rpms/imlib/F-7 imlib-1.9.15-bpp16-CVE-2007-3568.patch, NONE, 1.1 imlib.spec, 1.7, 1.8
Paul Howarth (pghmcfc)
fedora-extras-commits at redhat.com
Wed Dec 19 10:54:11 UTC 2007
- Previous message (by thread): rpms/netbsd-iscsi/devel netbsd-iscsi-20071205-linux.patch, NONE, 1.1 netbsd-iscsi.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/netbsd-iscsi/F-8 netbsd-iscsi-20071205-linux.patch, NONE, 1.1 netbsd-iscsi.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: pghmcfc
Update of /cvs/pkgs/rpms/imlib/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11114
Modified Files:
imlib.spec
Added Files:
imlib-1.9.15-bpp16-CVE-2007-3568.patch
Log Message:
- include patch to fix a DoS caused via a BMP image with a Bits Per Page (BPP)
value of 0 (#426091, CVE-2007-3568); thanks to Peter Volkov at Gentoo for
the heads-up
- remove URL tag; this legacy package has no active upstream source, and
documentation for it is gradually disappearing from the Internet
imlib-1.9.15-bpp16-CVE-2007-3568.patch:
--- NEW FILE imlib-1.9.15-bpp16-CVE-2007-3568.patch ---
--- Imlib/load.c.orig 2007-08-13 23:06:20.000000000 -0300
+++ Imlib/load.c 2007-08-13 23:06:51.000000000 -0300
@@ -645,7 +645,7 @@
planes = (int)word;
fread(&word, 2, 1, file);
bpp = (int)word;
- if (bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32)
+ if (bpp != 1 && bpp != 4 && bpp != 8 && bpp != 16 && bpp != 24 && bpp != 32)
{
fprintf(stderr, "IMLIB ERROR: unknown bitdepth in file\n");
return NULL;
Index: imlib.spec
===================================================================
RCS file: /cvs/pkgs/rpms/imlib/F-7/imlib.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- imlib.spec 28 Nov 2007 23:37:57 -0000 1.7
+++ imlib.spec 19 Dec 2007 10:53:31 -0000 1.8
@@ -3,14 +3,14 @@
Summary: An image loading and rendering library for X11R6
Name: imlib
Version: 1.9.15
-Release: 5%{?dist}
+Release: 6%{?dist}
Epoch: 1
License: LGPLv2+
Group: System Environment/Libraries
-URL: http://enlightenment.sourceforge.net/Libraries/Imlib/
Source0: http://ftp.gnome.org/pub/GNOME/sources/imlib/1.9/imlib-%{version}.tar.bz2
Source2: local-hack-gmodule.tar.gz
Patch1: imlib-1.9.13-sec2.patch
+Patch2: imlib-1.9.15-bpp16-CVE-2007-3568.patch
Patch3: imlib-1.9.10-cppflags.patch
Patch4: imlib-1.9.15-gmodulehack.patch
Patch6: imlib-1.9.13-underquoted.patch
@@ -63,6 +63,7 @@
%prep
%setup -q
%patch1 -p1 -b .sec2
+%patch2 -p0 -b .bpp16
%patch3 -p1 -b .cppflags
%patch4 -p1 -b .gmodulehack
%patch6 -p1 -b .underquoted
@@ -150,6 +151,13 @@
%{_mandir}/man1/imlib-config.1*
%changelog
+* Tue Dec 18 2007 Paul Howarth <paul at city-fan.org> 1:1.9.15-6
+- include patch to fix a DoS caused via a BMP image with a Bits Per Page (BPP)
+ value of 0 (#426091, CVE-2007-3568); thanks to Peter Volkov at Gentoo for
+ the heads-up
+- remove URL tag; this legacy package has no active upstream source, and
+ documentation for it is gradually disappearing from the Internet
+
* Wed Nov 28 2007 Adam Jackson <ajax at redhat.com> 1:1.9.15-5
- imlib-1.9.15-check-for-shm-pixmaps.patch: MIT-SHM pixmaps are optional,
so check that they exist before using them. (#357241)
- Previous message (by thread): rpms/netbsd-iscsi/devel netbsd-iscsi-20071205-linux.patch, NONE, 1.1 netbsd-iscsi.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/netbsd-iscsi/F-8 netbsd-iscsi-20071205-linux.patch, NONE, 1.1 netbsd-iscsi.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list