Subject: CVS commit: pkgsrc/graphics/libwmf
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <firstname.lastname@example.org>
Date: 08/20/2006 21:38:45
Module Name: pkgsrc
Committed By: salo
Date: Sun Aug 20 21:38:45 UTC 2006
pkgsrc/graphics/libwmf: Makefile distinfo
Security fix for CVE-2006-3376:
"A vulnerability in libwmf can be potentially exploited by malicious
people to compromise an application using the vulnerable library.
The vulnerability is caused due to an integer overflow error when
allocating memory based on a value taken directly from a WMF file
without performing any checks. This can be exploited to cause a
heap-based buffer overflow when a specially crafted WMF file is
Successful exploitation may allow execution of arbitrary code."
Patch from Red Hat. Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -r1.59 -r1.60 pkgsrc/graphics/libwmf/Makefile
cvs rdiff -r1.13 -r1.14 pkgsrc/graphics/libwmf/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/graphics/libwmf/patches/patch-ae
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.