main/tiff: security upgrade to 4.0.9 (CVE-2017-16231,CVE-2017-16232)

fixes #8145

1 files changed, 6 insertions, 7 deletions

diff --git a/main/tiff/APKBUILD b/main/tiff/APKBUILD
index 5c5afcfdfb..fbe79d1cf5 100644
--- a/main/tiff/APKBUILD
+++ b/main/tiff/APKBUILD
@@ -2,8 +2,8 @@
 # Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
 # Maintainer: Michael Mason <ms13sp@gmail.com>
 pkgname=tiff
-pkgver=4.0.8
-pkgrel=1
+pkgver=4.0.9
+pkgrel=0
 pkgdesc="Provides support for the Tag Image File Format or TIFF"
 url="http://www.libtiff.org/"
 arch="all"
@@ -14,10 +14,11 @@ makedepends="libtool autoconf automake $depends_dev"
 subpackages="$pkgname-doc $pkgname-dev $pkgname-tools"
 builddir="$srcdir/$pkgname-$pkgver"
 source="http://download.osgeo.org/libtiff/$pkgname-$pkgver.tar.gz
-        CVE-2017-9936.patch
-        CVE-2017-10688.patch
         "
 # secfixes:
+#   4.0.9-r0:
+#     - CVE-2017-16231
+#     - CVE-2017-16232
 #   4.0.8-r1:
 #     - CVE-2017-9936
 #     - CVE-2017-10688
@@ -68,6 +69,4 @@ tools() {
         mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
 }
 
-sha512sums="5d010ec4ce37aca733f7ab7db9f432987b0cd21664bd9d99452a146833c40f0d1e7309d1870b0395e947964134d5cfeb1366181e761fe353ad585803ff3d6be6  tiff-4.0.8.tar.gz
-8adb7023e121f0210f404b8db913435fc5afdb34ff57767ab318a1436d9afff81990a282539e99f5cc53a7cd790af5be1d1c516649f3f9a14ff1e86a3726ca5d  CVE-2017-9936.patch
-e45fe7d08ef8152c1145e8d7b918b5c9f65eec6ecba643d5b94851b37e3b7c43733bdd04112f90887795a28df82bd6d540ea4d96ecb12018c858778bc3702fac  CVE-2017-10688.patch"
+sha512sums="04f3d5eefccf9c1a0393659fe27f3dddd31108c401ba0dc587bca152a1c1f6bc844ba41622ff5572da8cc278593eff8c402b44e7af0a0090e91d326c2d79f6cd  tiff-4.0.9.tar.gz"