pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2011Q4] pkgsrc/graphics/png



Module Name:    pkgsrc
Committed By:   spz
Date:           Sun Feb 19 13:56:37 UTC 2012

Modified Files:
        pkgsrc/graphics/png [pkgsrc-2011Q4]: Makefile distinfo

Log Message:
Pullup ticket #3687 - requested by tron
graphics/png: security update

Revisions pulled up:
- graphics/png/Makefile                                         1.144-1.146
- graphics/png/distinfo                                         1.91-1.93

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        drochner
   Date:                Sat Feb 18 15:16:59 UTC 2012

   Modified Files:
        pkgsrc/graphics/png: Makefile distinfo
   Added Files:
        pkgsrc/graphics/png/patches: patch-CVE-2011-3026

   Log Message:
   fix possible buffer overflow due to integer overflow in malloc()
   size calculation (2011-3026), patch from Chromium via Redhat/Debian
   bump PKGREV

   To generate a diff of this commit:
   cvs rdiff -u -r1.143 -r1.144 pkgsrc/graphics/png/Makefile
   cvs rdiff -u -r1.90 -r1.91 pkgsrc/graphics/png/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/png/patches/patch-CVE-2011-3026

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        wiz
   Date:                Sat Feb 18 15:42:57 UTC 2012

   Modified Files:
        pkgsrc/graphics/png: Makefile distinfo
   Removed Files:
        pkgsrc/graphics/png/patches: patch-CVE-2011-3026

   Log Message:
   Update to 1.5.9rc01, which includes the official patch for CVE-2011-3026.

   Version 1.5.9beta01 [February 3, 2012]
     Rebuilt configure scripts in the tar distributions.

   Version 1.5.9beta02 [February 16, 2012]
     Removed two unused definitions from scripts/pnglibconf.h.prebuilt
     Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
     Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h

   Version 1.5.9rc01 [February 17, 2012]
     Fixed CVE-2011-3026 buffer overrun bug.  Deal more correctly with the test
       on iCCP chunk length. Also removed spurious casts that may hide problems
       on 16-bit systems.

   To generate a diff of this commit:
   cvs rdiff -u -r1.144 -r1.145 pkgsrc/graphics/png/Makefile
   cvs rdiff -u -r1.91 -r1.92 pkgsrc/graphics/png/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/png/patches/patch-CVE-2011-3026

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        tron
   Date:                Sun Feb 19 09:26:39 UTC 2012

   Modified Files:
        pkgsrc/graphics/png: Makefile distinfo

   Log Message:
   Update "libpng" package to version 1.5.9. There are no change since
   version 1.5.9rc01 except of the minor detail that you can actually
   fetch the distfile.

   To generate a diff of this commit:
   cvs rdiff -u -r1.145 -r1.146 pkgsrc/graphics/png/Makefile
   cvs rdiff -u -r1.92 -r1.93 pkgsrc/graphics/png/distinfo


To generate a diff of this commit:
cvs rdiff -u -r1.141.2.1 -r1.141.2.2 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.89.2.1 -r1.89.2.2 pkgsrc/graphics/png/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index