diff options
author | spz <spz@pkgsrc.org> | 2012-02-19 13:56:36 +0000 |
---|---|---|
committer | spz <spz@pkgsrc.org> | 2012-02-19 13:56:36 +0000 |
commit | 8a2729849e5bb29ccbda53e286251e6a1db2f572 (patch) | |
tree | 78cf58a457cb9b67bf8996b90a432a181ebf5b38 | |
parent | 7d5a4dd62985c3add6dec16727c74c22a3dca746 (diff) | |
download | pkgsrc-8a2729849e5bb29ccbda53e286251e6a1db2f572.tar.gz |
Pullup ticket #3687 - requested by tron
graphics/png: security update
Revisions pulled up:
- graphics/png/Makefile 1.144-1.146
- graphics/png/distinfo 1.91-1.93
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Sat Feb 18 15:16:59 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Added Files:
pkgsrc/graphics/png/patches: patch-CVE-2011-3026
Log Message:
fix possible buffer overflow due to integer overflow in malloc()
size calculation (2011-3026), patch from Chromium via Redhat/Debian
bump PKGREV
To generate a diff of this commit:
cvs rdiff -u -r1.143 -r1.144 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.90 -r1.91 pkgsrc/graphics/png/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/png/patches/patch-CVE-2011-3026
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Feb 18 15:42:57 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Removed Files:
pkgsrc/graphics/png/patches: patch-CVE-2011-3026
Log Message:
Update to 1.5.9rc01, which includes the official patch for CVE-2011-3026.
Version 1.5.9beta01 [February 3, 2012]
Rebuilt configure scripts in the tar distributions.
Version 1.5.9beta02 [February 16, 2012]
Removed two unused definitions from scripts/pnglibconf.h.prebuilt
Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h
Version 1.5.9rc01 [February 17, 2012]
Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test
on iCCP chunk length. Also removed spurious casts that may hide problems
on 16-bit systems.
To generate a diff of this commit:
cvs rdiff -u -r1.144 -r1.145 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.91 -r1.92 pkgsrc/graphics/png/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/graphics/png/patches/patch-CVE-2011-3026
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 19 09:26:39 UTC 2012
Modified Files:
pkgsrc/graphics/png: Makefile distinfo
Log Message:
Update "libpng" package to version 1.5.9. There are no change since
version 1.5.9rc01 except of the minor detail that you can actually
fetch the distfile.
To generate a diff of this commit:
cvs rdiff -u -r1.145 -r1.146 pkgsrc/graphics/png/Makefile
cvs rdiff -u -r1.92 -r1.93 pkgsrc/graphics/png/distinfo
-rw-r--r-- | graphics/png/Makefile | 4 | ||||
-rw-r--r-- | graphics/png/distinfo | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/graphics/png/Makefile b/graphics/png/Makefile index 8e95e4634ce..20028171948 100644 --- a/graphics/png/Makefile +++ b/graphics/png/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.141.2.1 2012/02/05 22:56:27 tron Exp $ +# $NetBSD: Makefile,v 1.141.2.2 2012/02/19 13:56:36 spz Exp $ -DISTNAME= libpng-1.5.8 +DISTNAME= libpng-1.5.9 PKGNAME= ${DISTNAME:S/lib//} CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libpng/} \ diff --git a/graphics/png/distinfo b/graphics/png/distinfo index e286a3caf24..ee9130e27cb 100644 --- a/graphics/png/distinfo +++ b/graphics/png/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.89.2.1 2012/02/05 22:56:27 tron Exp $ +$NetBSD: distinfo,v 1.89.2.2 2012/02/19 13:56:36 spz Exp $ -SHA1 (libpng-1.5.8.tar.bz2) = 46fdc2ab3fef9cf0949b1d7374cda9ea37ed5419 -RMD160 (libpng-1.5.8.tar.bz2) = 643ef6a0720e51a1dc326971db35846d02bbca10 -Size (libpng-1.5.8.tar.bz2) = 865525 bytes +SHA1 (libpng-1.5.9.tar.bz2) = 844e6ebc739a332178a327e74ff7c42ddb93f442 +RMD160 (libpng-1.5.9.tar.bz2) = 02404bcbc695964c951905a489f1f0654b62670b +Size (libpng-1.5.9.tar.bz2) = 865782 bytes SHA1 (patch-aa) = aaf79ebb8a18448c096c17ae9b02da02bc537db2 |