Subject: CVS commit: pkgsrc/graphics/blender
To: None <pkgsrc-changes@NetBSD.org>
From: Joerg Sonnenberger <joerg@netbsd.org>
List: pkgsrc-changes
Date: 02/12/2006 21:52:19
Module Name:	pkgsrc
Committed By:	joerg
Date:		Sun Feb 12 21:52:19 UTC 2006

Modified Files:
	pkgsrc/graphics/blender: Makefile distinfo
Added Files:
	pkgsrc/graphics/blender/patches: patch-aa

Log Message:
Fix an Apple specific buffer overflow. To skip the first argument from
Finder, some copying to and from a local buffer in main is done, without
argument checking.

When a web browser or MUA is configured to start Blender automatically,
this might be exploitable to gain priviledges of the current user.

This is related to CVE-2005-3151.


To generate a diff of this commit:
cvs rdiff -r1.51 -r1.52 pkgsrc/graphics/blender/Makefile
cvs rdiff -r1.19 -r1.20 pkgsrc/graphics/blender/distinfo
cvs rdiff -r0 -r1.5 pkgsrc/graphics/blender/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.