[cyber] I: Sisyphus-4.0-branch packages: +3 (6046)

ALT Linux Sisyphus cybertalk
 help / color / mirror / Atom feed

From: QA Team Robot <qa@altlinux.org>
To: sisyphus-cybertalk@lists.altlinux.org
Subject: [cyber] I: Sisyphus-4.0-branch packages: +3 (6046)
Date: Wed, 1 Aug 2007 02:05:28 +0400
Message-ID: <20070731220528.GA15459@hint1.office.altlinux.org> (raw)

	3 UPDATED packages

GraphicsMagick - An X application for displaying and manipulating images
* Mon Jul 30 2007 Slava Dubrovskiy <dubrsl@altlinux> 1.1.8-alt1
- New version
- Removed patches from debian (in upstream)
- Security Fixes:
  + Shell command injection via delegates subsystem (CVE-2005-4601).
  + Insecure use of filenames as a "sprintf" specification (CVE-2006-0082).
  + EXIF IFD stack overflow vulnerability.
  + BMP  format: Verify seek before proceeding.
  + DCM  format: Buffer overflow prevention (CVE-2006-5456).
  + DCM  format: Integer overflow prevention (CVE-2007-1797).
  + PALM format: Heap overflow prevention (CVE-2006-5456).
  + SGI  format: Fixes for RLE decoding issue (CVE-2006-4144).
  + XCF  format: Buffer overflow prevention, infinite loop prevention.
- Bugs Fixed:
  + Typo when searching for HTMLDecodeDelegate.
  + Avoid crash if delegate program fails to return an image.
  + EXIF memory leak fixes.
  + Command parser memory leak fixes.
  + Deadlock fix for event log initialization.
  + Work with latest Ghostscript "GPL Ghostscript" under Windows.
  + 'gm import' now returns image of appropriate depth.
  + Fixed memory map resource managment.
  + Fixed includedir variable in pkg-config files.
  + Fixed validation of -affine argument.
  + Fixed bug where fseeko() and ftello() were not used when available.
  + Fixed issue when pread() and pwrite() prototypes are missing.
  + Fixed pixel cache issues when size_t is an unsigned type.
  + Fixed dcraw delegate options to work with modern dcraw.
  + Fixed -level argument parsing to allow embedded % characters.
  + Fix for segfault in InitializeMagick(NULL).
  + Fix for segfault in ModifyCache().
  + Fix for Wand MagickGetQuantumDepth() interface.
  + Fix for GrayscalePseudoClassImage() on 64-bit systems.
  + Fix for MagickReallocMemory memory leak under certain error conditions.
  + Validate BLOB access range.
  + ICON format: Segfault fix.
  + JPEG format: Fixed reading 12-bit grayscale JPEG.
  + MAT  format: Stability improvements.
  + MIFF format: Handle a compression value of 'None'.
  + PCX  format: Segfault fix.  Heap overflow fix.
  + PDF  format: Fixed writing with JPEG compression.
  + PICT format: Segfault fix.
  + PNG  format: Fixed compile problem with some libpng versions. Segfault fix.
  + PNM  format: Fixed scaling problem due to rounding error. Validate scaling.
  + PSD  format: Fixed memory leak with layerd PSD files.
  + SGI  format: Handle 16-bit SGI image files correctly.
  + SUN  format: Segfault fix.
  + TIFF format: Secure error reporting.  Finally support LZW under Windows.
  + WPG  format: Fixed crash with clip-art WPG files.
  + XWD  format: Fix for integer under/overflow.
- Feature Improvements
  + CIN format: Implementation is entirely replaced.
  + MAT format: Support Byte and Word formats, as well as big/little endian.
  + WPG format: Support for CTM translation.
* Thu Apr 12 2007 Slava Dubrovskiy <dubrsl@altlinux> 1.1.7-alt7

apache - The most widely used Web server on the Internet
* Tue Jul 31 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt5
- merged security fix from RHEL2.1 (RH#245116):
  + CVE-2007-3304 (DoS by referencing an arbitrary process ID in scoreboard
    which then gets SIGUSR1 from master process; requires scripting ability)
* Tue Jun 26 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt4
- verified and disambiguated mime types; thanks Denis Smirnov (mithraen@)
  for a linter pass (fixes: #12141, #11461)
* Fri Apr 06 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt3

cups - Common Unix Printing System - server package             	[12M]
* Tue Jul 31 2007 Stanislav Ievlev <inger@altlinux> 1.2.12-alt2
- CVE-2007-3387
* Tue Jul 17 2007 Stanislav Ievlev <inger@altlinux> 1.2.12-alt1

Total 6046 source packages.

                 reply	other threads:[~2007-07-31 22:05 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070731220528.GA15459@hint1.office.altlinux.org \
    --to=qa@altlinux.org \
    --cc=devel@lists.altlinux.org \
    --cc=sisyphus-cybertalk@lists.altlinux.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

ALT Linux Sisyphus cybertalk

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \
		sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com
	public-inbox-index sisyphus-cybertalk

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git