fix some more LZW decoding vulnerabilities (CVE-2009-2285)
+Related: #507465
+- Update upstream URL
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8.2-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Tue Aug 26 2008 Tom Lane <tgl@redhat.com> 3.8.2-11
+- Fix LZW decoding vulnerabilities (CVE-2008-2327)
+Related: #458674
+- Use -fno-strict-aliasing per rpmdiff recommendation
+
+* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 3.8.2-10
+- Autorebuild for GCC 4.3
+
+* Wed Aug 22 2007 Tom Lane <tgl@redhat.com> 3.8.2-9
+- Update License tag
+- Rebuild to fix Fedora toolchain issues
+
+* Thu Jul 19 2007 Tom Lane <tgl@redhat.com> 3.8.2-8
+- Restore static library to distribution, in a separate -static subpackage
+Resolves: #219905
+- Don't apply multilib header hack to unrecognized architectures
+Resolves: #233091
+- Remove documentation for programs we don't ship
+Resolves: #205079
+Related: #185145
+
+* Tue Jan 16 2007 Tom Lane <tgl@redhat.com> 3.8.2-7
+- Remove Makefiles from the shipped /usr/share/doc/html directories
+Resolves: bz #222729
+
+* Tue Sep 5 2006 Jindrich Novy <jnovy@redhat.com> - 3.8.2-6
+- fix CVE-2006-2193, tiff2pdf buffer overflow (#194362)
+- fix typo in man page for tiffset (#186297)
+- use %%{?dist}
+
+* Mon Jul 24 2006 Matthias Clasen <mclasen@redhat.com>
+- Fix several vulnerabilities (CVE-2006-3460 CVE-2006-3461
+ CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
+
+* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 3.8.2-4.1
+- rebuild
+
+* Fri Jun 2 2006 Matthias Clasen <mclasen@redhat.com> - 3.8.2-3
+- Fix multilib conflict
+
+* Thu May 25 2006 Matthias Clasen <mclasen@redhat.com> - 3.8.2-3
+- Fix overflows in tiffsplit
+
+* Wed Apr 26 2006 Matthias Clasen <mclasen@redhat.com> - 3.8.2-2
+- Drop tiffgt to get rid of the libGL dependency (#190768)
+
+* Wed Apr 26 2006 Matthias Clasen <mclasen@redhat.com> - 3.8.2-1
+- Update to 3.8.2
+
+* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 3.7.4-3.2.1
+- bump again for double-long bug on ppc(64)
+
+* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 3.7.4-3.2
+- rebuilt for new gcc4.1 snapshot and glibc changes
+
+* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
+- rebuilt
+
+* Wed Nov 16 2005 Matthias Clasen <mclasen@redhat.com> 3.7.4-3
+- Don't ship static libs
+
+* Fri Nov 11 2005 Matthias Saou <http://freshrpms.net/> 3.7.4-2
+- Remove useless explicit dependencies.
+- Minor spec file cleanups.
+- Move make check to %%check.
+- Add _smp_mflags.
+
+* Thu Sep 29 2005 Matthias Clasen <mclasen@redhat.com> - 3.7.4-1
+- Update to 3.7.4
+- Drop upstreamed patches
+
+* Wed Jun 29 2005 Matthias Clasen <mclasen@redhat.com> - 3.7.2-1
+- Update to 3.7.2
+- Drop upstreamed patches
+
+* Fri May 6 2005 Matthias Clasen <mclasen@redhat.com> - 3.7.1-6
+- Fix a stack overflow
+
+* Wed Mar 2 2005 Matthias Clasen <mclasen@redhat.com> - 3.7.1-5
+- Don't use mktemp
+
+* Wed Mar 2 2005 Matthias Clasen <mclasen@redhat.com> - 3.7.1-4
+- Rebuild with gcc4
+
+* Wed Jan 5 2005 Matthias Clasen <mclasen@redhat.com> - 3.7.1-3
+- Drop the largefile patch again
+- Fix a problem with the handling of alpha channels
+- Fix an integer overflow in tiffdump (#143576)
+
+* Wed Dec 22 2004 Matthias Clasen <mclasen@redhat.com> - 3.7.1-2
+- Readd the largefile patch (#143560)
+
+* Wed Dec 22 2004 Matthias Clasen <mclasen@redhat.com> - 3.7.1-1
+- Upgrade to 3.7.1
+- Remove upstreamed patches
+- Remove specfile cruft
+- make check
+
+* Thu Oct 14 2004 Matthias Clasen <mclasen@redhat.com> 3.6.1-7
+- fix some integer and buffer overflows (#134853, #134848)
+
+* Tue Oct 12 2004 Matthias Clasen <mclasen@redhat.com> 3.6.1-6
+- fix http://bugzilla.remotesensing.org/show_bug.cgi?id=483
+
+* Mon Sep 27 2004 Rik van Riel <riel@redhat.com> 3.6.1-4
+- compile using RPM_OPT_FLAGS (bz #133650)
+
+* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Thu May 20 2004 Matthias Clasen <mclasen@redhat.com> 3.6.1-2
+- Fix and use the makeflags patch
+
+* Wed May 19 2004 Matthias Clasen <mclasen@redhat.com> 3.6.1-1
+- Upgrade to 3.6.1
+- Adjust patches
+- Don't install tiffgt man page (#104864)
+
+* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Sat Feb 21 2004 Florian La Roche <Florian.LaRoche@redhat.de>
+- really add symlink to shared lib by running ldconfig at compile time
+
+* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Thu Oct 09 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- link shared lib against -lm (Jakub Jelinek)
+
+* Thu Sep 25 2003 Jeremy Katz <katzj@redhat.com> 3.5.7-13
+- rebuild to fix gzipped file md5sum (#91281)
+
+* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Tue Feb 11 2003 Phil Knirsch <pknirsch@redhat.com> 3.5.7-11
+- Fixed rebuild problems.
