Subject: CVS commit: [pkgsrc-2005Q4] pkgsrc/graphics/blender
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 02/13/2006 11:06:05
Module Name:	pkgsrc
Committed By:	salo
Date:		Mon Feb 13 11:06:05 UTC 2006

Modified Files:
	pkgsrc/graphics/blender [pkgsrc-2005Q4]: Makefile distinfo
Added Files:
	pkgsrc/graphics/blender/patches [pkgsrc-2005Q4]: patch-aa

Log Message:
Pullup ticket #1124 - requested by Joerg Sonnenberger
security fix for blender

Revisions pulled up:
- pkgsrc/graphics/blender/Makefile		patch
- pkgsrc/graphics/blender/distinfo		patch
- pkgsrc/graphics/blender/patches/patch-aa	1.5

   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Sun Feb 12 21:52:19 UTC 2006

   Modified Files:
   	pkgsrc/graphics/blender: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/blender/patches: patch-aa

   Log Message:
   Fix an Apple specific buffer overflow. To skip the first argument from
   Finder, some copying to and from a local buffer in main is done, without
   argument checking.

   When a web browser or MUA is configured to start Blender automatically,
   this might be exploitable to gain priviledges of the current user.

   This is related to CVE-2005-3151.


To generate a diff of this commit:
cvs rdiff -r1.47 -r1.47.2.1 pkgsrc/graphics/blender/Makefile
cvs rdiff -r1.18 -r1.18.4.1 pkgsrc/graphics/blender/distinfo
cvs rdiff -r0 -r1.4.8.1 pkgsrc/graphics/blender/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.