rpms/tk/F-7 tk-gifoverflow.patch,NONE,1.1 tk.spec,1.39,1.40
Marcela Mašláňová (mmaslano)
fedora-extras-commits at redhat.com
Mon Oct 15 14:31:40 UTC 2007
Author: mmaslano
Update of /cvs/pkgs/rpms/tk/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23651
Modified Files:
tk.spec
Added Files:
tk-gifoverflow.patch
Log Message:
CVE-2007-5137 gif buffer overflow.
tk-gifoverflow.patch:
--- NEW FILE tk-gifoverflow.patch ---
--- tk8.4.15/generic/tkImgGIF.c.old 2006-03-27 14:13:56.000000000 +0200
+++ tk8.4.15/generic/tkImgGIF.c 2007-09-17 09:28:42.000000000 +0200
@@ -995,7 +995,7 @@
*/
if (interlace) {
ypos += interlaceStep[pass];
- while (ypos >= height) {
+ while (ypos >= rows) {
pass++;
if (pass > 3) {
return TCL_OK;
Index: tk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tk/F-7/tk.spec,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- tk.spec 20 Feb 2007 18:07:27 -0000 1.39
+++ tk.spec 15 Oct 2007 14:31:08 -0000 1.40
@@ -3,7 +3,7 @@
Summary: The graphical toolkit for the Tcl scripting language
Name: tk
Version: %{majorver}.13
-Release: 5%{?dist}
+Release: 6%{?dist}
Epoch: 1
License: BSD
Group: Development/Languages
@@ -22,6 +22,7 @@
Patch3: tk-8.4-no_rpath.patch
Patch4: tk-8.4.13-autoconf.patch
Patch5: tk-8.4.13-cflags.patch
+Patch6: tk-gifoverflow.patch
%description
When paired with the Tcl scripting language, Tk provides a fast and powerful
@@ -49,6 +50,7 @@
%patch3 -p1 -b .3-rpath
%patch4 -p1 -b .4-ac213
%patch5 -p1 -b .5-cflags
+%patch6 -p1 -b .6-gif
# patch1 touches tcl.m4
%build
@@ -117,6 +119,9 @@
%{_mandir}/man3/*
%changelog
+* Mon Oct 15 2007 Marcela Maslanova <mmaslano at redhat.com> - 1:8.4.13-6
+- CVE-2007-5137 gif buffer overflow
+
* Thu Feb 20 2007 Marcela Maslanova <mmaslano at redhat.com> - 1:8.4.13-5
- rhbz#226494 review again
More information about the fedora-extras-commits
mailing list