ALT Linux Sisyphus cybertalk
 help / color / mirror / Atom feed
* [cyber] I: Sisyphus-4.0-branch packages: +3 (6046)
@ 2007-07-31 22:05 QA Team Robot
  0 siblings, 0 replies; only message in thread
From: QA Team Robot @ 2007-07-31 22:05 UTC (permalink / raw)
  To: sisyphus-cybertalk

	3 UPDATED packages

GraphicsMagick - An X application for displaying and manipulating images
* Mon Jul 30 2007 Slava Dubrovskiy <dubrsl@altlinux> 1.1.8-alt1
- New version
- Removed patches from debian (in upstream)
- Security Fixes:
  + Shell command injection via delegates subsystem (CVE-2005-4601).
  + Insecure use of filenames as a "sprintf" specification (CVE-2006-0082).
  + EXIF IFD stack overflow vulnerability.
  + BMP  format: Verify seek before proceeding.
  + DCM  format: Buffer overflow prevention (CVE-2006-5456).
  + DCM  format: Integer overflow prevention (CVE-2007-1797).
  + PALM format: Heap overflow prevention (CVE-2006-5456).
  + SGI  format: Fixes for RLE decoding issue (CVE-2006-4144).
  + XCF  format: Buffer overflow prevention, infinite loop prevention.
- Bugs Fixed:
  + Typo when searching for HTMLDecodeDelegate.
  + Avoid crash if delegate program fails to return an image.
  + EXIF memory leak fixes.
  + Command parser memory leak fixes.
  + Deadlock fix for event log initialization.
  + Work with latest Ghostscript "GPL Ghostscript" under Windows.
  + 'gm import' now returns image of appropriate depth.
  + Fixed memory map resource managment.
  + Fixed includedir variable in pkg-config files.
  + Fixed validation of -affine argument.
  + Fixed bug where fseeko() and ftello() were not used when available.
  + Fixed issue when pread() and pwrite() prototypes are missing.
  + Fixed pixel cache issues when size_t is an unsigned type.
  + Fixed dcraw delegate options to work with modern dcraw.
  + Fixed -level argument parsing to allow embedded % characters.
  + Fix for segfault in InitializeMagick(NULL).
  + Fix for segfault in ModifyCache().
  + Fix for Wand MagickGetQuantumDepth() interface.
  + Fix for GrayscalePseudoClassImage() on 64-bit systems.
  + Fix for MagickReallocMemory memory leak under certain error conditions.
  + Validate BLOB access range.
  + ICON format: Segfault fix.
  + JPEG format: Fixed reading 12-bit grayscale JPEG.
  + MAT  format: Stability improvements.
  + MIFF format: Handle a compression value of 'None'.
  + PCX  format: Segfault fix.  Heap overflow fix.
  + PDF  format: Fixed writing with JPEG compression.
  + PICT format: Segfault fix.
  + PNG  format: Fixed compile problem with some libpng versions. Segfault fix.
  + PNM  format: Fixed scaling problem due to rounding error. Validate scaling.
  + PSD  format: Fixed memory leak with layerd PSD files.
  + SGI  format: Handle 16-bit SGI image files correctly.
  + SUN  format: Segfault fix.
  + TIFF format: Secure error reporting.  Finally support LZW under Windows.
  + WPG  format: Fixed crash with clip-art WPG files.
  + XWD  format: Fix for integer under/overflow.
- Feature Improvements
  + CIN format: Implementation is entirely replaced.
  + MAT format: Support Byte and Word formats, as well as big/little endian.
  + WPG format: Support for CTM translation.
* Thu Apr 12 2007 Slava Dubrovskiy <dubrsl@altlinux> 1.1.7-alt7

apache - The most widely used Web server on the Internet
* Tue Jul 31 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt5
- merged security fix from RHEL2.1 (RH#245116):
  + CVE-2007-3304 (DoS by referencing an arbitrary process ID in scoreboard
    which then gets SIGUSR1 from master process; requires scripting ability)
* Tue Jun 26 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt4
- verified and disambiguated mime types; thanks Denis Smirnov (mithraen@)
  for a linter pass (fixes: #12141, #11461)
* Fri Apr 06 2007 Michael Shigorin <mike@altlinux> 1.3.37rusPL30.23-alt3

cups - Common Unix Printing System - server package             	[12M]
* Tue Jul 31 2007 Stanislav Ievlev <inger@altlinux> 1.2.12-alt2
- CVE-2007-3387
* Tue Jul 17 2007 Stanislav Ievlev <inger@altlinux> 1.2.12-alt1

Total 6046 source packages.


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2007-07-31 22:05 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-07-31 22:05 [cyber] I: Sisyphus-4.0-branch packages: +3 (6046) QA Team Robot

ALT Linux Sisyphus cybertalk

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \
		sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com
	public-inbox-index sisyphus-cybertalk

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git