libtiff/tif_hash_set.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 [patch] tif_hash_set.c: add a tif_config.h include (mostly for gdal
 renaming symbols trick)

libtiff/tif_dirwrite.c | 7 6 + 1 - 0 !
1 file changed, 6 insertions(+), 1 deletion(-)

 [patch] tiffwritedirectorysec(): avoid harmless
 unsigned-integer-overflow

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54311

libtiff/tif_dir.c | 8 6 + 2 - 0 !
1 file changed, 6 insertions(+), 2 deletions(-)

 [patch] tiffsetdirectory: avoid harmless unsigned-integer-overflow

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54343

doc/conf.py | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 don't use smartquotes for sphinx
 Don't let Sphinx inconsistently alter quotes and dashes in rst files.

tools/tiffcrop.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] tiffcrop: correct simple copy paste error. fix #488.

tools/tiffcrop.c | 36 20 + 16 - 0 !
1 file changed, 20 insertions(+), 16 deletions(-)

 [patch] tiffcrop correctly update buffersize after rotateimage()
 fix#520 rotateImage() set up a new buffer and calculates its size
 individually. Therefore, seg_buffs[] size needs to be updated accordingly.

libtiff/tif_close.c | 11 7 + 4 - 0 !
tools/tiffcrop.c | 5 4 + 1 - 0 !
2 files changed, 11 insertions(+), 5 deletions(-)

 [patch] tiffclose() avoid null pointer dereferencing. fix#515

Closes #515

tools/tiffcrop.c | 68 66 + 2 - 0 !
1 file changed, 66 insertions(+), 2 deletions(-)

 [patch] tiffcrop: added check for assumption on composite images
 (fixes #496)

tiffcrop: For composite images with more than one region, the combined_length or combined_width always needs to be equal, respectively. Otherwise, even the first section/region copy action might cause buffer overrun. This is now checked before the first copy action.

Closes #496, #497, #498, #500, #501.

tools/tiffcrop.c | 59 35 + 24 - 0 !
1 file changed, 35 insertions(+), 24 deletions(-)

 [patch] tiffcrop: amend rotateimage() not to toggle the input (main)
 image width and length parameters when only cropped image sections are
 rotated. Remove buffptr from region structure because never used.

Closes #492 #493 #494 #495 #499 #518 #519

libtiff/tif_lzw.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 [patch] lzwdecode(): avoid crash when trying to read again from a
 strip with a missing end-of-information marker (fixes #548)

tools/tiffcrop.c | 7 6 + 1 - 0 !
1 file changed, 6 insertions(+), 1 deletion(-)

 [patch] fix memory leak in tiffcrop.c

tools/tiffcp.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 [patch] tiffcp: fix memory corruption (overflow) on hostile images
 (fixes #591)

tools/raw2tiff.c | 28 28 + 0 - 0 !
1 file changed, 28 insertions(+)

 [patch] raw2tiff: fix integer overflow and bypass of the check (fixes
 #592)

tools/tiffcrop.c | 47 13 + 34 - 0 !
1 file changed, 13 insertions(+), 34 deletions(-)

 [patch] tiffcrop: do not reuse input buffer for subsequent images.
 Fix issue 527

tools/tiffcrop.c | 36 33 + 3 - 0 !
1 file changed, 33 insertions(+), 3 deletions(-)

 [patch] tiffcrop correctly update buffersize after rotateimage()
 fix#520  -- enlarge buffsize and check integer overflow within rotateImage().

tools/tiffcrop.c | 13 9 + 4 - 0 !
1 file changed, 9 insertions(+), 4 deletions(-)

 [patch] consider error return of writeselections(). fixes #553

libtiff/tif_dir.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 [patch] countinknamesstring(): fix `undefinedbehaviorsanitizer`:
 applying zero offset to null pointer

libtiff/tif_getimage.c | 15 15 + 0 - 0 !
1 file changed, 15 insertions(+)

 [patch] tiffreadrgbastrip/tiffreadrgbatile: add more validation of
 col/row (fixes #622)

libtiff/tif_luv.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 [patch] tif_luv: check and correct for nan data in uv_encode().

libtiff/tif_dirinfo.c | 2 1 + 1 - 0 !
libtiff/tif_dirread.c | 16 6 + 10 - 0 !
2 files changed, 7 insertions(+), 11 deletions(-)

 [patch] check return value of _tiffcreateanonfield().