Navigation:
Browse pkgsrc
(this page) 2012-02-19 14:56:37 by S.P.Zeidler | Files touched by this commit (2) |  |
Log message:
Pullup ticket #3687 - requested by tron
graphics/png: security update
Revisions pulled up:
- graphics/png/Makefile 1.144-1.146
- graphics/png/distinfo 1.91-1.93
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Sat Feb 18 15:16:59 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Added Files:
pkgsrc/graphics/png/patches: patch-CVE-2011-3026
Log message:
fix possible buffer overflow due to integer overflow in malloc()
size calculation (2011-3026), patch from Chromium via Redhat/Debian
bump PKGREV
To generate a diff of this commit:
cvs rdiff -u -r1.143 -r1.144 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.90 -r1.91 pkgsrc/graphics/png/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/png/patches/patch-CVE-2011-3026
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Feb 18 15:42:57 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Removed Files:
pkgsrc/graphics/png/patches: patch-CVE-2011-3026
Log message:
Update to 1.5.9rc01, which includes the official patch for CVE-2011-3026.
Version 1.5.9beta01 [February 3, 2012]
Rebuilt configure scripts in the tar distributions.
Version 1.5.9beta02 [February 16, 2012]
Removed two unused definitions from scripts/pnglibconf.h.prebuilt
Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h
Version 1.5.9rc01 [February 17, 2012]
Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test
on iCCP chunk length. Also removed spurious casts that may hide problems
on 16-bit systems.
To generate a diff of this commit:
cvs rdiff -u -r1.144 -r1.145 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.91 -r1.92 pkgsrc/graphics/png/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/png/patches/patch-CVE-2011-3026
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 19 09:26:39 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Log message:
Update "libpng" package to version 1.5.9. There are no change since
version 1.5.9rc01 except of the minor detail that you can actually
fetch the distfile.
To generate a diff of this commit:
cvs rdiff -u -r1.145 -r1.146 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.92 -r1.93 pkgsrc/graphics/png/distinfo
|
| 2012-02-05 23:56:27 by Matthias Scheler | Files touched by this commit (2) | |
Log message:
Pullup ticket #3674 - requested by pettai
graphics/png: security update
Revisions pulled up:
- graphics/png/Makefile 1.143
- graphics/png/distinfo 1.90
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Feb 1 23:05:19 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Log message:
Update to 1.5.8:
Version 1.5.8beta01 [January 15, 2011]
Removed '#include config.h"' from contrib/libtests/pngvalid.c. It's not
needed and causes trouble for VPATH building.
Moved AC_MSG_CHECKING([if libraries can be versioned]) later to the proper
location in configure.ac (Gilles Espinasse).
Fix bug in pngerror.c: some long warnings were being improperly truncated
(bug introduced in libpng-1.5.3beta05).
Version 1.5.8rc01 [January 21, 2012]
No changes.
Version 1.5.8rc02 [January 25, 2012]
Fixed Min/GW uninstall to remove libpng.dll.a
Conditionalize the install rules for MINGW and CYGWIN in CMakeLists.txt
|
New packages: