|
security fix for libexif
Revisions pulled up:
- pkgsrc/graphics/libexif/Makefile 1.24, 1.25
- pkgsrc/graphics/libexif/PLIST 1.12
- pkgsrc/graphics/libexif/distinfo 1.13, 1.14, 1.15
- pkgsrc/graphics/libexif/buildlink3.mk 1.7
- pkgsrc/graphics/libexif/patches/patch-aa 1.3
- pkgsrc/graphics/libexif/patches/patch-ab 1.3
- pkgsrc/graphics/libexif/patches/patch-ac 1.1
Module Name: pkgsrc
Committed By: adam
Date: Wed Apr 20 12:40:41 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: Makefile PLIST distinfo
Removed Files:
pkgsrc/graphics/libexif/patches: patch-aa patch-ab
Log Message:
Changes 0.6.12:
* Final fix of Ubuntu Security Notice USN-91-1 (CAN-2005-0664)
https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152
* Updated build system with cross compile capabilities
* Small fixes:
Fix tag order, use even offsets, improve Nikon&Olympus mnote tags.
----
Module Name: pkgsrc
Committed By: minskim
Date: Mon May 9 13:21:16 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: distinfo
Added Files:
pkgsrc/graphics/libexif/patches: patch-aa patch-ab
Log Message:
Declare a static function in .c, not in .h.
----
Module Name: pkgsrc
Committed By: salo
Date: Fri May 13 11:58:00 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/graphics/libexif/patches: patch-ac
Log Message:
Security fix:
"Matthias Clasen has reported a vulnerability in libexif, which can be
exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an infinite recursion in the
"exif_data_load_data_content()" function and can be exploited to
cause a stack overflow when parsing a specially crafted image.
Successful exploitation may crash an application linked against the
vulnerable library."
Bump PKGREVISION. Patch from:
http://sourceforge.net/tracker/index.php?func=detail&aid=1196787&group_id=12272&atid=112272
|
