Subject: CVS commit: [pkgsrc-2005Q4] pkgsrc/graphics/blender
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 02/13/2006 11:06:05
Module Name: pkgsrc
Committed By: salo
Date: Mon Feb 13 11:06:05 UTC 2006
Modified Files:
pkgsrc/graphics/blender [pkgsrc-2005Q4]: Makefile distinfo
Added Files:
pkgsrc/graphics/blender/patches [pkgsrc-2005Q4]: patch-aa
Log Message:
Pullup ticket #1124 - requested by Joerg Sonnenberger
security fix for blender
Revisions pulled up:
- pkgsrc/graphics/blender/Makefile patch
- pkgsrc/graphics/blender/distinfo patch
- pkgsrc/graphics/blender/patches/patch-aa 1.5
Module Name: pkgsrc
Committed By: joerg
Date: Sun Feb 12 21:52:19 UTC 2006
Modified Files:
pkgsrc/graphics/blender: Makefile distinfo
Added Files:
pkgsrc/graphics/blender/patches: patch-aa
Log Message:
Fix an Apple specific buffer overflow. To skip the first argument from
Finder, some copying to and from a local buffer in main is done, without
argument checking.
When a web browser or MUA is configured to start Blender automatically,
this might be exploitable to gain priviledges of the current user.
This is related to CVE-2005-3151.
To generate a diff of this commit:
cvs rdiff -r1.47 -r1.47.2.1 pkgsrc/graphics/blender/Makefile
cvs rdiff -r1.18 -r1.18.4.1 pkgsrc/graphics/blender/distinfo
cvs rdiff -r0 -r1.4.8.1 pkgsrc/graphics/blender/patches/patch-aa
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.