![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / devel / zlib / patches
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.4, Thu Nov 4 14:17:55 2004 UTC (17 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2,
pkgsrc-2012Q4-base,
pkgsrc-2012Q4,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
pkgsrc-2007Q3-base,
pkgsrc-2007Q3,
pkgsrc-2007Q2-base,
pkgsrc-2007Q2,
pkgsrc-2007Q1-base,
pkgsrc-2007Q1,
pkgsrc-2006Q4-base,
pkgsrc-2006Q4,
pkgsrc-2006Q3-base,
pkgsrc-2006Q3,
pkgsrc-2006Q2-base,
pkgsrc-2006Q2,
pkgsrc-2006Q1-base,
pkgsrc-2006Q1,
pkgsrc-2005Q4-base,
pkgsrc-2005Q4,
pkgsrc-2005Q3-base,
pkgsrc-2005Q3,
pkgsrc-2005Q2-base,
pkgsrc-2005Q2,
pkgsrc-2005Q1-base,
pkgsrc-2005Q1,
pkgsrc-2004Q4-base,
pkgsrc-2004Q4,
cube-native-xorg-base,
cube-native-xorg,
HEAD
Changes since 1.3: +1 -1
lines
FILE REMOVED
Changes 1.2.2: * Eliminate a potential security vulnerability when decoding invalid compressed data * Fix bug when decompressing dynamic blocks with no distance codes * Do not return error when using gzread() on an empty file
Revision 1.3 / (download) - annotate - [select for diffs], Tue Aug 31 23:16:23 2004 UTC (17 years, 8 months ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base,
pkgsrc-2004Q3
Changes since 1.2: +11 -43
lines
Diff to previous 1.2 (colored)
Added two patches for fixing possible security issue. The CVS security ID is CAN-2004-0797. The fix is same as used by OpenBSD, Debian and Gentoo. (Didn't see any reference to issue on zlib webpages.) The OpenBSD announcement "zlib reliabilty fix" says: "could allow an attacker to crash programs linked with it." And the Gentoo announcement says "zlib contains a bug in the handling of errors in the inflate() and inflateBack() functions. ... An attacker could exploit this vulnerability to launch a Denial of Service attack on any application using the zlib library." PKGREVISION is bumped and BUILDLINK_RECOMMENDED.zlib added to buildlink3.mk file.
Revision 1.2, Mon Jan 12 21:19:50 2004 UTC (18 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base,
pkgsrc-2004Q2,
pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Changes since 1.1: +1 -1
lines
FILE REMOVED
Changes 1.2.1: * inflate is about 20% faster and minimizes memory allocation * crc32 is about 50% faster * new functions and functionality * more supported architectures
Revision 1.1.2.2 / (download) - annotate - [select for diffs], Thu Jun 19 00:51:33 2003 UTC (18 years, 11 months ago) by grant
Branch: netbsd-1-6-1
Changes since 1.1.2.1: +46 -0
lines
Diff to previous 1.1.2.1 (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)
Create new file from rev 1.1 (requested by salo in ticket #1291): Darwin has no static libz, mark it incompatible. mark Linux zlib as incompatible to avoid using base zlib which can cause problems with pkgsrc libtool, eg. libtool: link: AGE `4' is greater than the current interface number `1' libtool: link: `1:1:4' is not valid version information libtool: install: `libz.la' is not a valid libtool archive Added fix for CAN-2003-0107 - Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. From OpenBSD. Restore configure target and add check for [v]snprintf. Bump PKGREVISION.
Revision 1.1.2.1, Wed Mar 5 13:05:45 2003 UTC (19 years, 2 months ago) by grant
Branch: netbsd-1-6-1
Changes since 1.1: +0 -46
lines
FILE REMOVED
file patch-ac was added on branch netbsd-1-6-1 on 2003-06-19 00:51:33 +0000
Revision 1.1 / (download) - annotate - [select for diffs], Wed Mar 5 13:05:45 2003 UTC (19 years, 2 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base,
pkgsrc-2003Q4
Branch point for: netbsd-1-6-1
Added fix for CAN-2003-0107 - Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. From OpenBSD. Restore configure target and add check for [v]snprintf. Bump PKGREVISION.