diff options
author | reed <reed@pkgsrc.org> | 2004-08-31 23:16:23 +0000 |
---|---|---|
committer | reed <reed@pkgsrc.org> | 2004-08-31 23:16:23 +0000 |
commit | f381b343476caba59fb143c273cd5c712e102274 (patch) | |
tree | 1dbd2b1fe164d7d22638e14ffbbe946064feeda3 /devel/zlib/distinfo | |
parent | bbf0bd1018647ac32030d92705310a9284f2da65 (diff) | |
download | pkgsrc-f381b343476caba59fb143c273cd5c712e102274.tar.gz |
Added two patches for fixing possible security issue.
The CVS security ID is CAN-2004-0797.
The fix is same as used by OpenBSD, Debian and Gentoo.
(Didn't see any reference to issue on zlib webpages.)
The OpenBSD announcement "zlib reliabilty fix" says:
"could allow an attacker to crash programs linked
with it."
And the Gentoo announcement says "zlib contains a bug in the handling
of errors in the inflate() and inflateBack() functions. ... An
attacker could exploit this vulnerability to launch a Denial of
Service attack on any application using the zlib library."
PKGREVISION is bumped and BUILDLINK_RECOMMENDED.zlib added to
buildlink3.mk file.
Diffstat (limited to 'devel/zlib/distinfo')
-rw-r--r-- | devel/zlib/distinfo | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/devel/zlib/distinfo b/devel/zlib/distinfo index 0c8c8d473e7..18c6f2fa6e5 100644 --- a/devel/zlib/distinfo +++ b/devel/zlib/distinfo @@ -1,5 +1,7 @@ -$NetBSD: distinfo,v 1.8 2004/05/26 03:20:38 jschauma Exp $ +$NetBSD: distinfo,v 1.9 2004/08/31 23:16:23 reed Exp $ SHA1 (zlib-1.2.1.tar.gz) = a3d51efc98b87b9ebd1a528d726007b0cb08a612 Size (zlib-1.2.1.tar.gz) = 345833 bytes SHA1 (patch-aa) = 98ad332ebd33ab7eaa4fc8ee9a4b9269ba823b49 +SHA1 (patch-ab) = 1632590ca7c324d895686bab9c32cf104e9aa058 +SHA1 (patch-ac) = a345342e69d09c1172ac5c968511f4657fdd80cb |