The NetBSD Project

CVS log for pkgsrc/devel/zlib/patches/Attic/patch-ac

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / devel / zlib / patches

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.4, Thu Nov 4 14:17:55 2004 UTC (17 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3, pkgsrc-2006Q2-base, pkgsrc-2006Q2, pkgsrc-2006Q1-base, pkgsrc-2006Q1, pkgsrc-2005Q4-base, pkgsrc-2005Q4, pkgsrc-2005Q3-base, pkgsrc-2005Q3, pkgsrc-2005Q2-base, pkgsrc-2005Q2, pkgsrc-2005Q1-base, pkgsrc-2005Q1, pkgsrc-2004Q4-base, pkgsrc-2004Q4, cube-native-xorg-base, cube-native-xorg, HEAD
Changes since 1.3: +1 -1 lines
FILE REMOVED

Changes 1.2.2:
* Eliminate a potential security vulnerability when decoding invalid compressed data
* Fix bug when decompressing dynamic blocks with no distance codes
* Do not return error when using gzread() on an empty file

Revision 1.3 / (download) - annotate - [select for diffs], Tue Aug 31 23:16:23 2004 UTC (17 years, 8 months ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3
Changes since 1.2: +11 -43 lines
Diff to previous 1.2 (colored)

Added two patches for fixing possible security issue.
The CVS security ID is CAN-2004-0797.

The fix is same as used by OpenBSD, Debian and Gentoo.
(Didn't see any reference to issue on zlib webpages.)

The OpenBSD announcement "zlib reliabilty fix" says:
"could allow an attacker to crash programs linked
with it."

And the Gentoo announcement says "zlib contains a bug in the handling
of errors in the inflate() and inflateBack() functions. ... An
attacker could exploit this vulnerability to launch a Denial of
Service attack on any application using the zlib library."

PKGREVISION is bumped and BUILDLINK_RECOMMENDED.zlib added to
buildlink3.mk file.

Revision 1.2, Mon Jan 12 21:19:50 2004 UTC (18 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base, pkgsrc-2004Q2, pkgsrc-2004Q1-base, pkgsrc-2004Q1
Changes since 1.1: +1 -1 lines
FILE REMOVED

Changes 1.2.1:
	* inflate is about 20% faster and minimizes memory allocation
	* crc32 is about 50% faster
	* new functions and functionality
	* more supported architectures

Revision 1.1.2.2 / (download) - annotate - [select for diffs], Thu Jun 19 00:51:33 2003 UTC (18 years, 11 months ago) by grant
Branch: netbsd-1-6-1
Changes since 1.1.2.1: +46 -0 lines
Diff to previous 1.1.2.1 (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)

Create new file from rev 1.1 (requested by salo in ticket #1291):

Darwin has no static libz, mark it incompatible.

mark Linux zlib as incompatible to avoid using base zlib which can
cause problems with pkgsrc libtool, eg.

libtool: link: AGE `4' is greater than the current interface number `1'
libtool: link: `1:1:4' is not valid version information
libtool: install: `libz.la' is not a valid libtool archive

Added fix for CAN-2003-0107 -
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled
without vsnprintf or when long inputs are truncated using vsnprintf, allows
attackers to cause a denial of service or possibly execute arbitrary code.
From OpenBSD.

Restore configure target and add check for [v]snprintf.

Bump PKGREVISION.

Revision 1.1.2.1, Wed Mar 5 13:05:45 2003 UTC (19 years, 2 months ago) by grant
Branch: netbsd-1-6-1
Changes since 1.1: +0 -46 lines
FILE REMOVED

file patch-ac was added on branch netbsd-1-6-1 on 2003-06-19 00:51:33 +0000

Revision 1.1 / (download) - annotate - [select for diffs], Wed Mar 5 13:05:45 2003 UTC (19 years, 2 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Branch point for: netbsd-1-6-1

Added fix for CAN-2003-0107 -
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled
without vsnprintf or when long inputs are truncated using vsnprintf, allows
attackers to cause a denial of service or possibly execute arbitrary code.
From OpenBSD.

Restore configure target and add check for [v]snprintf.

Bump PKGREVISION.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>