Mailinglist Archive: opensuse-commit (1248 mails)

< Previous Next >
commit imlib2 for openSUSE:Factory
  • From: root@xxxxxxxxxxxxxxx (h_root)
  • Date: Fri, 30 Apr 2010 01:18:01 +0200
  • Message-id: <20100429231801.9E4D220246@xxxxxxxxxxxxxxx>

Hello community,

here is the log from the commit of package imlib2 for openSUSE:Factory
checked in at Fri Apr 30 01:18:01 CEST 2010.



--------
--- imlib2/imlib2.changes 2010-04-15 12:02:33.000000000 +0200
+++ /mounts/work_src_done/STABLE/imlib2/imlib2.changes 2010-04-29
17:06:05.000000000 +0200
@@ -1,0 +2,5 @@
+Thu Apr 29 17:05:34 CEST 2010 - meissner@xxxxxxx
+
+- fixed incorrect overflow checking (CVE-2010-0991, bnc#598935)
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


New:
----
imlib2-1.4.3-fixoverflow-checker.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ imlib2.spec ++++++
--- /var/tmp/diff_new_pack.XcQ0fP/_old 2010-04-30 01:10:47.000000000 +0200
+++ /var/tmp/diff_new_pack.XcQ0fP/_new 2010-04-30 01:10:47.000000000 +0200
@@ -21,10 +21,11 @@
BuildRequires: freetype2-devel giflib-devel libpng-devel libtiff-devel
xorg-x11-devel
Summary: Image handling and conversion library.
Version: 1.4.3
-Release: 1
+Release: 2
License: BSD3c(or similar)
Group: Development/Libraries/X11
Source: %name-%version.tar.bz2
+Patch0: %name-%version-fixoverflow-checker.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Url: http://sourceforge.net/projects/enlightenment/
Suggests: imlib2-loaders
@@ -90,6 +91,7 @@

%prep
%setup -q
+%patch0 -p1

%build
autoreconf --force --install

++++++ imlib2-1.4.3-fixoverflow-checker.patch ++++++
diff -ur imlib2-1.4.3/src/lib/image.h imlib2/src/lib/image.h
--- imlib2-1.4.3/src/lib/image.h 2010-03-14 16:26:27.000000000 +0100
+++ imlib2/src/lib/image.h 2010-04-29 17:00:27.375691000 +0200
@@ -190,6 +190,6 @@

# define IMAGE_DIMENSIONS_OK(w, h) \
( ((w) > 0) && ((h) > 0) && \
- ((unsigned long long)(w) * (unsigned long long)(w) <= (1ULL << 29) - 1) )
+ ((unsigned long long)(w) * (unsigned long long)(h) <= (1ULL << 29) - 1) )

#endif

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread