pkgsrc-changes: CVS commit: [pkgsrc-2005Q1] pkgsrc/graphics/libexif

Subject: CVS commit: [pkgsrc-2005Q1] pkgsrc/graphics/libexif
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <snj@netbsd.org>
List: pkgsrc-changes
Date: 05/14/2005 05:49:56
Module Name:	pkgsrc
Committed By:	snj
Date:		Sat May 14 05:49:56 UTC 2005

Modified Files:
	pkgsrc/graphics/libexif [pkgsrc-2005Q1]: Makefile PLIST buildlink3.mk
	    distinfo
	pkgsrc/graphics/libexif/patches [pkgsrc-2005Q1]: patch-aa patch-ab
Added Files:
	pkgsrc/graphics/libexif/patches [pkgsrc-2005Q1]: patch-ac

Log Message:
Pullup ticket 500 - requested by Lubomir Sedlacik
security fix for libexif

Revisions pulled up:
- pkgsrc/graphics/libexif/Makefile		1.24, 1.25
- pkgsrc/graphics/libexif/PLIST			1.12
- pkgsrc/graphics/libexif/distinfo		1.13, 1.14, 1.15
- pkgsrc/graphics/libexif/buildlink3.mk		1.7
- pkgsrc/graphics/libexif/patches/patch-aa	1.3
- pkgsrc/graphics/libexif/patches/patch-ab	1.3
- pkgsrc/graphics/libexif/patches/patch-ac	1.1

    Module Name:    pkgsrc
    Committed By:   adam
    Date:           Wed Apr 20 12:40:41 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: Makefile PLIST distinfo
    Removed Files:
            pkgsrc/graphics/libexif/patches: patch-aa patch-ab

    Log Message:
    Changes 0.6.12:
      * Final fix of Ubuntu Security Notice USN-91-1 (CAN-2005-0664)
        https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152
      * Updated build system with cross compile capabilities
      * Small fixes:
        Fix tag order, use even offsets, improve Nikon&Olympus mnote tags.
----
    Module Name:    pkgsrc
    Committed By:   minskim
    Date:           Mon May  9 13:21:16 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: distinfo
    Added Files:
            pkgsrc/graphics/libexif/patches: patch-aa patch-ab

    Log Message:
    Declare a static function in .c, not in .h.
----
    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Fri May 13 11:58:00 UTC 2005

    Modified Files:
            pkgsrc/graphics/libexif: Makefile buildlink3.mk distinfo
    Added Files:
            pkgsrc/graphics/libexif/patches: patch-ac

    Log Message:
    Security fix:

    "Matthias Clasen has reported a vulnerability in libexif, which can be
    exploited by malicious people to cause a DoS (Denial of Service).

    The vulnerability is caused due to an infinite recursion in the
    "exif_data_load_data_content()" function and can be exploited to
    cause a stack overflow when parsing a specially crafted image.

    Successful exploitation may crash an application linked against the
    vulnerable library."

    Bump PKGREVISION.  Patch from:
    http://sourceforge.net/tracker/index.php?func=detail&aid=1196787&group_id=12272&atid=112272


To generate a diff of this commit:
cvs rdiff -r1.22 -r1.22.2.1 pkgsrc/graphics/libexif/Makefile
cvs rdiff -r1.11 -r1.11.4.1 pkgsrc/graphics/libexif/PLIST
cvs rdiff -r1.6 -r1.6.2.1 pkgsrc/graphics/libexif/buildlink3.mk
cvs rdiff -r1.12 -r1.12.2.1 pkgsrc/graphics/libexif/distinfo
cvs rdiff -r1.1 -r1.1.4.1 pkgsrc/graphics/libexif/patches/patch-aa \
    pkgsrc/graphics/libexif/patches/patch-ab
cvs rdiff -r0 -r1.1.2.1 pkgsrc/graphics/libexif/patches/patch-ac

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.