Path to this page:
Next | Query returned 1 messages, browsing 1 to 10 | previous
CVS Commit History:
2015-07-08 21:47:19 by Matthias Scheler | Files touched by this commit (4) | |
Log message:
Pullup ticket #4757 - requested by wiz
print/cups-filters: security update
Revisions pulled up:
- print/cups-filters/Makefile 1.23-1.24
- print/cups-filters/distinfo 1.18-1.19
- print/cups-filters/patches/patch-configure.ac deleted
- print/cups-filters/patches/patch-filter_foomatic-rip_foomaticrip.c deleted
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jul 1 15:31:34 UTC 2015
Modified Files:
pkgsrc/print/cups-filters: Makefile distinfo
Removed Files:
pkgsrc/print/cups-filters/patches: patch-configure.ac
patch-filter_foomatic-rip_foomaticrip.c
Log message:
Update to 1.0.70, provided by Leonardo Taccari in PR 50013:
Changes:
- texttopdf: Fixed buffer overflow on size allocation of texttopdf
when working with extremely small line sizes, which causes the size
calculation to result in 0 (CVE-2015-3258, thanks to Stefan
Cornelius fro Red Hat for the patch).
- cups-browsed: leak fixes
- cups-browsed: Further BrowseAllow fixing
- cups-browsed: BrowsePoll is an array of pointers, not structures,
so allocate room for the pointers
- cups-browsed: Prevent NULL dereference when handling BrowseAllow
without value
- cups-browsed: Use memory deallocation function corresponding to
allocation function used
- cups-browsed: Fixes for glib source handling (Red Hat bug #1228555)
- foomatic-rip: Allow using another shell than /bin/bash using the
"--with-shell=..." option for "./configure". Thanks to \
Leonardo
Taccari for the patch (Bug #1288).
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Jul 3 12:25:13 UTC 2015
Modified Files:
pkgsrc/print/cups-filters: Makefile distinfo
Log message:
Update to 1.0.71:
CHANGES IN V1.0.71
- texttopdf: The Page allocation is moved into textcommon.c, where it
does all the necessary checking: lower-bounds for CVE-2015-3258 and
upper-bounds for CVE-2015-3259 due to integer overflows for the
calloc() call initialising Page[0] and the memset() call in
texttopdf.c's WritePage() function zeroing the entire array. Thanks
to Tim Waugh from Red Hat for the patch.
- texttopdf: Upper-bounds checking (CVE-2015-3259).
|
Next | Query returned 1 messages, browsing 1 to 10 | previous