Subject: CVS commit: pkgsrc/x11/gtk2
From: Lubomir Sedlacik
Date: 2005-04-01 12:51:51
Message id: 20050401105151.247D62DA27@cvs.netbsd.org
Log Message:
Security fix for CAN-2005-0891:

"David Costanzo has reported a vulnerability in GTK+, which can be
 exploited by malicious people to crash certain applications on
 a user's system.

 The vulnerability is caused due to a double free error in the BMP
 loader.  This can be exploited to crash an application linked against
 GTK+ when a specially crafted BMP image is processed."

Bump PKGREVISION.  Patch from Fedora.
Files:
RevisionActionfile
1.79modifypkgsrc/x11/gtk2/Makefile
1.17modifypkgsrc/x11/gtk2/buildlink3.mk
1.43modifypkgsrc/x11/gtk2/distinfo
1.7addpkgsrc/x11/gtk2/patches/patch-ai