From: QA Team Robot <qa@altlinux.org> To: sisyphus-cybertalk@lists.altlinux.org Subject: [cyber] I: Sisyphus-4.0-branch packages: +3 (6046) Date: Wed, 1 Aug 2007 02:05:28 +0400 Message-ID: <20070731220528.GA15459@hint1.office.altlinux.org> (raw) 3 UPDATED packages GraphicsMagick - An X application for displaying and manipulating images * Mon Jul 30 2007 Slava Dubrovskiy <dubrsl@altlinux> 1.1.8-alt1 - New version - Removed patches from debian (in upstream) - Security Fixes: + Shell command injection via delegates subsystem (CVE-2005-4601). + Insecure use of filenames as a "sprintf" specification (CVE-2006-0082). + EXIF IFD stack overflow vulnerability. + BMP format: Verify seek before proceeding. + DCM format: Buffer overflow prevention (CVE-2006-5456). + DCM format: Integer overflow prevention (CVE-2007-1797). + PALM format: Heap overflow prevention (CVE-2006-5456). + SGI format: Fixes for RLE decoding issue (CVE-2006-4144). + XCF format: Buffer overflow prevention, infinite loop prevention. - Bugs Fixed: + Typo when searching for HTMLDecodeDelegate. + Avoid crash if delegate program fails to return an image. + EXIF memory leak fixes. + Command parser memory leak fixes. + Deadlock fix for event log initialization. + Work with latest Ghostscript "GPL Ghostscript" under Windows. + 'gm import' now returns image of appropriate depth. + Fixed memory map resource managment. + Fixed includedir variable in pkg-config files. + Fixed validation of -affine argument. + Fixed bug where fseeko() and ftello() were not used when available. + Fixed issue when pread() and pwrite() prototypes are missing. + Fixed pixel cache issues when size_t is an unsigned type. + Fixed dcraw delegate options to work with modern dcraw. + Fixed -level argument parsing to allow embedded % characters. + Fix for segfault in InitializeMagick(NULL). + Fix for segfault in ModifyCache(). + Fix for Wand MagickGetQuantumDepth() interface. + Fix for GrayscalePseudoClassImage() on 64-bit systems. + Fix for MagickReallocMemory memory leak under certain error conditions. + Validate BLOB access range. + ICON format: Segfault fix. + JPEG format: Fixed reading 12-bit grayscale JPEG. + MAT format: Stability improvements. + MIFF format: Handle a compression value of 'None'. + PCX format: Segfault fix. Heap overflow fix. + PDF format: Fixed writing with JPEG compression. + PICT format: Segfault fix. + PNG format: Fixed compile problem with some libpng versions. Segfault fix. + PNM format: Fixed scaling problem due to rounding error. Validate scaling. + PSD format: Fixed memory leak with layerd PSD files. + SGI format: Handle 16-bit SGI image files correctly. + SUN format: Segfault fix. + TIFF format: Secure error reporting. Finally support LZW under Windows. + WPG format: Fixed crash with clip-art WPG files. + XWD format: Fix for integer under/overflow. - Feature Improvements + CIN format: Implementation is entirely replaced. + MAT format: Support Byte and Word formats, as well as big/little endian. + WPG format: Support for CTM translation. * Thu Apr 12 2007 Slava Dubrovskiy <dubrsl@altlinux> 1.1.7-alt7 apache - The most widely used Web server on the Internet * Tue Jul 31 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt5 - merged security fix from RHEL2.1 (RH#245116): + CVE-2007-3304 (DoS by referencing an arbitrary process ID in scoreboard which then gets SIGUSR1 from master process; requires scripting ability) * Tue Jun 26 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt4 - verified and disambiguated mime types; thanks Denis Smirnov (mithraen@) for a linter pass (fixes: #12141, #11461) * Fri Apr 06 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt3 cups - Common Unix Printing System - server package [12M] * Tue Jul 31 2007 Stanislav Ievlev <inger@altlinux> 1.2.12-alt2 - CVE-2007-3387 * Tue Jul 17 2007 Stanislav Ievlev <inger@altlinux> 1.2.12-alt1 Total 6046 source packages.
reply other threads:[~2007-07-31 22:05 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20070731220528.GA15459@hint1.office.altlinux.org \ --to=qa@altlinux.org \ --cc=devel@lists.altlinux.org \ --cc=sisyphus-cybertalk@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Sisyphus cybertalk This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \ sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com public-inbox-index sisyphus-cybertalk Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk AGPL code for this site: git clone https://public-inbox.org/public-inbox.git