rpms/SDL_image/F-7 SDL_image-buffer-overflow.patch, NONE, 1.1 SDL_image.spec, 1.12, 1.13
Brian Pepple (bpepple)
fedora-extras-commits at redhat.com
Fri Jan 25 15:09:47 UTC 2008
- Previous message (by thread): rpms/xdg-utils/EL-4 xdg-utils-1.0.2-CVE-2008-0386.patch, NONE, 1.1 xdg-utils.spec, 1.12, 1.13
- Next message (by thread): rpms/rpm/devel rpm-4.4.2.3-nss.patch, NONE, 1.1 rpm-4.4.2.3-queryformat-arch.patch, NONE, 1.1 .cvsignore, 1.22, 1.23 rpm.spec, 1.275, 1.276 sources, 1.128, 1.129 rpm-4.4.2.2-base64-unsigned-char.patch, 1.1, NONE rpm-4.4.2.2-cryptoinit.patch, 1.2, NONE rpm-4.4.2.2-debugedit-fpc.patch, 1.1, NONE rpm-4.4.2.2-gcc43.patch, 1.2, NONE rpm-4.4.2.2-no-targetreset.patch, 1.1, NONE rpm-4.4.2.2-nonutf-comment.patch, 1.1, NONE rpm-4.4.2.2-nss.patch, 1.1, NONE rpm-4.4.2.2-osgideps.patch, 1.1, NONE rpm-4.4.2.2-problem-nevra.patch, 1.1, NONE rpm-4.4.2.2-pyproblem.patch, 1.1, NONE rpm-4.4.2.2-secondary-arch-macros.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: bpepple
Update of /cvs/pkgs/rpms/SDL_image/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12534
Modified Files:
SDL_image.spec
Added Files:
SDL_image-buffer-overflow.patch
Log Message:
* Thu Jan 24 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-5
- Add patch to fix buffer-overflow. (#430100)
SDL_image-buffer-overflow.patch:
--- NEW FILE SDL_image-buffer-overflow.patch ---
--- trunk/SDL_image/IMG_gif.c 2007/12/28 08:17:23 3461
+++ trunk/SDL_image/IMG_gif.c 2007/12/28 16:43:56 3462
@@ -418,6 +418,10 @@
static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
register int i;
+ /* Fixed buffer overflow found by Michael Skladnikiewicz */
+ if (input_code_size > MAX_LWZ_BITS)
+ return -1;
+
if (flag) {
set_code_size = input_code_size;
code_size = set_code_size + 1;
Index: SDL_image.spec
===================================================================
RCS file: /cvs/pkgs/rpms/SDL_image/F-7/SDL_image.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- SDL_image.spec 5 Aug 2007 22:06:25 -0000 1.12
+++ SDL_image.spec 25 Jan 2008 15:08:56 -0000 1.13
@@ -1,6 +1,6 @@
Name: SDL_image
Version: 1.2.5
-Release: 5%{?dist}
+Release: 6%{?dist}
Summary: Image loading library for SDL
Group: System Environment/Libraries
@@ -8,6 +8,7 @@
URL: http://www.libsdl.org/projects/SDL_image/
Source0: http://www.libsdl.org/projects/%{name}/release/%{name}-%{version}.tar.gz
Patch0: %{name}-1.2.5-IMG_xpm.patch
+Patch1: %{name}-buffer-overflow.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: SDL-devel >= 1.2.10
@@ -38,6 +39,7 @@
%prep
%setup -q
%patch0 -p0 -b .imgxpm
+%patch1 -p2 -b .overflow
%build
@@ -84,6 +86,9 @@
%changelog
+* Thu Jan 24 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-5
+- Add patch to fix buffer-overflow. (#430100)
+
* Sun Aug 5 2007 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-5
- Update license tag.
- Previous message (by thread): rpms/xdg-utils/EL-4 xdg-utils-1.0.2-CVE-2008-0386.patch, NONE, 1.1 xdg-utils.spec, 1.12, 1.13
- Next message (by thread): rpms/rpm/devel rpm-4.4.2.3-nss.patch, NONE, 1.1 rpm-4.4.2.3-queryformat-arch.patch, NONE, 1.1 .cvsignore, 1.22, 1.23 rpm.spec, 1.275, 1.276 sources, 1.128, 1.129 rpm-4.4.2.2-base64-unsigned-char.patch, 1.1, NONE rpm-4.4.2.2-cryptoinit.patch, 1.2, NONE rpm-4.4.2.2-debugedit-fpc.patch, 1.1, NONE rpm-4.4.2.2-gcc43.patch, 1.2, NONE rpm-4.4.2.2-no-targetreset.patch, 1.1, NONE rpm-4.4.2.2-nonutf-comment.patch, 1.1, NONE rpm-4.4.2.2-nss.patch, 1.1, NONE rpm-4.4.2.2-osgideps.patch, 1.1, NONE rpm-4.4.2.2-problem-nevra.patch, 1.1, NONE rpm-4.4.2.2-pyproblem.patch, 1.1, NONE rpm-4.4.2.2-secondary-arch-macros.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list