CVS log for pkgsrc/graphics/libwmf/Makefile

Up to [cvs.NetBSD.org] / pkgsrc / graphics / libwmf

Request diff between arbitrary revisions

Default branch: MAIN
Current tag: pkgsrc-2006Q3

Revision 1.60 / (download) - annotate - [select for diffs], Sun Aug 20 21:38:45 2006 UTC (17 years, 8 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)

Security fix for CVE-2006-3376:

"A vulnerability in libwmf can be potentially exploited by malicious
 people to compromise an application using the vulnerable library.

 The vulnerability is caused due to an integer overflow error when
 allocating memory based on a value taken directly from a WMF file
 without performing any checks. This can be exploited to cause a
 heap-based buffer overflow when a specially crafted WMF file is
 processed.

 Successful exploitation may allow execution of arbitrary code."

http://secunia.com/advisories/20921/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376

Patch from Red Hat.  Bump PKGREVISION.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Diffs between
and

Preferred Diff type:
View only Branch:
Sort log by:

CVSweb <webmaster@jp.NetBSD.org>