Subject: CVS commit: [pkgsrc-2006Q1] pkgsrc/graphics/dia
To: None <>
From: Soren Jacobsen <>
List: pkgsrc-changes
Date: 04/06/2006 00:37:04
Module Name:	pkgsrc
Committed By:	snj
Date:		Thu Apr  6 00:37:04 UTC 2006

Modified Files:
	pkgsrc/graphics/dia [pkgsrc-2006Q1]: Makefile distinfo
Added Files:
	pkgsrc/graphics/dia/patches [pkgsrc-2006Q1]: patch-ac patch-ad

Log Message:
Pullup ticket 1320 - requested by salo
security fix for dia

Revisions pulled up:
- pkgsrc/graphics/dia/Makefile		1.42
- pkgsrc/graphics/dia/distinfo		1.15
- pkgsrc/graphics/dia/patches/patch-ac	1.1
- pkgsrc/graphics/dia/patches/patch-ad	1.1

   Module Name:    pkgsrc
   Committed By:   salo
   Date:           Tue Apr  4 14:52:15 UTC 2006

   Modified Files:
           pkgsrc/graphics/dia: Makefile distinfo
   Added Files:
           pkgsrc/graphics/dia/patches: patch-ac patch-ad

   Log Message:
   Security fix for CVE-2006-1550:

   "Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia
    0.87 and later before 0.95-pre6 allow user-complicit attackers to have an
    unknown impact via a crafted xfig file, possibly involving an invalid (1)
    color index, (2) number of points, or (3) depth."

   Fix from Dia CVS.

To generate a diff of this commit:
cvs rdiff -r1.41 -r1.41.2.1 pkgsrc/graphics/dia/Makefile
cvs rdiff -r1.14 -r1.14.2.1 pkgsrc/graphics/dia/distinfo
cvs rdiff -r0 -r1.1.2.1 pkgsrc/graphics/dia/patches/patch-ac \

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.