Added two patches for fixing possible security issue.

The CVS security ID is CAN-2004-0797. The fix is same as used by OpenBSD, Debian and Gentoo. (Didn't see any reference to issue on zlib webpages.) The OpenBSD announcement "zlib reliabilty fix" says: "could allow an attacker to crash programs linked with it." And the Gentoo announcement says "zlib contains a bug in the handling of errors in the inflate() and inflateBack() functions. ... An attacker could exploit this vulnerability to launch a Denial of Service attack on any application using the zlib library." PKGREVISION is bumped and BUILDLINK_RECOMMENDED.zlib added to buildlink3.mk file.
author: reed <reed@pkgsrc.org> 2004-08-31 23:16:23 +0000
committer: reed <reed@pkgsrc.org> 2004-08-31 23:16:23 +0000
commit: f381b343476caba59fb143c273cd5c712e102274 (patch)
tree: 1dbd2b1fe164d7d22638e14ffbbe946064feeda3 /devel/zlib/distinfo
parent: bbf0bd1018647ac32030d92705310a9284f2da65 (diff)
download: pkgsrc-f381b343476caba59fb143c273cd5c712e102274.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/devel/zlib/distinfo b/devel/zlib/distinfo
index 0c8c8d473e7..18c6f2fa6e5 100644
--- a/devel/zlib/distinfo
+++ b/devel/zlib/distinfo
@@ -1,5 +1,7 @@
-$NetBSD: distinfo,v 1.8 2004/05/26 03:20:38 jschauma Exp $
+$NetBSD: distinfo,v 1.9 2004/08/31 23:16:23 reed Exp $
 
 SHA1 (zlib-1.2.1.tar.gz) = a3d51efc98b87b9ebd1a528d726007b0cb08a612
 Size (zlib-1.2.1.tar.gz) = 345833 bytes
 SHA1 (patch-aa) = 98ad332ebd33ab7eaa4fc8ee9a4b9269ba823b49
+SHA1 (patch-ab) = 1632590ca7c324d895686bab9c32cf104e9aa058
+SHA1 (patch-ac) = a345342e69d09c1172ac5c968511f4657fdd80cb
author	reed <reed@pkgsrc.org>	2004-08-31 23:16:23 +0000
committer	reed <reed@pkgsrc.org>	2004-08-31 23:16:23 +0000
commit	f381b343476caba59fb143c273cd5c712e102274 (patch)
tree	1dbd2b1fe164d7d22638e14ffbbe946064feeda3 /devel/zlib/distinfo
parent	bbf0bd1018647ac32030d92705310a9284f2da65 (diff)
download	pkgsrc-f381b343476caba59fb143c273cd5c712e102274.tar.gz