+
+* Tue Feb 04 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- add symlink to shared lib
+
+* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
+- rebuilt
+
+* Thu Dec 12 2002 Tim Powers <timp@redhat.com> 3.5.7-8
+- rebuild on all arches
+
+* Mon Aug 19 2002 Phil Knirsch <pknirsch@redhat.com> 3.5.7-7
+- Added LFS support (#71593)
+
+* Tue Jun 25 2002 Phil Knirsch <pknirsch@redhat.com> 3.5.7-6
+- Fixed wrong exit code of tiffcp app (#67240)
+
+* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Thu May 23 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Wed May 15 2002 Phil Knirsch <pknirsch@redhat.com>
+- Fixed segfault in fax2tiff tool (#64708).
+
+* Mon Feb 25 2002 Phil Knirsch <pknirsch@redhat.com>
+- Fixed problem with newer bash versions setting CDPATH (#59741)
+
+* Tue Feb 19 2002 Phil Knirsch <pknirsch@redhat.com>
+- Update to current release 3.5.7
+
+* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Tue Aug 28 2001 Phil Knirsch <phil@redhat.de>
+- Fixed ia64 problem with tiffinfo. Was general 64 bit arch problem where s390x
+ and ia64 were missing (#52129).
+
+* Tue Jun 26 2001 Philipp Knirsch <pknirsch@redhat.de>
+- Hopefully final symlink fix
+
+* Thu Jun 21 2001 Than Ngo <than@redhat.com>
+- add missing libtiff symlink
+
+* Fri Mar 16 2001 Crutcher Dunnavant <crutcher@redhat.com>
+- killed tiff-to-ps.fpi filter
+
+* Wed Feb 28 2001 Philipp Knirsch <pknirsch@redhat.de>
+- Fixed missing devel version dependancy.
+
+* Tue Dec 19 2000 Philipp Knirsch <pknirsch@redhat.de>
+- rebuild
+
+* Mon Aug 7 2000 Crutcher Dunnavant <crutcher@redhat.com>
+- added a tiff-to-ps.fpi filter for printing
+
+* Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
+- automatic rebuild
+
+* Thu Jul 13 2000 Nalin Dahyabhai <nalin@redhat.com>
+- apply Peter Skarpetis's fix for the 32-bit conversion
+
+* Mon Jul 3 2000 Nalin Dahyabhai <nalin@redhat.com>
+- make man pages non-executable (#12811)
+
+* Mon Jun 12 2000 Nalin Dahyabhai <nalin@redhat.com>
+- remove CVS repo info from data directories
+
+* Thu May 18 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix build rooting
+- fix syntax error in configure script
+- move man pages to {_mandir}
+
+* Wed May 17 2000 Nalin Dahyabhai <nalin@redhat.com>
+- rebuild for an errata release
+
+* Wed Mar 29 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 3.5.5, which integrates our fax2ps fixes and the glibc fix
+
+* Tue Mar 28 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix fax2ps swapping height and width in the bounding box
+
+* Mon Mar 27 2000 Nalin Dahyabhai <nalin@redhat.com>
+- move man pages from devel package to the regular one
+- integrate Frank Warmerdam's fixed .fax handling code (keep until next release
+ of libtiff)
+- fix fax2ps breakage (bug #8345)
+
+* Sat Feb 05 2000 Nalin Dahyabhai <nalin@redhat.com>
+- set MANDIR=man3 to make multifunction man pages friendlier
+
+* Mon Jan 31 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix URLs
+
+* Fri Jan 28 2000 Nalin Dahyabhai <nalin@redhat.com>
+- link shared library against libjpeg and libz
+
+* Tue Jan 18 2000 Nalin Dahyabhai <nalin@redhat.com>
+- enable zip and jpeg codecs
+- change defattr in normal package to 0755
+- add defattr to -devel package
+
+* Wed Dec 22 1999 Bill Nottingham <notting@redhat.com>
+- update to 3.5.4
+
+* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
+- auto rebuild in the new build environment (release 6)
+
+* Wed Jan 13 1999 Cristian Gafton <gafton@redhat.com>
+- build for glibc 2.1
+
+* Wed Jun 10 1998 Prospector System <bugs@redhat.com>
+- translations modified for de
+
+* Wed Jun 10 1998 Michael Fulbright <msf@redhat.com>
+- rebuilt against fixed jpeg libs (libjpeg-6b)
+
+* Thu May 07 1998 Prospector System <bugs@redhat.com>
+- translations modified for de, fr, tr
+
+* Mon Oct 13 1997 Donnie Barnes <djb@redhat.com>
+- new version to replace the one from libgr
+- patched for glibc
+- added shlib support