rpms/zlib/FC-4 zlib-1.2.2.2-can-2005-1849.patch, NONE, 1.1 zlib.spec, 1.20, 1.21

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Fri Jul 22 08:16:15 UTC 2005 

Author: varekova

Update of /cvs/dist/rpms/zlib/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv27413

Modified Files:
	zlib.spec 
Added Files:
	zlib-1.2.2.2-can-2005-1849.patch 
Log Message:
- fix bug 163038 - CAN-2005-1849 - zlib buffer overflow


zlib-1.2.2.2-can-2005-1849.patch:
 inftrees.h |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

--- NEW FILE zlib-1.2.2.2-can-2005-1849.patch ---
--- zlib-1.2.2.2/inftrees.h.can-2005-1849	2003-08-11 00:15:50.000000000 +0200
+++ zlib-1.2.2.2/inftrees.h	2005-07-22 08:59:41.237324272 +0200
@@ -36,12 +36,12 @@
  */
 
 /* Maximum size of dynamic tree.  The maximum found in a long but non-
-   exhaustive search was 1004 code structures (850 for length/literals
-   and 154 for distances, the latter actually the result of an
+   exhaustive search was 1444 code structures (852 for length/literals
+   and 592 for distances, the latter actually the result of an
    exhaustive search).  The true maximum is not known, but the value
    below is more than safe. */
-#define ENOUGH 1440
-#define MAXD 154
+#define ENOUGH 2048
+#define MAXD 592
 
 /* Type of code to build for inftable() */
 typedef enum {


Index: zlib.spec
===================================================================
RCS file: /cvs/dist/rpms/zlib/FC-4/zlib.spec,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- zlib.spec	7 Jul 2005 09:45:57 -0000	1.20
+++ zlib.spec	22 Jul 2005 08:16:03 -0000	1.21
@@ -1,11 +1,12 @@
 Summary: The zlib compression and decompression library.
 Name: zlib
 Version: 1.2.2.2
-Release: 4.fc4
+Release: 5.fc4
 Group: System Environment/Libraries
 Source: ftp://ftp.info-zip.org/pub/infozip/zlib/zlib-%{version}.tar.gz
 Patch0: zlib-1.1.4-make-test.patch
 Patch1: zlib-1.2.2.2-can-2005-2096.patch
+Patch2: zlib-1.2.2.2-can-2005-1849.patch
 URL: http://www.gzip.org/zlib/
 License: BSD
 Prefix: %{_prefix}
@@ -29,6 +30,7 @@
 %setup -q
 %patch0 -p1 -b .make-test
 %patch1 -p1 -b .overfl
+%patch2 -p1 -b .overfl2
 
 %build
 CFLAGS="$RPM_OPT_FLAGS -fPIC" ./configure --shared --prefix=%{_prefix}
@@ -79,6 +81,9 @@
 %{_mandir}/man3/zlib.3*
 
 %changelog
+* Fri Jul 22 2005 Ivana Varekova <varekova at redhat.com> 1.2.2.2-5.fc4
+- fix bug 163038 - CAN-2005-1849 - zlib buffer overflow
+
 * Thu Jul 7  2005 Ivana Varekova <varekova at redhat.com> 1.2.2.2-4.fc4
 - fix bug 162392 - CAN-2005-2096

More information about the fedora-cvs-commits mailing list