rpms/libpng10/devel libpng10.spec,1.22,1.23
Paul Howarth
pghmcfc at fedoraproject.org
Thu Feb 19 15:21:15 UTC 2009
Author: pghmcfc
Update of /cvs/pkgs/rpms/libpng10/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29174/devel
Modified Files:
libpng10.spec
Log Message:
Add some CVE references in the changelog
Index: libpng10.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libpng10/devel/libpng10.spec,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- libpng10.spec 19 Feb 2009 12:15:55 -0000 1.22
+++ libpng10.spec 19 Feb 2009 15:20:45 -0000 1.23
@@ -112,17 +112,20 @@
%changelog
* Thu Feb 19 2009 Paul Howarth <paul at city-fan.org> 1.0.43-1
-- update to 1.0.43 (clear pointer arrays created using png_malloc())
+- update to 1.0.43 (CVE-2009-0040 - clear pointer arrays created using
+ png_malloc())
* Fri Dec 19 2008 Paul Howarth <paul at city-fan.org> 1.0.42-1
-- update to 1.0.42 (various minor bugfixes and code cleanups)
+- update to 1.0.42 (CVE-2008-5907 - various minor bugfixes and code cleanups)
* Fri Oct 31 2008 Paul Howarth <paul at city-fan.org> 1.0.41-1
- update to 1.0.41 (addresses #468990, memory leak after reading a malformed
tEXt chunk)
* Fri Sep 19 2008 Paul Howarth <paul at city-fan.org> 1.0.40-1
-- update to 1.0.40
+- update to 1.0.40 (CVE-2008-3964 - multiple off-by-one errors allowing
+ context-dependent attackers to cause a denial of service (crash) or have
+ unspecified other impact via a PNG image with crafted zTXt chunks)
* Thu Aug 21 2008 Paul Howarth <paul at city-fan.org> 1.0.39-1
- update to 1.0.39
More information about the fedora-extras-commits
mailing list