CVS commit: pkgsrc/graphics/tiff

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/graphics/tiff
From: Matthias Scheler <tron%netbsd.org@localhost>
Date: Wed, 4 Aug 2010 17:48:23 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Wed Aug  4 17:48:22 UTC 2010

Modified Files:
        pkgsrc/graphics/tiff: Makefile distinfo
Added Files:
        pkgsrc/graphics/tiff/patches: patch-aa patch-ab patch-ac patch-ad
            patch-ae

Log Message:
Add patches from either libtiff's or Red Hat's Bugzilla which fix the
following vulnerabilities:
- CVE-2010-2233
- CVE-2010-2482
- CVE-2010-2483
- CVE-2010-2595
- CVE-2010-2597
There is no patch for CVE-2010-2596 yet. But it is low risk (an assertion
gets triggered) and cannot be exploited after the above vulnerabilities
are fixed (at least if I understood correctly).

No butcher was involved in fixing this package.


To generate a diff of this commit:
cvs rdiff -u -r1.96 -r1.97 pkgsrc/graphics/tiff/Makefile
cvs rdiff -u -r1.48 -r1.49 pkgsrc/graphics/tiff/distinfo
cvs rdiff -u -r0 -r1.19 pkgsrc/graphics/tiff/patches/patch-aa
cvs rdiff -u -r0 -r1.20 pkgsrc/graphics/tiff/patches/patch-ab
cvs rdiff -u -r0 -r1.22 pkgsrc/graphics/tiff/patches/patch-ac
cvs rdiff -u -r0 -r1.16 pkgsrc/graphics/tiff/patches/patch-ad
cvs rdiff -u -r0 -r1.11 pkgsrc/graphics/tiff/patches/patch-ae

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/multimedia/totem
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/multimedia/totem
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index